Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6963 | 1 Feiron | 1 Feiron | 2025-04-12 | 5.4 MEDIUM | N/A |
| The feiron (aka es.sw.feironmobile.app) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7382 | 1 Alternative Connection Project | 1 Alternative Connection | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alternative Connection (aka com.wAlternativeConnection) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7778 | 1 Magzter | 1 Epc World | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Epc World (aka com.magzter.epcworld) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7685 | 1 Razerzone | 1 Razer Comms - Gaming Messenger | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Razer Comms - Gaming Messenger (aka com.razerzone.comms) application 1.3.07 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7591 | 1 Ireadercity | 1 Demon | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Demon (aka com.ireadercity.c24) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6691 | 1 Ucweb | 1 Uc Browser Hd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The UC Browser HD (aka com.uc.browser.hd) application 3.3.1.469 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5886 | 1 Ceskatelevize | 1 Ivysilani Ceske Televize | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6962 | 1 Publicstuff | 1 Elk Grove Publicstuff | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6823 | 1 Zhtiantian | 1 Kuailecaidengmi | 2025-04-12 | 5.4 MEDIUM | N/A |
| The kuailecaidengmi (aka com.licai.kuailecaidengmi) application 1.7.12.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8242 | 1 Librsync Project | 1 Librsync | 2025-04-12 | 5.8 MEDIUM | N/A |
| librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack. | |||||
| CVE-2014-4364 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-12 | 2.9 LOW | 5.6 MEDIUM |
| The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash. | |||||
| CVE-2014-7676 | 1 Home Made Air Freshener Project | 1 Home Made Air Freshener | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Home Made Air Freshener (aka com.wHomeMadeAirFreshener) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5951 | 1 Sinopac | 1 Sinopac | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7524 | 1 Bed And Breakfast Project | 1 Bed And Breakfast | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bed and Breakfast (aka com.wbedandbreakfastapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5971 | 1 Fiksu | 1 Fiksu Library | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-6805 | 1 Opentext | 1 Exceed Ondemand | 2025-04-12 | 5.0 MEDIUM | N/A |
| OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file. | |||||
| CVE-2014-6923 | 1 Mobitrips | 1 Dubrovnik Guided Walking Tours | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dubrovnik Guided Walking Tours (aka com.mytoursapp.android.app351) application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5709 | 1 Sunstormgames | 1 Donut Maker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Donut Maker (aka com.sunstorm.android.donut) application 1.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6966 | 1 Parentlink | 1 West Bend School District | 2025-04-12 | 5.4 MEDIUM | N/A |
| The West Bend School District (aka net.parentlink.westbend) application 4.0.500 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7523 | 1 Islamicode | 1 Radio Bethlehem Rb2000 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Radio Bethlehem RB2000 (aka com.Abuhadbah.rbl2000v2) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||