Total
2458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5853 | 1 Withive | 1 Knights N Squires | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Knights N Squires (aka com.com2us.imhero.normal.freefull.google.global.android.common) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5536 | 1 Bashgaming | 1 Bingo Bash Free Bingo Casino | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bingo Bash - Free Bingo Casino (aka air.com.bitrhymes.bingo) application 1.31.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7039 | 1 Roguewaveproductionsllc | 1 Wild Women United | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Wild Women United (aka com.wildwomenunited) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-3125 | 3 Fedoraproject, Opensuse, Proftpd | 3 Fedora, Opensuse, Proftpd | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2014-6637 | 1 Praninc | 1 Facebook Facts | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Facebook Facts (aka com.wFacebookFacts) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7499 | 1 Ireadercity | 1 Sword | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sword (aka com.ireadercity.c25) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7794 | 1 Narr8 | 1 Knights Of The Void | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Knights of the Void (aka me.narr8.android.serial.knights_of_the_void) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7454 | 1 Mbtcreations | 1 Detox Juicing Diet Recipes | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7607 | 1 Swamiji | 1 Swamiji.tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Swamiji.tv (aka org.yidl.SwamijiTV) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7088 | 1 Jdm Lifestyle Project | 1 Jdm Lifestyle | 2025-04-12 | 5.4 MEDIUM | N/A |
| The JDM Lifestyle (aka com.hondatech) application 6.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4884 | 1 Conrad Hotel Project | 1 Conrad Hotel | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Conrad Hotel (aka com.wConradHotel) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0741 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | 6.2 MEDIUM | N/A |
| The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | |||||
| CVE-2015-8803 | 3 Canonical, Nettle Project, Opensuse | 4 Ubuntu Linux, Nettle, Leap and 1 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805. | |||||
| CVE-2014-7420 | 1 Magzter | 1 Just Bureaucracy | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Just Bureaucracy (aka com.magzter.justbureaucracy) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5771 | 1 Cuoftexas | 1 Credit Union Of Texas Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7368 | 1 Creatingahaven | 1 Compassion Satisfaction | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Compassion Satisfaction (aka com.wCompassionSatisfactionWorkshopPresentation) application 0.75.13440.35155 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7664 | 1 Bilingual Magic Ball Relajo Project | 1 Bilingual Magic Ball Relajo | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bilingual Magic Ball Relajo (aka com.wBilingualMagicBallRelajo) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6773 | 1 Bowenehs | 1 Cih Quiz Game | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CIH Quiz game (aka com.bowenehs.cihquizgameapp) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5983 | 1 Threadflip | 1 Threadflip Buy Sell Fashion | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3403 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 5.0 MEDIUM | N/A |
| The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647. | |||||