Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5981 | 1 Moweather | 1 Moweather | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MoWeather (aka com.moji.moweather) application 1.40.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4895 | 1 Herpin Time Radio Project | 1 Herpin Time Radio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Herpin Time Radio (aka com.herpin.time.radio) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5883 | 1 7-eleven | 1 7-eleven | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-0282 | 1 Gnu | 1 Gnutls | 2025-04-12 | 5.0 MEDIUM | N/A |
| GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | |||||
| CVE-2014-6024 | 1 Flurry | 1 Flurry-analytics-android | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Flurry library before 3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-2951 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | 4.3 MEDIUM | 3.7 LOW |
| IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data. | |||||
| CVE-2014-7403 | 1 Nzhondas | 1 Nzhondas.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The NZHondas.com (aka com.tapatalk.nzhondascom) application 3.6.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5991 | 1 Skin Conditions And Diseases Project | 1 Skin Conditions And Diseases | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-4637 | 1 F5 | 4 Big-iq Adc, Big-iq Cloud, Big-iq Device and 1 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 before HF2, when configured for LDAP remote authentication and the LDAP server allows anonymous BIND operations, allows remote attackers to obtain an authentication token for arbitrary users by guessing an LDAP user account name. | |||||
| CVE-2014-5937 | 1 Freediyhomeimprovement | 1 Social Networking | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Social Networking (aka com.wSocialNetworkingSites) application 0.33.13320.99980 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7609 | 1 Miniclip | 1 Istunt 2 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7029 | 1 Ticstyle | 1 Bultmonster Registret | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bultmonster Registret (aka com.bultmonster.registret) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7617 | 1 Roads365 | 1 Www.roads365.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The www.roads365.com (aka ydx.android) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-1145 | 1 Apple | 1 Mac Os X | 2025-04-12 | 1.9 LOW | N/A |
| The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146. | |||||
| CVE-2014-5639 | 1 Adt-taxis | 1 Adt Taxis | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ADT Taxis (aka com.icabbi.adttaxisApp) application 6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7455 | 1 Automon | 1 Zoella Unofficial | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7745 | 1 133 | 1 Flight Manager | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Flight Manager (aka com.flightmanager.view) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5821 | 1 Guitartuna | 1 Guitar Tuner Free - Guitartuna | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Guitar Tuner Free - GuitarTuna (aka com.ovelin.guitartuna) application 2.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5616 | 1 Litter Penguin | 1 Web Browser \& Explorer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Web Browser & Explorer (aka com.explore.web.browser) application 2.0.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6641 | 1 Gcspublishing | 1 Homesteading Today | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Homesteading Today (aka com.tapatalk.homesteadingtodaycom) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||