Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6989 | 1 Germanwings | 1 Germanwings | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Germanwings (aka com.germanwings.android) application 2.1.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5767 | 1 Shape | 1 Im\+ | 2025-04-12 | 5.4 MEDIUM | N/A |
| The IM+ (aka de.shapeservices.impluslite) application 6.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7521 | 1 Mobiloapps | 1 Anderson Musaamil | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Anderson Musaamil (aka com.app_andersonmusaamil.layout) application 1.400 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5910 | 1 Dog Whistle Project | 1 Dog Whistle | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5528 | 1 Appsflyer | 1 Appsflyer | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Appsflyer library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6671 | 1 Letshare | 1 World Cup 2014 Brazil - Xem Tv | 2025-04-12 | 5.4 MEDIUM | N/A |
| The World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5671 | 1 Noodlecake | 1 Super Stickman Golf | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Super Stickman Golf (aka com.noodlecake.ssg) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-0173 | 1 Theforeman | 1 Foreman | 2025-04-12 | 5.0 MEDIUM | N/A |
| Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. | |||||
| CVE-2014-4901 | 1 Tradingandinvesting4u | 1 Bond Trading | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Bond Trading (aka com.appmakr.app613309) application 197705 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5816 | 1 Meipai | 1 Meipai | 2025-04-12 | 5.4 MEDIUM | N/A |
| The MeiPai (aka com.meitu.meipaimv) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-0351 | 1 Fortinet | 1 Fortios | 2025-04-12 | 5.4 MEDIUM | N/A |
| The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream. | |||||
| CVE-2014-5750 | 1 Pro Bet Tips Project | 1 Pro Bet Tips | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5323 | 1 Yukoyuko | 1 Yuko Yuko | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application 1.0.5 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7633 | 1 Tappocket | 1 Dino Zoo | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7017 | 1 Tim Ban Bon Phuong Project | 1 Tim Ban Bon Phuong | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Tim Ban Bon Phuong (aka com.entertaiment.timbanbonphuong) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7049 | 1 Somcloud | 1 Somtodo - Task\/to-do Widget | 2025-04-12 | 5.4 MEDIUM | N/A |
| The SomTodo - Task/To-do widget (aka com.somcloud.somtodo) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-1570 | 1 Fortinet | 1 Forticlient | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate. | |||||
| CVE-2014-6877 | 1 Santanderbank | 1 Santander Personal Banking | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Santander Personal Banking (aka com.sovereign.santander) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5948 | 1 Barackobama | 1 Obama For America | 2025-04-12 | 5.4 MEDIUM | N/A |
| The Obama for America (aka com.barackobama.ofa) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6023 | 1 S-peek | 1 S-peek Credit Rating Report | 2025-04-12 | 5.4 MEDIUM | N/A |
| The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||