Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7760 | 1 Goo | 1 Health Assistance Service | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Health assistance service (aka net.nttcloud.ft.karada) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7002 | 1 Goomeo | 1 Sopexa Pavillon France | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) application 3.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5833 | 1 Onelouder | 1 Friendcaster Chat | 2025-04-12 | 5.4 MEDIUM | N/A |
| The FriendCaster Chat (aka com.handmark.friendcaster.chat) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5802 | 1 Playscape | 1 Playscape | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PlayScape (aka playscape.mominis.gameconsole.com) application 9.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5606 | 1 Disney | 1 Where\'s My Perry\? Free | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5560 | 1 Mdickie | 1 Popscene | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Popscene (Music Industry Sim) (aka air.Popscene) application 1.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7459 | 1 Civitasmedia | 1 Press-leader | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Press-Leader (aka com.soln.S95309F65AD59F99CFC2C710A517B0B7E) application 1.0011.b0011 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6711 | 1 Nobexrc | 1 Abc Lounge Webradio | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ABC Lounge Webradio (aka com.nobexinc.wls_66087017.rc) application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0103 | 2 Fedoraproject, Zarafa | 3 Fedora, Webapp, Zarafa | 2025-04-12 | 2.1 LOW | N/A |
| WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files. | |||||
| CVE-2014-6023 | 1 S-peek | 1 S-peek Credit Rating Report | 2025-04-12 | 5.4 MEDIUM | N/A |
| The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6136 | 1 Ibm | 1 Security Appscan | 2025-04-12 | 5.0 MEDIUM | N/A |
| IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2014-6898 | 1 Boopsie | 1 Boopsie Mylibrary | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Boopsie MyLibrary (aka com.bredir.boopsie.mylibrary) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-3302 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 5.8 MEDIUM | N/A |
| user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708. | |||||
| CVE-2014-7800 | 1 Daily Green Project | 1 Daily Green | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Daily Green (aka it.opentt.blog.dailygreen) application 2014.07 dlygrn for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5596 | 1 Withhive | 1 Homerun Battle 2 | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Homerun Battle 2 (aka com.com2us.homerunbattle2.normal.freefull.google.global.android.common) application 1.2.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6802 | 1 Subsplash | 1 First Assembly Nlr | 2025-04-12 | 5.4 MEDIUM | N/A |
| The First Assembly NLR (aka com.subsplash.thechurchapp.firstassemblynlr) application 2.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7134 | 1 Skydreams | 1 Prof. Usman Ali Awheela | 2025-04-12 | 5.4 MEDIUM | N/A |
| The PROF. USMAN ALI AWHEELA (aka com.wPROFUAAWHEELA) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5809 | 1 Geniuscloud | 1 Smart Browser | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Smart Browser (aka smartbrowser.geniuscloud) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6957 | 1 Boopsie | 1 Scottcolibmn | 2025-04-12 | 5.4 MEDIUM | N/A |
| The scottcolibmn (aka com.bredir.boopsie.scottlib) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5762 | 1 Zeptolab | 1 Cut The Rope\ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||