Total
2470 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6776 | 1 Uanw | 1 United Advantage Nw Federal Cr | 2025-04-12 | 5.4 MEDIUM | N/A |
| The United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5750 | 1 Pro Bet Tips Project | 1 Pro Bet Tips | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7584 | 1 Dataparadigm | 1 Acn2go | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ACN2GO (aka com.dataparadigm.acnmobile) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5636 | 1 Granita | 1 Cloud Browser | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Cloud Browser (aka com.granitamalta.cloudbrowser) application 2.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5580 | 1 Backgroundcheckprotool | 1 Backgroundcheckprotool | 2025-04-12 | 5.4 MEDIUM | N/A |
| The BackgroundCheckProTool (aka com.BackgroundCheckProTool) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7670 | 1 Alawar | 1 Motor Town\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Motor Town: Machine Soul Free (aka com.alawar.motortownfree) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7753 | 1 Cir | 1 Circa News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Circa News (aka cir.ca) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6955 | 1 Misterpark | 1 Le Grand Bleu | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Le Grand Bleu (aka com.appzone468) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5799 | 1 Nonghyup | 1 Smart Card | 2025-04-12 | 5.4 MEDIUM | N/A |
| The smart.card (aka nh.smart.card) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7135 | 1 Ayuntamientodecoana | 1 Ayuntamiento De Coana | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0361 | 1 Toshibacommerce | 1 4690 Point Of Sale Operating System | 2025-04-12 | 3.0 LOW | N/A |
| The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified cryptanalysis of an ADXCSOUF.DAT file. | |||||
| CVE-2014-7798 | 1 Enyetech | 1 Coca-cola Fm Brasil | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) application 2.0.41709 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-2125 | 1 Openbsd | 1 Opensmtpd | 2025-04-12 | 5.0 MEDIUM | N/A |
| OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open. | |||||
| CVE-2014-0164 | 1 Redhat | 1 Openshift | 2025-04-12 | 2.1 LOW | N/A |
| openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file. | |||||
| CVE-2014-5845 | 1 Thirdwire | 1 Strike Fighters Israel | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Strike Fighters Israel (aka com.thirdwire.strikefighters.mideast.android) application 1.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5768 | 1 Foodplannerapp | 1 Food Planner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Food Planner (aka dk.boggie.madplan.android) application 4.8.4.3-google for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7414 | 1 Magzter | 1 Cleo Malaysia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6087 | 1 Ibm | 2 Security Access Manager For Mobile, Security Access Manager For Web | 2025-04-12 | 5.0 MEDIUM | N/A |
| IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak algorithm in an SSL cipher suite. | |||||
| CVE-2014-6785 | 1 Subsplash | 1 Renny Mclean Ministries | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Renny McLean Ministries (aka com.subsplash.thechurchapp.s_GJQX72) application 2.8.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6807 | 1 Olaschool | 1 Ola School | 2025-04-12 | 5.4 MEDIUM | N/A |
| The OLA School (aka com.conduit.app_00f9890a4f0145f2aae9d714e20b273a.app) application 1.2.7.132 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||