Total
2450 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7498 | 1 Xaos | 1 Space Cinema | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Space Cinema (aka it.thespacecinema.android) application 2.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7020 | 1 Diabetes | 1 Diabetes Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) application 3.9.30 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5912 | 1 Intsig | 1 Innote | 2025-04-12 | 5.4 MEDIUM | N/A |
| The InNote (aka com.intsig.notes) application 1.0.3.20131119 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7415 | 1 Nobexrc | 1 Asylum\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Asylum! (aka com.nobexinc.wls_96362255.rc) application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7408 | 1 Garyjohnson2012 | 1 Gary Johnson For President \'12 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gary Johnson for President '12 (aka com.GaryJohnson2012) application 0.75.13439.53899 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3908 | 1 Amazon | 1 Kindle | 2025-04-12 | 5.8 MEDIUM | N/A |
| The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7618 | 1 Moderndecoration | 1 Interior Design | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Interior Design (aka com.interior.design.mcreda) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7433 | 1 Hioa | 1 Student Id | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Student ID (aka com.computas.studentbevis) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7072 | 1 Offertaviaggi | 1 Venezia Map | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Venezia map (aka com.wVeneziamap) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6869 | 1 Barcode Scanner Project | 1 Barcode Scanner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The barcode scanner (aka tw.com.books.android.plus) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-4488 | 1 Libgadu | 1 Libgadu | 2025-04-12 | 4.3 MEDIUM | N/A |
| libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. | |||||
| CVE-2011-3152 | 1 Canonical | 2 Ubuntu Linux, Update-manager | 2025-04-12 | 6.4 MEDIUM | N/A |
| DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file. | |||||
| CVE-2014-6021 | 1 H-dvisa | 1 Harley-davidson Visa | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Harley-Davidson Visa (aka com.usbank.icsmobile.harleydavidson) application 1.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5813 | 1 Alrazylabs | 1 Lostword | 2025-04-12 | 5.4 MEDIUM | N/A |
| The lostword (aka zozo.android.lostword) application 5.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5816 | 1 Meipai | 1 Meipai | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MeiPai (aka com.meitu.meipaimv) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7786 | 1 Magzter | 1 English Football Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6981 | 1 Tbb | 1 Taiwan Business Bank | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Taiwan Business Bank (aka com.mitake.TBB) application 2.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7124 | 1 Consulo | 1 Ip Alarm | 2025-04-12 | 5.4 MEDIUM | N/A |
| The IP Alarm (aka com.cosesy.gadget.alarm) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6973 | 1 Akronchildrens | 1 Care4kids | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Care4Kids (aka com.codetherapy.care4kids) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7611 | 1 Lost Temple Project | 1 Lost Temple | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||