Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6876 | 1 Serve | 1 American Express Serve | 2025-04-12 | 5.4 MEDIUM | N/A |
| The American Express Serve (aka com.serve.mobile) application @7F0901E4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7333 | 1 Qmania | 1 Aloha Guide | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Aloha Guide (aka com.aloha.guide.japnese) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5873 | 1 Sears | 1 Sears | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Sears (aka com.sears.android) application 6.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7663 | 1 Go-nitty-gritty | 1 Right To The Nitty Gritty | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Right to the Nitty Gritty (aka com.wGoNittyGritty) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5567 | 1 Hasb E Haal Project | 1 Hasb E Haal | 2025-04-12 | 5.4 MEDIUM | N/A |
| The hasb_e_haal (aka com.anawaz.hasb_e_haal) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5853 | 1 Withive | 1 Knights N Squires | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Knights N Squires (aka com.com2us.imhero.normal.freefull.google.global.android.common) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6909 | 1 Enyetech | 1 Coca-cola Fm Peru | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Coca-Cola FM Peru (aka com.enyetech.radio.coca_cola.fm_pe) application 2.0.41716 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7700 | 1 Chillingo | 1 Flying Fox | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Flying Fox (aka com.chillingo.slyfoxfree.android.aja) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6872 | 1 Ttnetmuzik | 1 Ttnet Muzik | 2025-04-12 | 5.4 MEDIUM | N/A |
| The TTNET Muzik (aka com.ttnet.muzik) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5958 | 1 Chatbox | 1 Chatbox - Chat Rooms | 2025-04-12 | 5.4 MEDIUM | N/A |
| The ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) application 2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-4887 | 1 Nobexrc | 1 Joint Radio Blues | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7325 | 1 Magzter | 1 Business Intelligence | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Business Intelligence (aka com.magzter.businessintelligence) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5724 | 1 Pocketmags | 1 Gambling Insider Magazine | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Gambling Insider Magazine (aka com.triactivemedia.gambling) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-7408 | 1 F5 | 1 Big-ip Analytics | 2025-04-12 | 7.5 HIGH | N/A |
| F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value. | |||||
| CVE-2014-4903 | 1 Mocoga | 1 Kakao Bingo Garden | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Kakao Bingo Garden (aka com.mocoga.bingogarden) application 1.0.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2012-6107 | 1 Apache | 1 Apache Axis2\/c | 2025-04-12 | 4.3 MEDIUM | N/A |
| Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2014-7543 | 1 Bloodjournal | 1 Blood | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Blood (aka com.sheridan.ash) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6782 | 1 Abrahamtours | 1 Abraham Tours | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Abraham Tours (aka com.mytoursapp.android.app432) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7520 | 1 Nova921 | 1 Nova 92.1 Fm | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Nova 92.1 FM (aka com.wNova921FM) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6803 | 1 Bm | 1 Bank Of Moscow Eirts Rent | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bank of Moscow EIRTS Rent (aka ru.bm.rbs.android) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||