Total
2458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6712 | 1 Iata | 1 Airlines International | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Airlines International (aka org.iata.IAMagazine) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7494 | 1 Getscoop | 1 Kontan Kiosk | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kontan Kiosk (aka com.appsfoundry.scoopwl.id.kontankiosk) application @7F07025E for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7019 | 1 Blynk | 1 Clarks Inn | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Clarks Inn (aka com.ClarksInn) application 3.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-2061 | 1 Jenkins | 1 Jenkins | 2025-04-12 | 5.0 MEDIUM | N/A |
| The input control in PasswordParameterDefinition in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to obtain passwords by reading the HTML source code, related to the default value. | |||||
| CVE-2014-4899 | 1 Magzter | 1 Indian Cement Review | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Indian Cement Review (aka com.magzter.indiancementreview) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6666 | 1 Anusthanokarehasya | 1 Baglamukhi | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Baglamukhi (aka com.wshribaglamukhiblog) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5640 | 1 Cmcm | 1 Cm Backup Restore Cloud Photo | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application 1.1.0.135 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5994 | 1 Ding | 1 Ding Ezetop. Top-up Any Phone | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6991 | 1 Liveauctions | 1 Liveauctions.tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The LiveAuctions.tv (aka air.LiveAndroidMaxx) application 2.005 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8760 | 1 Process-one | 1 Ejabberd | 2025-04-12 | 5.0 MEDIUM | N/A |
| ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption. | |||||
| CVE-2014-7061 | 1 Modsimconnected | 1 Modsim World 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MODSIM World 2014 (aka com.concursive.modsimworld) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6985 | 1 Gcspublishing | 1 Georgia Packing | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Georgia Packing (aka com.tapatalk.georgiapackingorg) application 3.9.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5647 | 1 Islonline | 1 Isl Light Remote Desktop | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5540 | 1 Flickatrade | 1 Flick A Trade | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Flick a Trade (aka air.com.cygnecode.fat) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5727 | 1 Utorrent | 1 Utorrent Remote | 2025-04-12 | 5.4 MEDIUM | N/A |
| The uTorrent Remote (aka com.utorrent.web) application 1.0.20110929 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5532 | 1 Adidas | 1 Honolulu | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Honolulu (aka adidas.jp.android.running.honolulu) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5865 | 1 Ask | 1 Ask.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ask.com (aka com.ask.android) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7754 | 1 Appsworld | 1 Condor S.e. | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Condor S.E. (aka com.app_condorsoutheast.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7483 | 1 Desire2learn Fusion 2014 Project | 1 Desire2learn Fusion 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Desire2Learn FUSION 2014 (aka com.desire2learn.fusion2012) application 4.0.729.1748 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6019 | 1 Psychology Project | 1 Psychology | 2025-04-12 | 5.4 MEDIUM | N/A |
| The psychology (aka com.alek.psychology) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||