Total
2470 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6832 | 1 Gcspublishing | 1 Bersa Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bersa Forum (aka com.gcspublishing.bersaforum) application 3.9.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6808 | 1 Active 24 Project | 1 Active 24 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Active 24 (aka com.zentity.app.active24) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6966 | 1 Parentlink | 1 West Bend School District | 2025-04-12 | 5.4 MEDIUM | N/A |
| The West Bend School District (aka net.parentlink.westbend) application 4.0.500 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5913 | 1 Game-lion | 1 Allies In War | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6643 | 1 Fiatforum | 1 Fiat Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The FIAT Forum (aka com.tapatalk.fiatforumcom) application 3.8.41 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7616 | 1 Physicsforums | 1 Physics Forums | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Physics Forums (aka com.tapatalk.physicsforumscom) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5626 | 1 Gameloft | 1 Brothers In Arms 2 Free\+ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) application 1.2.0b for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6074 | 1 Ibm | 1 Urbancode Deploy | 2025-04-12 | 4.0 MEDIUM | N/A |
| IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated users to read keystore secret keys via a direct request to a UI page. | |||||
| CVE-2014-6757 | 1 Allqoranvideos | 1 Koran - Alqoranvideos | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Koran - AlqoranVideos (aka com.alqoran.videos.example) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6997 | 1 Itiw-webdev | 1 Dino Village | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dino Village (aka com.tappocket.dinovillage) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5608 | 1 Djinnworks | 1 Line Runner \(free\) | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Line Runner (Free) (aka com.djinnworks.linerunnerfree) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5779 | 1 Jackdapp | 1 Jack\'d - Gay Chat \& Dating | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jack'd - Gay Chat & Dating (aka mobi.jackd.android) application 1.9.0a for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5746 | 1 Vkr Soft | 1 Government Best Jobs | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6846 | 1 Intelitycorp | 1 Four Seasons Beverly Hills | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Four Seasons Beverly Hills (aka com.intelitycorp.FourSeasons.android.ice) application @7F050007 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5565 | 1 Gadgettrak | 1 Gadgettrak Mobile Security | 2025-04-12 | 5.4 MEDIUM | N/A |
| The GadgetTrak Mobile Security (aka com.activetrak.android.app) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-2758 | 2 Apache, Citrix | 2 Cloudstack, Cloudplatform | 2025-04-12 | 5.0 MEDIUM | N/A |
| Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers to guess the console access URL via a brute force attack. | |||||
| CVE-2014-5989 | 1 Babydays | 1 Baby Days | 2025-04-12 | 5.4 MEDIUM | N/A |
| The baby days (aka jp.co.cyberagent.babydays) application 1.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-1584 | 1 Mozilla | 1 Firefox | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site via a crafted certificate that leads to presentation of the Untrusted Connection dialog to the user. | |||||
| CVE-2014-7437 | 1 Love Horoscope Guide Project | 1 Love Horoscope Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Love Horoscope Guide (aka com.charl.charlylovehoroscopes) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7316 | 1 Synrevoice | 1 Safe Arrival | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Safe Arrival (aka com.synrevoice.safearrival) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||