Total
2448 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7018 | 1 Efunfun | 1 Love Dance | 2025-04-12 | 5.4 MEDIUM | N/A |
| The LOVE DANCE (aka com.efunfun.ddianle.lovedance) application 1.2.0626 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6659 | 1 Defence | 1 Defence.pk | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Defence.pk (aka com.tapatalk.defencepkforums) application 2.4.13.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7115 | 1 Mailgod | 1 Letters To God - Soc. Network | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Letters to God - soc. network (aka com.wPismakBoguLetterstoGod) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5620 | 1 Fluik | 1 Office Jerk Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Office Jerk Free (aka com.fluik.OfficeJerkFree) application 1.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6693 | 1 Juiker | 1 Juiker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Juiker (aka org.itri) application 3.2.0829.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7481 | 1 Etghosting | 1 Etg Hosting | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ETG Hosting (aka com.etg.web.hosting) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6779 | 1 Cart-app | 1 Cart App | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Cart App (aka com.virtecha.mobilewallet) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6687 | 1 Wsaudichannelalnas Project | 1 Wsaudichannelalnas | 2025-04-12 | 5.4 MEDIUM | N/A |
| The wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7127 | 1 Pocketmags | 1 Football Espana Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Football Espana magazine (aka com.triactivemedia.footballespana) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2012-6661 | 2 Plone, Zope | 2 Plone, Zope | 2025-04-12 | 5.0 MEDIUM | N/A |
| Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2). | |||||
| CVE-2015-0285 | 1 Openssl | 1 Openssl | 2025-04-12 | 4.3 MEDIUM | N/A |
| The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack. | |||||
| CVE-2014-6753 | 1 Halanew | 1 Sunnat E Rasool | 2025-04-12 | 5.4 MEDIUM | N/A |
| The sunnat e rasool (aka com.imsoft.sunnat_e_rasool) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5891 | 1 Snipsnap | 1 Snipsnap Coupon App | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5797 | 1 Nonghyup | 1 Smart | 2025-04-12 | 5.4 MEDIUM | N/A |
| The smart (aka nh.smart) application 3.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6665 | 1 Quranedu | 1 Ahmed Bukhatir Nasheeds Tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ahmed Bukhatir Nasheeds TV (aka com.wAhmedBukhatirApp) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7369 | 1 Galsila | 1 Il Brillo Parlante | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Il Brillo Parlante (aka com.wIlBrilloParlante) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0350 | 1 Pocoproject | 1 Poco C\+\+ Libraries | 2025-04-12 | 6.4 MEDIUM | N/A |
| The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate. | |||||
| CVE-2014-5658 | 1 Mercadolibre | 1 Mercadolibre | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MercadoLibre (aka com.mercadolibre) application 3.8.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6835 | 1 Freetibet | 1 Herbal Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Herbal Guide (aka com.pocket.herbal.guide) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7630 | 1 Candycaneapps | 1 Fling Gold | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fling Gold (aka com.mbgames.fling.gold) application 1.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||