Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5541 | 1 Differencegames | 1 Hidden Memory - Aladdin Free\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hidden Memory - Aladdin FREE! (aka air.com.differencegames.hmaladdinfree) application 1.0.31 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7398 | 1 Buronya | 1 Dil Bilgisi Kurallari | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5444 | 1 Yorba | 1 Geary | 2025-04-12 | 4.3 MEDIUM | N/A |
| Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate. | |||||
| CVE-2014-7462 | 1 Teamlava | 1 Fashion Story\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fashion Story: Neon 90's (aka com.teamlava.fashionstory39) application 1.5.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5896 | 1 Seawolftech | 1 Globaltalk- Free Phone Calls | 2025-04-12 | 5.4 MEDIUM | N/A |
| The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7056 | 1 Yeast Infection Project | 1 Yeast Infection | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yeast Infection (aka com.wyeastinfectionapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6918 | 1 Bikersunderground | 1 Bikers Underground | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bikers Underground (aka hr.ap.n66871172) application 4.5.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5738 | 1 Webprancer | 1 Garfield\'s Defense | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Garfield's Defense (aka com.webprancer.google.garfieldDefense) application 1.5.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6692 | 1 Wps | 1 Kingsoft Clip \(office Tool\) | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6936 | 1 Mobileeventguide | 1 Ids 2013 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The IDS 2013 (aka de.mobileeventguide.ids2013) application 1.21 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-6805 | 1 Opentext | 1 Exceed Ondemand | 2025-04-12 | 5.0 MEDIUM | N/A |
| OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file. | |||||
| CVE-2014-5943 | 1 Labmsf | 1 Labmsf Antivirus Beta | 2025-04-12 | 5.4 MEDIUM | N/A |
| The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7444 | 1 Baidu | 1 Baidu Navigation | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6691 | 1 Ucweb | 1 Uc Browser Hd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The UC Browser HD (aka com.uc.browser.hd) application 3.3.1.469 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-1398 | 2 Puppet, Puppetlabs | 2 Puppet Enterprise, Puppet | 2025-04-12 | 8.5 HIGH | N/A |
| The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access to a catalog of private SSL keys, which allows remote authenticated users to obtain sensitive information and gain privileges by leveraging root access to a node, related to the master role. | |||||
| CVE-2014-4192 | 1 Dell | 1 Bsafe Share | 2025-04-12 | 5.0 MEDIUM | N/A |
| The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755. | |||||
| CVE-2014-7604 | 1 Easy Tips For Glowing Skin Project | 1 Easy Tips For Glowing Skin | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0092 | 1 Gnu | 1 Gnutls | 2025-04-12 | 5.8 MEDIUM | N/A |
| lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. | |||||
| CVE-2014-7389 | 1 Nobexrc | 1 Amnesia Groove | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Amnesia Groove (aka com.nobexinc.wls_88552576.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5977 | 1 Mobile Face Project | 1 Mobile Face | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mobile Face (aka com.wFacemobile) application 0.74.13432.91159 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||