Total
2501 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7791 | 1 Appsgeyser | 1 Backyard Wrestling | 2025-04-12 | N/A |
| The Backyard Wrestling (aka com.wBackyardWrestling) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7795 | 1 Itp | 1 Harpers Bazaar Art | 2025-04-12 | N/A |
| The Harpers Bazaar Art (aka com.itp.harpersart) application @7F080181 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7798 | 1 Enyetech | 1 Coca-cola Fm Brasil | 2025-04-12 | N/A |
| The Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) application 2.0.41709 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6020 | 1 Fuelrewards | 1 Fuel Rewards Network | 2025-04-12 | N/A |
| The Fuel Rewards Network (aka com.excentus.frn) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7495 | 1 Logosquest - Beginnings Project | 1 Logosquest - Beginnings | 2025-04-12 | N/A |
| The LogosQuest - Beginnings (aka com.wLogosQuest) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7968 | 1 Redhat | 3 Enterprise Linux, Rhev Manager, Virtual Desktop Service Manager | 2025-04-12 | N/A |
| VDSM allows remote attackers to cause a denial of service (connection blocking) by keeping an SSL connection open. | ||||
| CVE-2014-7991 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a legitimate Certification Authority, aka Bug ID CSCuq86376. | ||||
| CVE-2014-5819 | 1 Mopl | 1 Phone For Google Voice \& Gtalk | 2025-04-12 | N/A |
| The PHONE for Google Voice & GTalk (aka com.moplus.gvphone) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6952 | 1 Manga Facts Project | 1 Manga Facts | 2025-04-12 | N/A |
| The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-8243 | 1 Linksys | 20 E4200v2, E4200v2 Firmware, Ea2700 and 17 more | 2025-04-12 | N/A |
| Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI. | ||||
| CVE-2016-7270 | 1 Microsoft | 1 .net Framework | 2025-04-12 | N/A |
| The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain sensitive cleartext information by leveraging key guessability, aka ".NET Information Disclosure Vulnerability." | ||||
| CVE-2013-4488 | 1 Libgadu | 1 Libgadu | 2025-04-12 | N/A |
| libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. | ||||
| CVE-2014-5763 | 1 Zoodles | 1 Kid Mode\ | 2025-04-12 | N/A |
| The Kid Mode: Free Games + Lock (aka com.zoodles.kidmode) application 4.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-8642 | 2 Mozilla, Opensuse | 3 Firefox, Seamonkey, Opensuse | 2025-04-12 | N/A |
| Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate. | ||||
| CVE-2014-5970 | 1 Babybus | 1 Babybus | 2025-04-12 | N/A |
| The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6964 | 1 Hyonga | 1 Hanyang University Admissions | 2025-04-12 | N/A |
| The Hanyang University Admissions (aka kr.ac.hanyang.planner) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6858 | 1 Mostafa Shemeas Project | 1 Mostafa Shemeas | 2025-04-12 | N/A |
| The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2013-6445 | 1 Redhat | 1 Enterprise Mrg | 2025-04-12 | N/A |
| Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. | ||||
| CVE-2014-7492 | 1 Tejonstore | 1 Secretos De Belleza | 2025-04-12 | N/A |
| The Secretos de belleza (aka com.rareartifact.secretosdebelleza83A55CB8) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7491 | 1 Ireadercity | 1 Short Stories | 2025-04-12 | N/A |
| The Short Stories (aka com.ireadercity.c48) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||