Total
2450 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7099 | 1 Magzter | 1 Woodcraft Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7570 | 1 Fire Equipments Screen Lock Project | 1 Fire Equipments Screen Lock | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fire Equipments Screen lock (aka com.locktheworld.screen.lock.theme.FireEquipments) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-2268 | 1 Dell | 1 Secureworks | 2025-04-12 | 5.8 MEDIUM | 6.8 MEDIUM |
| Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7592 | 1 Fanshawec | 1 Fol | 2025-04-12 | 5.4 MEDIUM | N/A |
| The FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) application 3.0.729.1459 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6877 | 1 Santanderbank | 1 Santander Personal Banking | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Santander Personal Banking (aka com.sovereign.santander) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5810 | 1 Sgk | 1 Sgk Hizmet Dokumu 4a | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SGK Hizmet Dokumu 4a (aka tr.gov.sgk.hizmetDokumu4a) application 1.103 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4364 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | 2.9 LOW | 5.6 MEDIUM |
| The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash. | |||||
| CVE-2014-6767 | 1 Denki | 1 Juggle\! Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Juggle! FREE (aka com.jakyl.juggleforfree) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6996 | 1 Cocodigi | 1 Martial Arts Battle Card | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6949 | 1 Fotoschilenas | 1 Akne Ernahrung | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Akne Ernahrung (aka com.rareartifact.akneernahrung72010074) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-7144 | 3 Apple, Linecorp, Microsoft | 3 Mac Os X, Line, Windows | 2025-04-12 | 4.3 MEDIUM | N/A |
| LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6913 | 1 Paperton | 1 Dive The World | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dive The World (aka com.paperton.wl.divetheworld) application 1.53 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6863 | 1 Digitalfruit | 1 Mootorratturid \& Biker.ee | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mootorratturid & biker.ee (aka ee.digitalfruit.mootorratturid) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7643 | 1 Crgroup-lb | 1 C.r. Group | 2025-04-12 | 5.4 MEDIUM | N/A |
| The C.R. Group (aka com.c.r.group) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-2471 | 1 Microsoft | 1 Xml Core Services | 2025-04-12 | 4.3 MEDIUM | N/A |
| Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2434. | |||||
| CVE-2014-5825 | 1 Jinfra | 1 Guess The Movie | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Guess The Movie (aka com.june.guessthemovie) application 2.982 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5601 | 1 1800contacts | 1 1800contacts App | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 1800CONTACTS App (aka com.contacts1800.ecomapp) application 2.7.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6828 | 1 Gecu | 1 Gulf Credit Union | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gulf Credit Union (aka Fi_Mobile.Gulf) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7572 | 1 Fallacystudios | 1 Stoner\'s Handbook L- Bud Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Stoner's Handbook L- Bud Guide (aka fallacystudios.stonershandbooklite) application 7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7409 | 1 Djogjahotel | 1 Liburan Hemat | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Liburan Hemat (aka com.liburan.bro) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||