Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5959 | 1 Mytx | 1 Tx Smart | 2025-04-12 | 5.4 MEDIUM | N/A |
| The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7403 | 1 Nzhondas | 1 Nzhondas.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The NZHondas.com (aka com.tapatalk.nzhondascom) application 3.6.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7471 | 1 International-arbitration-attorney | 1 International-arbitration-attorney.com | 2025-04-12 | 5.4 MEDIUM | N/A |
| The international-arbitration-attorney.com (aka com.w0f1d79a1010d819acbee876007d0bebc) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6788 | 1 Oman News Project | 1 Oman News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Oman News (aka com.oman.news.rmtzlnbuooordciw) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5896 | 1 Seawolftech | 1 Globaltalk- Free Phone Calls | 2025-04-12 | 5.4 MEDIUM | N/A |
| The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7085 | 1 Independent | 1 I Newspaper | 2025-04-12 | 5.4 MEDIUM | N/A |
| The i Newspaper (aka com.independent.thei) application @7F080184 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3503 | 1 Apache | 1 Syncope | 2025-04-12 | 5.0 MEDIUM | N/A |
| Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack. | |||||
| CVE-2014-5852 | 1 Withhive | 1 Kakao | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kakao (aka com.com2us.tinypang.kakao.freefull2.google.global.android.common) application 2.11.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4911 | 2 Debian, Polarssl | 2 Debian Linux, Polarssl | 2025-04-12 | 5.0 MEDIUM | N/A |
| The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit. | |||||
| CVE-2014-6831 | 1 Hippostudio | 1 Hippo Studio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hippo Studio (aka com.appgreen.hippostudio) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6731 | 1 Alfabank | 1 Alfa-bank | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Alfa-Bank (aka ru.alfabank.mobile.android) application 5.5.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7685 | 1 Razerzone | 1 Razer Comms - Gaming Messenger | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Razer Comms - Gaming Messenger (aka com.razerzone.comms) application 1.3.07 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6885 | 1 Usbank | 1 Academy Sports \+ Outdoors Visa | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Academy Sports + Outdoors Visa (aka com.usbank.icsmobile.academysports) application 1.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6022 | 1 Versentbooks | 1 Versent Books | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Versent Books (aka com.versentbooks) application 1.1.99 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6005 | 1 Survey.com | 1 Survey.com Mobile | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Survey.com Mobile (aka com.survey.android) application 3.2.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7375 | 1 Mobileappcity | 1 Childcare | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Childcare (aka com.app_macchildcare.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-4259 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle attackers to bypass cryptographic protection mechanisms by leveraging knowledge of a private key, aka Bug IDs CSCum56133 and CSCum56177. | |||||
| CVE-2014-6687 | 1 Wsaudichannelalnas Project | 1 Wsaudichannelalnas | 2025-04-12 | 5.4 MEDIUM | N/A |
| The wSaudichannelAlNasr (aka com.wSaudichannelAlNasr) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6804 | 1 Boopsie | 1 Deschutes Public Mobilelibrary | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Deschutes Public MobileLibrary (aka com.bredir.boopsie.deschutes) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4891 | 1 Ctihub | 1 Ct Ihub | 2025-04-12 | 5.4 MEDIUM | N/A |
| The CT iHub (aka com.concursive.ctihub) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||