Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7552 | 1 129zou | 1 Zombie Diary | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Zombie Diary (aka com.ezjoy.feelingtouch.zombiediary) application 1.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6955 | 1 Misterpark | 1 Le Grand Bleu | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Le Grand Bleu (aka com.appzone468) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7550 | 1 Basketball News \& Videos Project | 1 Basketball News \& Videos | 2025-04-12 | 5.4 MEDIUM | N/A |
| The basketball news & videos (aka com.basketbal.news.caesar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5560 | 1 Mdickie | 1 Popscene | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Popscene (Music Industry Sim) (aka air.Popscene) application 1.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7728 | 1 Civitasmedia | 1 Logan Banner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) application 1.0010.b0010 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5985 | 1 Topappsbuilder Project | 1 Animal Kaiser Zangetsu | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6861 | 1 Terrarienbilder | 1 Terrarienbilder.com Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Terrarienbilder.com Forum (aka com.tapatalk.terrarienbildercomvb) application 3.8.20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7780 | 1 Ienvisage | 1 Pakistan Cricket News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application 1.21.38.6504 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7606 | 1 Concursive | 1 Concursive | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Concursive (aka com.concursive.app) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-2576 | 2 Claws-mail, Opensuse | 2 Claws-mail, Opensuse | 2025-04-12 | 6.8 MEDIUM | N/A |
| plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks. | |||||
| CVE-2014-5794 | 1 Passion4profession | 1 8 Minutes Abs Workout | 2025-04-12 | 5.4 MEDIUM | N/A |
| The 8 Minutes Abs Workout (aka net.p4p.absen) application 2.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7397 | 1 Byfes | 1 Ileri Gazetesi - Yozgat | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ileri Gazetesi - Yozgat (aka com.byfes.ilerigazetesi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7061 | 1 Modsimconnected | 1 Modsim World 2014 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MODSIM World 2014 (aka com.concursive.modsimworld) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-7252 | 1 Kde | 1 Kde Applications | 2025-04-12 | 5.0 MEDIUM | N/A |
| kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a codebook attack. | |||||
| CVE-2016-7439 | 1 Wolfssl | 1 Wolfssl | 2025-04-12 | 2.1 LOW | 5.5 MEDIUM |
| The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | |||||
| CVE-2014-7344 | 1 Pocketmags | 1 Classic Arms \& Militaria | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Classic Arms & Militaria (aka com.magazinecloner.classicarmsandm) application @7F080193 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7609 | 1 Miniclip | 1 Istunt 2 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-8329 | 1 Sap | 1 Manufacturing Integration And Intelligence | 2025-04-12 | 5.0 MEDIUM | N/A |
| SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274. | |||||
| CVE-2014-7724 | 1 Chemssou Blink Project | 1 Chemssou Blink | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Chemssou Blink (aka com.chemssou.blink) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5528 | 1 Appsflyer | 1 Appsflyer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Appsflyer library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||