Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7546 | 1 Buddhist Prayer Project | 1 Buddhist Prayer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7770 | 1 Mediaonlinecenter | 1 Lagu Pop Indonesia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6688 | 1 Voices | 1 Voices.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Voices.com (aka com.voices.voices) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7450 | 1 Allnurses | 1 Allnurses | 2025-04-12 | 5.4 MEDIUM | N/A |
| The allnurses (aka com.tapatalk.allnursescom) application 3.4.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7529 | 1 Streamingidiot | 1 Bodyguard For Hire | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bodyguard for Hire (aka com.dreamstep.wBodyGuardforHire) application 0.18.13146.42280 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7034 | 1 Senatorinn | 1 Senator Inn \& Spa | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Senator Inn & Spa (aka com.conduit.app_cc06e8e9659c4cf7b361ad0b7717f3a4.app) application 1.2.2.160 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7789 | 1 Zillionmuslims | 1 Zillion Muslims | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5572 | 1 Jazzpodiumdetor | 1 Jazzpodium De Tor | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jazzpodium De Tor (aka com.appmakr.app273713) application 206160 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5634 | 1 Madipass | 1 Madipass Martinique | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Madipass Martinique (aka com.goodbarber.madipassmartinique) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5803 | 1 Ember-entertainment | 1 Towers N\' Trolls | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Towers N' Trolls (aka project.android.ftdjni) application 1.6.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6969 | 1 Blynk | 1 Deltin Suites | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Deltin Suites (aka com.DeltinSuites) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5920 | 1 Amberfog | 1 Vk Amberfog | 2025-04-12 | 5.4 MEDIUM | N/A |
| The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7490 | 1 Magzter | 1 Menaka - Marathi | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Menaka - Marathi (aka com.magzter.menakamarathi) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5640 | 1 Cmcm | 1 Cm Backup Restore Cloud Photo | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application 1.1.0.135 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7084 | 1 Ireadercity | 1 Hesheng 80 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hesheng 80 (aka com.ireadercity.c29) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7017 | 1 Tim Ban Bon Phuong Project | 1 Tim Ban Bon Phuong | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5815 | 1 Mavenhut | 1 Solitaire Arena | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Solitaire Arena (aka com.mavenhut.solitaire) application 1.0.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7783 | 1 Billgbennett | 1 Bill G. Bennett | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-1571 | 1 Fortinet | 1 Fortios | 2025-04-12 | 4.3 MEDIUM | N/A |
| The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the Fortinet_Factory certificate and private key. NOTE: FG-IR-15-002 says "The Fortinet_Factory certificate is unique to each device ... An attacker cannot therefore stage a MitM attack. | |||||
| CVE-2014-7777 | 1 Gcspublishing | 1 Slingshot Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application 3.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||