Total
2473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8329 | 1 Sap | 1 Manufacturing Integration And Intelligence | 2026-05-06 | 5.0 MEDIUM | N/A |
| SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274. | |||||
| CVE-2014-7510 | 1 Present-technologies | 1 Graffit It | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Graffit It (aka com.presenttechnologies.graffitit) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5597 | 1 Withhive | 1 9 Innings\ | 2026-05-06 | 5.4 MEDIUM | N/A |
| The 9 Innings: 2014 Pro Baseball (aka com.com2us.nipb2013.normal.freefull.google.global.android.common) application 4.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5588 | 1 Free Ebooks Project | 1 Free Ebooks | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Free eBooks (aka com.bmfapps.freekindlebooks) application 14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-7041 | 1 Cristian Gafton | 1 Pam Userdb | 2026-05-06 | 4.3 MEDIUM | N/A |
| The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack. | |||||
| CVE-2014-6778 | 1 Gcspublishing | 1 Goat Forum | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Goat Forum (aka com.gcspublishing.goatspot) application 3.9.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5773 | 1 Registeredassistant Project | 1 Registeredassistant | 2026-05-06 | 5.4 MEDIUM | N/A |
| The RegisteredAssistant (aka Icr.RegisteredAssistant) application 0.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6993 | 1 Codeeta | 1 Codeeta Coupons | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Codeeta Coupons (aka com.codeeta.promos) application 1.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6806 | 1 Intellegere | 1 Thanodi - Setswana Translator | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Thanodi - Setswana Translator (aka com.thanodi.thanodi) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5734 | 1 App Maker Ks | 1 Buy Books | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Buy Books (aka com.wBooksForSale) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7010 | 1 Utsa | 1 Utsa Mobile | 2026-05-06 | 5.4 MEDIUM | N/A |
| The UTSA Mobile (aka com.dub.app.utsa) application 1.4.21 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6833 | 1 Auctiontrac | 1 Auctiontrac Dealer | 2026-05-06 | 5.4 MEDIUM | N/A |
| The AuctionTrac Dealer (aka com.adesa.dealer.phone) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5652 | 1 Kicksend | 1 Kicksend Photo Prints | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Kicksend Photo Prints (aka com.kicksend.android.print) application 1.0.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-2576 | 2 Claws-mail, Opensuse | 2 Claws-mail, Opensuse | 2026-05-06 | 6.8 MEDIUM | N/A |
| plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks. | |||||
| CVE-2014-5665 | 1 Mr384 | 1 Mzone Login | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Mzone Login (aka com.mr384.MzoneLogin) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7587 | 1 Designtoolkits | 1 Blocked In Free | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Blocked in Free (aka com.blueup.blocked) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5965 | 1 Groovemusic Project | 1 Groovemusic | 2026-05-06 | 5.4 MEDIUM | N/A |
| The GrooveMusic (aka com.mobincube.android.sc_2HKFF) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7685 | 1 Razerzone | 1 Razer Comms - Gaming Messenger | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Razer Comms - Gaming Messenger (aka com.razerzone.comms) application 1.3.07 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7348 | 1 Magzter | 1 Hot Cars | 2026-05-06 | 5.4 MEDIUM | N/A |
| The HOT CARS (aka com.magzter.hotcars) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5858 | 1 Candy Blast Project | 1 Candy Blast | 2026-05-06 | 5.4 MEDIUM | N/A |
| The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||