Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7446 | 1 Bilingual Magic Ball Project | 1 Bilingual Magic Ball | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bilingual Magic Ball (aka com.wBilingualMagicBall) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6973 | 1 Akronchildrens | 1 Care4kids | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Care4Kids (aka com.codetherapy.care4kids) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-1469 | 1 Blackberry | 3 Blackberry Enterprise Service, Enterprise Server, Enterprise Server Express | 2025-04-12 | 4.9 MEDIUM | N/A |
| BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Service 10.x before 10.2.2 log cleartext credentials during exception handling, which allows local users to obtain sensitive information by reading the exception log file. | |||||
| CVE-2014-3572 | 1 Openssl | 1 Openssl | 2025-04-12 | 5.0 MEDIUM | N/A |
| The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message. | |||||
| CVE-2014-5687 | 1 Runtastic | 1 Runtastic Mountain Bike | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Runtastic Mountain Bike (aka com.runtastic.android.mountainbike.lite) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6930 | 1 Nobexrc | 1 Abram Radio Groove\! | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Abram Radio Groove! (aka com.nobexinc.wls_79226887.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6786 | 1 Tinytap | 1 Math For Kids - Subtraction | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) application 1.2.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5941 | 1 Armpit Spa \& Girl Games Project | 1 Armpit Spa \& Girl Games | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Armpit Spa & Girl Games (aka com.freegames.spamakeover) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7108 | 1 Appbelle | 1 Stop Headaches And Migraines | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Stop Headaches and Migraines (aka com.StopHeadachesandMigraines) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5613 | 1 Entertailion | 1 Able Remote | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Able Remote (aka com.entertailion.android.remote) application 2.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6880 | 1 Tradehero | 1 Tradehero | 2025-04-12 | 5.4 MEDIUM | N/A |
| The TradeHero (aka com.tradehero.th) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6903 | 1 Tionetworks | 1 Gulf Power Mobile Bill Pay | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gulf Power Mobile Bill Pay (aka com.tionetworks.gulf) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5966 | 1 Golauncher | 1 Dreamland Super Theme Go Gold | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dreamland Super Theme GO Gold (aka com.gau.go.launcherex.viptheme.dreamland.gold) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7413 | 1 Nakodabhairav | 1 Rajendra Suriji | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6990 | 1 Albasit Artes Y Danza Project | 1 Albasit Artes Y Danza | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Albasit artes y danza (aka com.adianteventures.adianteapps.albasit_artes_y_danza) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6869 | 1 Barcode Scanner Project | 1 Barcode Scanner | 2025-04-12 | 5.4 MEDIUM | N/A |
| The barcode scanner (aka tw.com.books.android.plus) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5829 | 1 Hobbylobby | 1 Hobby Lobby Stores | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Hobby Lobby Stores (aka com.hobbylobbystores.android) application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7434 | 1 Rts | 1 Rtsinfo | 2025-04-12 | 5.4 MEDIUM | N/A |
| The RTSinfo (aka ch.rts.rtsinfo) application 1.4.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7670 | 1 Alawar | 1 Motor Town\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Motor Town: Machine Soul Free (aka com.alawar.motortownfree) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6715 | 1 Popoinnovation | 1 Slotmachine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||