Total
2492 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5695 | 1 Sanriodigital | 1 Hello Kitty Cafe | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5991 | 1 Skin Conditions And Diseases Project | 1 Skin Conditions And Diseases | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6991 | 1 Liveauctions | 1 Liveauctions.tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The LiveAuctions.tv (aka air.LiveAndroidMaxx) application 2.005 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-8803 | 3 Canonical, Nettle Project, Opensuse | 4 Ubuntu Linux, Nettle, Leap and 1 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805. | |||||
| CVE-2014-6869 | 1 Barcode Scanner Project | 1 Barcode Scanner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The barcode scanner (aka tw.com.books.android.plus) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4428 | 1 Apple | 1 Mac Os X | 2025-04-12 | 5.4 MEDIUM | N/A |
| Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing. | |||||
| CVE-2014-5994 | 1 Ding | 1 Ding Ezetop. Top-up Any Phone | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7502 | 1 Escucha Eldiario Project | 1 Escucha Eldiario | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Escucha elDiario.es (aka es.lacabradev.escuchaeldiario) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5679 | 1 Popuapp | 1 Popu 2\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PopU 2: Get Likes on Instagram (aka com.popuapp.popu) application 1.7.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5987 | 1 Three | 1 My3 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The My3 - by 3HK (aka com.my3) application @7F0A0001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6801 | 1 Frank Matano Project | 1 Frank Matano | 2025-04-12 | 5.4 MEDIUM | N/A |
| The frank matano (aka com.frank.matano) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8531 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 6.5 MEDIUM | N/A |
| The TLS/SSL Server in McAfee Network Data Loss Prevention (NDLP) before 9.3 uses weak cipher algorithms, which makes it easier for remote authenticated users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-7421 | 1 Mytoursapp | 1 Revel In The Rideau Lakes | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7328 | 1 Brainabundance | 1 Brain Abundance Info | 2025-04-12 | 5.4 MEDIUM | N/A |
| The brain abundance info (aka com.wbrainabundance) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5990 | 1 Bookjam | 1 Cookbible | 2025-04-12 | 5.4 MEDIUM | N/A |
| The cookbible (aka net.bookjam.cookbible) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6642 | 1 Marksdailyapple | 1 Mark\'s Daily Apple Forum | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application 2.4.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7018 | 1 Efunfun | 1 Love Dance | 2025-04-12 | 5.4 MEDIUM | N/A |
| The LOVE DANCE (aka com.efunfun.ddianle.lovedance) application 1.2.0626 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7090 | 1 Vcccd | 1 Myvcccd | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MyVCCCD (aka com.dub.app.ventura) application 1.4.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6662 | 1 Krstarica | 1 Forum Krstarice | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application 3.5.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5691 | 1 Rvappstudios | 1 Best Phone Security | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Best Phone Security (aka com.rvappstudios.phonesecurity) application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||