Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7040 | 1 Unicreditgroup | 1 Unicredit Investors | 2025-04-12 | 5.4 MEDIUM | N/A |
| The UniCredit Investors (aka eu.unicreditgroup.brand.ucinvestors) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6662 | 1 Krstarica | 1 Forum Krstarice | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Forum Krstarice (aka com.tapatalk.forumkrstaricacom) application 3.5.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6016 | 1 Celluloidapp | 1 Celluloid | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Celluloid (aka com.eurisko.celluloid) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6922 | 1 Listener-interactive | 1 Kfai Community Radio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The KFAI Community Radio (aka com.skyblue.pra.kfai) application 2.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0350 | 1 Pocoproject | 1 Poco C\+\+ Libraries | 2025-04-12 | 6.4 MEDIUM | N/A |
| The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate. | |||||
| CVE-2014-7083 | 1 Jiujik | 1 Jiu Jik | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Jiu Jik (aka com.scmp.jiujik) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7702 | 1 Ahtty | 1 Ahtty | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ahtty (aka com.crevation.babylon.ahtty) application 1.97.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6746 | 1 Infinitiusa | 1 Infiniti Roadside Assistance | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5664 | 1 Mobilityware | 1 Spider Solitaire | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Spider Solitaire (aka com.mobilityware.spider) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6834 | 1 Instaroid - Instagram Viewer Project | 1 Instaroid - Instagram Viewer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Instaroid - Instagram Viewer (aka net.muik.instaroid) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6777 | 1 Blueeleph Project | 1 Blueeleph | 2025-04-12 | 5.4 MEDIUM | N/A |
| The blueeleph (aka eg.film.blueeleph) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6987 | 1 Mass Gaming Tv Project | 1 Mass Gaming Tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Mass Gaming TV (aka net.massgamers) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5936 | 1 Incognito Private Browser Project | 1 Incognito Private Browser | 2025-04-12 | 5.4 MEDIUM | N/A |
| The INCOgnito Private Browser (aka com.SL.InCoBrowser) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-3125 | 3 Fedoraproject, Opensuse, Proftpd | 3 Fedora, Opensuse, Proftpd | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2014-6013 | 1 Nuphoto | 1 Nusquare | 2025-04-12 | 5.4 MEDIUM | N/A |
| The nuSquare (aka tw.com.nuphoto.nusquare) application 1.0.78 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6924 | 1 Metroseoul | 1 Metro News | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Metro News (aka com.netpia.ha.metro) application 1.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7695 | 1 Easaa | 1 Easaa Baoneng | 2025-04-12 | 5.4 MEDIUM | N/A |
| The easaa Baoneng (aka com.easaa.baoneng) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5675 | 1 Pinssible | 1 Phonegram - Instagram Download | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Phonegram - Instagram Download (aka com.pinssible.padgram) application 1.9.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7015 | 1 Jjmatch | 1 Jj Texas Hold\'em Poker | 2025-04-12 | 5.4 MEDIUM | N/A |
| The JJ Texas Hold'em Poker (aka cn.jj.poker) application 1.13.23.HD for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7395 | 1 Usfbcm | 1 Usf Bcm | 2025-04-12 | 5.4 MEDIUM | N/A |
| The USF BCM (aka com.appmakr.app193115) application 252847 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||