Total
2504 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7543 | 1 Bloodjournal | 1 Blood | 2025-04-12 | N/A |
| The Blood (aka com.sheridan.ash) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2013-2125 | 1 Openbsd | 1 Opensmtpd | 2025-04-12 | N/A |
| OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open. | ||||
| CVE-2014-7025 | 1 Whoisit | 1 Who-is-it\? Lite Name Caller Time Limited Free | 2025-04-12 | N/A |
| The Who-is-it? Lite name caller time limited free (aka de.profiler.android.whoisit) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7132 | 1 Jambatan Pbb Semporna Project | 1 Jambatan Pbb Semporna | 2025-04-12 | N/A |
| The Jambatan PBB Semporna (aka com.wJAMBATANPBBSEMPORNA) application 13523.82613 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7544 | 1 Narr8 | 1 Secret City - Motion Comic | 2025-04-12 | N/A |
| The Secret City - Motion Comic (aka me.narr8.android.serial.the_secret_city) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7036 | 1 Questfcu | 1 Quest Federal Cu Mobile | 2025-04-12 | N/A |
| The Quest Federal CU Mobile (aka com.metova.cuae.questfcu) application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7038 | 1 Al Jazeera Project | 1 Al Jazeera | 2025-04-12 | N/A |
| The Al Jazeera (aka com.Al.Jazeera.net) application 6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7039 | 1 Roguewaveproductionsllc | 1 Wild Women United | 2025-04-12 | N/A |
| The Wild Women United (aka com.wildwomenunited) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7546 | 1 Buddhist Prayer Project | 1 Buddhist Prayer | 2025-04-12 | N/A |
| The Buddhist Prayer (aka com.buddhist.prayer.mantra.sutra) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2013-2758 | 2 Apache, Citrix | 2 Cloudstack, Cloudplatform | 2025-04-12 | N/A |
| Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers to guess the console access URL via a brute force attack. | ||||
| CVE-2014-7491 | 1 Ireadercity | 1 Short Stories | 2025-04-12 | N/A |
| The Short Stories (aka com.ireadercity.c48) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5554 | 1 Ilearnwith | 1 Fun Preschool Creativity Game | 2025-04-12 | N/A |
| The Fun Preschool Creativity Game (aka air.com.tribalnova.ilearnwith.ipad.MotherAppEn) application 1.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7448 | 1 Magzter | 1 Dealside Institutional | 2025-04-12 | N/A |
| The DealSide Institutional (aka com.magzter.dealsideinstitutional) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5563 | 1 Show Do Milhao 2014 Project | 1 Show Do Milhao 2014 | 2025-04-12 | N/A |
| The Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application 1.4.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-2716 | 1 Ekahau | 4 Activator, B4 Staff Badge Tag, B4 Staff Badge Tag Firmware and 1 more | 2025-04-12 | N/A |
| Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts. | ||||
| CVE-2014-7564 | 1 Bookformobile | 1 Simple Car Care Tip And Advice | 2025-04-12 | N/A |
| The Simple Car Care Tip and Advice (aka com.a1481542198504ee106f182c8a.a40350826a) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7570 | 1 Fire Equipments Screen Lock Project | 1 Fire Equipments Screen Lock | 2025-04-12 | N/A |
| The Fire Equipments Screen lock (aka com.locktheworld.screen.lock.theme.FireEquipments) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7449 | 1 Ngemc | 1 My Ngemc Account | 2025-04-12 | N/A |
| The My NGEMC Account (aka com.ngemc.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7573 | 1 Harvestyourdata | 1 Droid Survey Offline Forms | 2025-04-12 | N/A |
| The droid Survey Offline Forms (aka com.contact.droidSURVEY) application 2.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7013 | 1 Funny Photo Color Editor Project | 1 Funny Photo Color Editor | 2025-04-12 | N/A |
| The Funny Photo Color Editor (aka com.doirdeditor.funcloreditor) application 0.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||