Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7484 | 1 Enyetech | 1 Coca-cola Fm Guatemala | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Coca-Cola FM Guatemala (aka com.enyetech.radio.coca_cola.fm_gu) application 2.0.41725 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7559 | 1 Instatalks | 1 Instatalks | 2025-04-12 | 5.4 MEDIUM | N/A |
| The InstaTalks (aka com.natrobit.instatalks) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7568 | 1 Automon | 1 Marcus Butler Unofficial | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Marcus Butler Unofficial (aka com.automon.ay.marcus.butler) application 1.4.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6850 | 1 Starkvilleelectric | 1 Sed Account | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SED Account (aka com.starkville.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0878 | 1 Ibm | 1 Java Sdk | 2025-04-12 | 5.8 MEDIUM | N/A |
| The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output. | |||||
| CVE-2014-5369 | 1 Enigmail | 1 Enigmail | 2025-04-12 | 4.3 MEDIUM | N/A |
| Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2014-5800 | 1 Nonghyup | 1 Smart Nhibzbanking | 2025-04-12 | 5.4 MEDIUM | N/A |
| The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7478 | 1 Nashaplaneta | 1 Nashaplaneta.su | 2025-04-12 | 5.4 MEDIUM | N/A |
| The nashaplaneta.su (aka com.wNashaPlaneta) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3568 | 1 Openssl | 1 Openssl | 2025-04-12 | 4.3 MEDIUM | N/A |
| OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c. | |||||
| CVE-2014-5666 | 1 Avd-app | 1 Avd Download Video | 2025-04-12 | 5.4 MEDIUM | N/A |
| The AVD Download Video (aka com.myboyfriendisageek.videocatcher.demo) application 3.3.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7351 | 1 Magzter | 1 Global Movie Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The GLOBAL MOVIE MAGAZINE (aka com.magzter.globalmoviemagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7422 | 1 Homerelectric | 1 Hea Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The HEA Mobile (aka com.homerelectric.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5692 | 1 Safeway | 1 Safeway | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Safeway (aka com.safeway.client.android.safeway) application 4.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5758 | 1 Yellowbook | 1 Yellow Pages Local Search | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yellow Pages Local Search (aka com.yellowbook.android2) application 11.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7076 | 1 Magzter | 1 Sanctuary Asia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sanctuary Asia (aka com.magzter.sanctuaryasia) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6907 | 1 Trafficgate | 1 Rakuten Install | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Rakuten Install (aka co.jp.rakuten.installapp) application 1.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6735 | 1 Bmobile | 1 Imagine Next Bmobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The imagine Next bmobile (aka com.conduit.app_51c3c19581af465092327dd25591b224.app) application 1.7.10.243 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7385 | 1 Aperturemobilemedia | 1 Aperture Mobile Media | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Aperture Mobile Media (aka com.app_aperturemobilemedia.layout) application 1.404 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6800 | 1 Parentlink | 1 Bloom Township 206 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bloom Township 206 (aka net.parentlink.bloom) application 4.0.500 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7016 | 1 Mahasna Batik Project | 1 Mahasna Batik | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mahasna Batik (aka com.batik.mahasna) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||