Total
2484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7631 | 1 Texasweddingmall | 1 Villa Antonia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Villa Antonia (aka com.appbuilder.u7p5019) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6744 | 1 Al-ahsa News Project | 1 Al-ahsa News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Al-Ahsa News (aka com.alahsa.news) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0786 | 1 Ecava | 1 Integraxor | 2025-04-12 | 5.0 MEDIUM | N/A |
| Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. | |||||
| CVE-2014-5681 | 1 Xda-developers | 1 Xda-developers | 2025-04-12 | 5.4 MEDIUM | N/A |
| The XDA-Developers (aka com.quoord.tapatalkxda.activity) application 3.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7522 | 1 Maccabi4u | 1 Maccabi Pakal | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Maccabi Pakal (aka com.ideomobile.pakalmaccabi) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7052 | 1 Cws | 1 Sahab-alkher.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The sahab-alkher.com (aka com.tapatalk.sahabalkhercomvb) application 2.4.9.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6648 | 1 Iphone4 | 1 Iphone4.tw | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application 3.3.20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3302 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 5.8 MEDIUM | N/A |
| user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708. | |||||
| CVE-2014-5613 | 1 Entertailion | 1 Able Remote | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Able Remote (aka com.entertailion.android.remote) application 2.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5604 | 1 Elokence | 1 Akinator The Genie Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Akinator the Genie FREE (aka com.digidust.elokence.akinator.freemium) application 2.46 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6689 | 1 Jingwei | 1 Jw Cards | 2025-04-12 | 5.4 MEDIUM | N/A |
| The JW Cards (aka com.jingwei.card) application 3.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6792 | 1 Suriname Radio Project | 1 Suriname Radio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Suriname Radio (aka com.wordbox.surinameRadio) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-2233 | 1 Lenovo | 1 System Update | 2025-04-12 | 8.3 HIGH | N/A |
| Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 does not properly validate CA chains during signature validation, which allows man-in-the-middle attackers to upload and execute arbitrary files via a crafted certificate. | |||||
| CVE-2016-4511 | 1 Abb | 1 Pcm600 | 2025-04-12 | 1.9 LOW | 2.8 LOW |
| ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file. | |||||
| CVE-2014-6723 | 1 Comicsplusapp | 1 Comics Plus | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Comics Plus (aka com.iversecomics.comicsplus.android) application 1.06 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5995 | 1 Ericpol | 1 Ewus Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5913 | 1 Game-lion | 1 Allies In War | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5863 | 1 Netmarble | 1 Mpang.gp | 2025-04-12 | 5.4 MEDIUM | N/A |
| The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7648 | 1 Ip-phone-smart | 1 Smartalk | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SMARTalk (aka jp.co.fusioncom.smartalk.android) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6996 | 1 Cocodigi | 1 Martial Arts Battle Card | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Martial Arts Battle Card (aka com.tapenjoy.zjh.tw) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||