Total
2490 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3089 | 1 Ibm | 2 Rational Directory Administrator, Rational Directory Server | 2025-04-12 | 4.9 MEDIUM | N/A |
| The RDS Java Client library in IBM Rational Directory Server (RDS) 5.1.1.x before 5.1.1.2 iFix004 and 5.2.x before 5.2.1 iFix003, and Rational Directory Administrator (RDA) 6.0 before iFix002, includes the cleartext root password, which allows local users to obtain sensitive information by reading a library file. | |||||
| CVE-2014-6895 | 1 Nexters | 1 Throne Rush | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Throne Rush (aka com.progrestar.bft) application 2.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7569 | 1 Bestapp | 1 Best Greatness Quotes | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Best Greatness Quotes (aka best.free.greatness.quotes.android.app) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5568 | 1 Androkera | 1 Las Vegas Lottery Scratch Off | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Las Vegas Lottery Scratch Off (aka com.androkera.lottery) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7082 | 1 Imapp | 1 No Disturb | 2025-04-12 | 5.4 MEDIUM | N/A |
| The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6706 | 1 Erau | 1 Embry-riddle | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Embry-Riddle (aka com.dub.app.erau) application 1.4.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8918 | 1 Ibm | 1 Security Appscan | 2025-04-12 | 5.8 MEDIUM | N/A |
| IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5910 | 1 Dog Whistle Project | 1 Dog Whistle | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5540 | 1 Flickatrade | 1 Flick A Trade | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Flick a Trade (aka air.com.cygnecode.fat) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6854 | 1 Eyexam | 1 Eyexam | 2025-04-12 | 5.4 MEDIUM | N/A |
| The EyeXam (aka com.globaleyeventures.eyexam) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7056 | 1 Yeast Infection Project | 1 Yeast Infection | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yeast Infection (aka com.wyeastinfectionapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6784 | 1 Fermononrespiri | 1 Fermononrespiri Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) application 3.8.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-1637 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067. | |||||
| CVE-2014-6987 | 1 Mass Gaming Tv Project | 1 Mass Gaming Tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mass Gaming TV (aka net.massgamers) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7057 | 1 Magzter | 1 Hong Kong Tatler Society | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hong Kong Tatler Society (aka com.magzter.hongkongtatlersociety) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7761 | 1 Sincerely | 1 Ink Cards | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Ink Cards (aka com.sincerely.android.ink) application 2.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7519 | 1 Cyclingforfun | 1 Cycling Manager Game Cff | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Cycling Manager Game Cff (aka com.CyclingManagerGame) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5707 | 1 Animoca | 1 Bunny Run | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bunny Run (aka com.stargirlgames.google.bunnyrun) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5974 | 1 Psecu | 1 Psecu Mobile\+ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4422 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| The kernel in Apple iOS before 8 and Apple TV before 7 uses a predictable random number generator during the early portion of the boot process, which allows attackers to bypass certain kernel-hardening protection mechanisms by using a user-space process to observe data related to the random numbers. | |||||