Total
2492 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6959 | 1 Haowanlab | 1 Qincard | 2025-04-12 | 5.4 MEDIUM | N/A |
| The QinCard (aka com.haowan.qincard) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7357 | 1 Bfac | 1 Grandparenting Is Great | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Grandparenting is Great (aka com.app_gig.layout) application 1.400 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7015 | 1 Jjmatch | 1 Jj Texas Hold\'em Poker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The JJ Texas Hold'em Poker (aka cn.jj.poker) application 1.13.23.HD for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6776 | 1 Uanw | 1 United Advantage Nw Federal Cr | 2025-04-12 | 5.4 MEDIUM | N/A |
| The United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5966 | 1 Golauncher | 1 Dreamland Super Theme Go Gold | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dreamland Super Theme GO Gold (aka com.gau.go.launcherex.viptheme.dreamland.gold) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7337 | 1 Estateapps | 1 Acorn Estate Agents | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Acorn Estate Agents (aka com.acorn.ea) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5768 | 1 Foodplannerapp | 1 Food Planner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Food Planner (aka dk.boggie.madplan.android) application 4.8.4.3-google for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0035 | 2 Apache, Redhat | 2 Cxf, Jboss Enterprise Application Platform | 2025-04-12 | 4.3 MEDIUM | N/A |
| The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, transmits the UsernameToken in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2014-3436 | 1 Symantec | 2 Encryption Desktop, Pgp Desktop | 2025-04-12 | 5.0 MEDIUM | N/A |
| Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP Desktop 10.0.x through 10.2.x, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted encrypted e-mail message that decompresses to a larger size. | |||||
| CVE-2014-5881 | 1 Yahoo | 1 Yahoo Ybox | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6683 | 1 Openelectrical | 1 Open Electrical Webser | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Open Electrical Webser (aka com.wOpenElectricalWeb) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6663 | 1 Addisgag | 1 Addis Gag Funny Amharic Pic | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5846 | 1 Mobgams | 1 Fairy Princess Makeover Salon | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fairy Princess Makeover Salon (aka com.mobgams.dressup.fairy.princess.makeover) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6736 | 1 9jacompass | 1 Epl Hat Trick | 2025-04-12 | 5.4 MEDIUM | N/A |
| The EPL Hat Trick (aka com.hat.trick.goal) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6692 | 1 Wps | 1 Kingsoft Clip \(office Tool\) | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7048 | 1 Bearidlock | 1 Bear Id Lock | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bear ID Lock (aka com.wBearIDLock) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6729 | 1 Grillingwithrich | 1 Grilling With Rich | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Grilling with Rich (aka com.grilling.with.rich) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5786 | 1 Playscape | 1 Jewels \& Diamonds | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jewels & Diamonds (aka mominis.Generic_Android.Jewels_and_Diamonds) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5687 | 1 Runtastic | 1 Runtastic Mountain Bike | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Runtastic Mountain Bike (aka com.runtastic.android.mountainbike.lite) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7327 | 1 Magzter | 1 Macau Business | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Macau Business (aka com.magzter.macaubusiness) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||