Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7759 | 1 Nobexrc | 1 Jazz Lovers Radio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7382 | 1 Alternative Connection Project | 1 Alternative Connection | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alternative Connection (aka com.wAlternativeConnection) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6004 | 1 Pocket Cam Photo Editor Project | 1 Pocket Cam Photo Editor | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5624 | 1 Fungames-forfree | 1 Sniper Shooter Free - Fun Game | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sniper Shooter Free - Fun Game (aka com.fungamesforfree.snipershooter.free) application 2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5682 | 1 Retale | 1 Retale - Weekly Ads \& Deals | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Retale - Weekly Ads & Deals (aka com.retale.android) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4448 | 1 Apple | 1 Iphone Os | 2025-04-12 | 1.9 LOW | N/A |
| House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID. | |||||
| CVE-2014-7661 | 1 Masquito2013 | 1 Masquito Blogger | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Masquito Blogger (aka com.wmasquito) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7004 | 1 Peta | 1 Peta | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PETA (aka com.peta.android) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6680 | 1 Superheroquiz Project | 1 Superheroquiz | 2025-04-12 | 5.4 MEDIUM | N/A |
| The superheroquiz (aka com.davidhey.superheroquiz) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3302 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 5.8 MEDIUM | N/A |
| user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708. | |||||
| CVE-2014-5685 | 1 Runtastic | 1 Runtastic Heart Rate | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Runtastic Heart Rate (aka com.runtastic.android.heartrate.lite) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3566 | 11 Apple, Debian, Fedoraproject and 8 more | 20 Mac Os X, Debian Linux, Fedora and 17 more | 2025-04-12 | 4.3 MEDIUM | 3.4 LOW |
| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | |||||
| CVE-2014-6685 | 1 Netjapan | 1 Tsushima Travel Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Tsushima Travel Guide (aka com.netjapan.ntsushima) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6954 | 1 Deer Hunting Calls \+ Guide Project | 1 Deer Hunting Calls \+ Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5947 | 1 Psicofxp | 1 Psicofxp | 2025-04-12 | 5.4 MEDIUM | N/A |
| The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7666 | 1 Pocketmags | 1 American Waterfowler | 2025-04-12 | 5.4 MEDIUM | N/A |
| The American Waterfowler (aka com.magazinecloner.americanwaterfowler) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5655 | 1 Cmcm | 1 Cm Browser - Fast \& Secure | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CM Browser - Fast & Secure (aka com.ksmobile.cb) application 5.0.50 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6873 | 1 Amecuae | 1 Amgc | 2025-04-12 | 5.4 MEDIUM | N/A |
| The AMGC (aka com.amec.uae) application 6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5959 | 1 Mytx | 1 Tx Smart | 2025-04-12 | 5.4 MEDIUM | N/A |
| The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7108 | 1 Appbelle | 1 Stop Headaches And Migraines | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||