Total
2458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5551 | 1 Ilearnwith | 1 Alphabet \& Spelling Kids Games | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alphabet & Spelling Kids Games (aka air.com.tribalnova.ilearnwith.ipad.App1En) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5644 | 1 Intellectualflame | 1 Brightest Led Flashlight | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Brightest LED Flashlight (aka com.intellectualflame.ledflashlight.washer) application 1.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5833 | 1 Onelouder | 1 Friendcaster Chat | 2025-04-12 | 5.4 MEDIUM | N/A |
| The FriendCaster Chat (aka com.handmark.friendcaster.chat) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5560 | 1 Mdickie | 1 Popscene | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Popscene (Music Industry Sim) (aka air.Popscene) application 1.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7622 | 1 Affinitycu | 1 Affinity Mobile Atm Locator | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Affinity Mobile ATM Locator (aka com.collegemobile.affinity.locator) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5964 | 1 Megabank | 1 Megabank | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MegaBank (aka com.megabank.mobilebank) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4897 | 1 Magzter | 1 Touriosity Travelmag | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Touriosity Travelmag (aka com.magzter.touriositytravelmag) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3093 | 1 Ibm | 1 Powervc | 2025-04-12 | 2.1 LOW | N/A |
| IBM PowerVC 1.2.0 before FP3 and 1.2.1 before FP2 uses cleartext passwords in (1) api-paste.ini, (2) debug logs, (3) the installation process, (4) environment checks, (5) powervc-ldap-config, (6) powervc-restore, and (7) powervc-diag, which allows local users to obtain sensitive information by entering a ps command or reading a file. | |||||
| CVE-2014-5928 | 1 Steganos | 1 Steganos Online Shield Vpn | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4890 | 1 Magzter | 1 Nano Digest | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Nano Digest (aka com.magzter.nanodigest) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7058 | 1 Efendimizin Sunnetleri Project | 1 Efendimizin Sunnetleri | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Efendimizin Sunnetleri (aka com.wEfendimizinSunnetleri) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5732 | 1 Wamba | 1 Wamba-meet Women And Men | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Wamba - meet women and men (aka com.wamba.client) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5525 | 1 Playscape | 1 Mominis Library | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MoMinis library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7569 | 1 Bestapp | 1 Best Greatness Quotes | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Best Greatness Quotes (aka best.free.greatness.quotes.android.app) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5805 | 1 Wamba | 1 Dating For Everyone - Mamba\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dating for everyone - Mamba! (aka ru.mamba.client) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5889 | 1 Androidforums | 1 Forum For Android | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Android Forums (aka com.tapatalk.androidforumscom) application 2.4.4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-6445 | 1 Redhat | 1 Enterprise Mrg | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. | |||||
| CVE-2014-3902 | 1 Cyberagent | 1 Ameba | 2025-04-12 | 5.8 MEDIUM | N/A |
| The CyberAgent Ameba application 3.x and 4.x before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8371 | 1 Vmware | 1 Vcenter Server Appliance | 2025-04-12 | 4.3 MEDIUM | N/A |
| VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate. | |||||
| CVE-2014-6002 | 1 Dteenergy | 1 Dte Energy | 2025-04-12 | 5.4 MEDIUM | N/A |
| The DTE Energy (aka com.dteenergy.mydte) application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||