Total
2484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7108 | 1 Appbelle | 1 Stop Headaches And Migraines | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7733 | 1 Magzter | 1 Karaf Magazin | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5369 | 1 Enigmail | 1 Enigmail | 2025-04-12 | 4.3 MEDIUM | N/A |
| Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2013-6401 | 1 Jansson Project | 1 Jansson | 2025-04-12 | 5.0 MEDIUM | N/A |
| Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted JSON document. | |||||
| CVE-2014-7275 | 1 Getmail | 1 Getmail | 2025-04-12 | 5.8 MEDIUM | N/A |
| The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7643 | 1 Crgroup-lb | 1 C.r. Group | 2025-04-12 | 5.4 MEDIUM | N/A |
| The C.R. Group (aka com.c.r.group) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-0897 | 1 Pivotal Software | 1 Operations Manager | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors. | |||||
| CVE-2014-5239 | 1 Microsoft | 1 Outlook.com | 2025-04-12 | 4.0 MEDIUM | N/A |
| The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6658 | 1 Apploi | 1 Apploi Job Search- Find Jobs | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Apploi Job Search- Find Jobs (aka com.apploi) application 4.19 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6930 | 1 Nobexrc | 1 Abram Radio Groove\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Abram Radio Groove! (aka com.nobexinc.wls_79226887.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5869 | 1 Cnn | 1 Cnnmoney Portfolio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5782 | 1 Playscape | 1 Bouncy Bill Holloween | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bouncy Bill Halloween (aka mominis.Generic_Android.Bouncy_Bill_Halloween) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5804 | 1 Mail.ru | 1 Mail.ru Dating | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6822 | 1 Nerdico Project | 1 Nerdico | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Nerdico (aka com.nerdico.danielepais) application 1.9 Stable for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-0904 | 1 Emc | 1 Avamar Server | 2025-04-12 | 5.0 MEDIUM | 8.6 HIGH |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive client-server traffic information by leveraging knowledge of this key from another installation. | |||||
| CVE-2014-5963 | 1 Corntree | 1 Halieutics | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Halieutics (aka com.corn.Halieutics) application 21.40.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5823 | 1 Thecleanerapp | 1 The Cleaner - Speed Up \& Clean | 2025-04-12 | 5.4 MEDIUM | N/A |
| The The Cleaner - Speed up & Clean (aka com.liquidum.thecleaner) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6014 | 1 Ingen-studios | 1 Conquest Of Fantasia | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5620 | 1 Fluik | 1 Office Jerk Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Office Jerk Free (aka com.fluik.OfficeJerkFree) application 1.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5861 | 1 Skout | 1 Boyahoy - Gay Chat | 2025-04-12 | 5.4 MEDIUM | N/A |
| The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||