Total
2484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6743 | 1 Lipbrau | 1 Hearsay\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hearsay: A Social Party Game (aka air.com.lip.per) application 1.7.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7693 | 1 Jusapp | 1 Jusapp\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The JusApp! (aka com.tapatalk.jusappcombrforum) application 3.7.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5590 | 1 Snake Evolution Project | 1 Snake Evolution | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5713 | 1 Telly | 1 Telly-watch The Good Stuff | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Telly - Watch the good stuff (aka com.telly) application 2.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7123 | 1 Vbwebdesigner | 1 Brevir Harian V2 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Brevir Harian V2 (aka com.brevir.harian.v) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7321 | 1 Offertaviaggi | 1 Firenze Map | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Firenze map (aka com.wFirenzemap) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0041 | 1 Redhat | 1 Openstack | 2025-04-12 | 4.3 MEDIUM | N/A |
| OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors. | |||||
| CVE-2014-5883 | 1 7-eleven | 1 7-eleven | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-5717 | 1 Siemens | 1 Compas | 2025-04-12 | 5.8 MEDIUM | N/A |
| The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7580 | 1 Thailand Investor News Project | 1 Thailand Investor News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Thailand Investor News (aka nudecreative.thaistock.set) application 1.39s for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5722 | 1 Swiftkey | 1 Swiftkey Keyboard \+ Emoji | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application 5.0.2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-2046 | 1 Broadcom | 2 Pipa C211, Pipa C211 Web Interface | 2025-04-12 | 9.7 HIGH | N/A |
| cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors. | |||||
| CVE-2014-7342 | 1 Echonewshk | 1 Echo News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Echo News (aka com.solo.report) 1.10 application (beta) for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7718 | 1 Magzter | 1 Travel\+leisure | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5735 | 1 Home Shopping Apps | 1 Buy A Gift | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Buy A Gift (aka com.wBuyAGift) application 13529.90084 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6840 | 1 Weddingselections | 1 My Wedding Planner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The My Wedding Planner (aka app.wedding) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6997 | 1 Itiw-webdev | 1 Dino Village | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dino Village (aka com.tappocket.dinovillage) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6860 | 1 Trialtracker | 1 Trial Tracker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Trial Tracker (aka com.etcweb.android.trial_tracker) application 1.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5563 | 1 Show Do Milhao 2014 Project | 1 Show Do Milhao 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application 1.4.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-5444 | 1 Ibm | 1 Cognos Express | 2025-04-12 | 5.0 MEDIUM | N/A |
| The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors. | |||||