Total
2502 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-6667 | 1 Racemotocross Project | 1 Racemotocross | 2025-04-12 | N/A |
| The racemotocross (aka com.bossappsmk.racemotocross) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6672 | 1 Friendcasterapp | 1 Friendcaster | 2025-04-12 | N/A |
| The Friendcaster (aka uk.co.senab.blueNotifyFree) application 5.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7510 | 1 Present-technologies | 1 Graffit It | 2025-04-12 | N/A |
| The Graffit It (aka com.presenttechnologies.graffitit) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7509 | 1 Ireadercity | 1 A Very Short History Of Japan | 2025-04-12 | N/A |
| The A Very Short History of Japan (aka com.ireadercity.c51) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5971 | 1 Fiksu | 1 Fiksu Library | 2025-04-12 | N/A |
| The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6848 | 1 Synology | 1 Ds File | 2025-04-12 | N/A |
| The DS file (aka com.synology.DSfile) application 4.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6761 | 1 Pimpstore | 1 Aprende A Meditar | 2025-04-12 | N/A |
| The Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7506 | 1 Imapp | 1 Realtime Music Rank | 2025-04-12 | N/A |
| The Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) application 5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7501 | 1 Translation Widget Project | 1 Translation Widget | 2025-04-12 | N/A |
| The Translation Widget (aka com.wTranslationGadget) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5701 | 1 Skout | 1 Skout\ | 2025-04-12 | N/A |
| The Skout: Chats. Friends. Fun. (aka com.skout.android) application 4.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7499 | 1 Ireadercity | 1 Sword | 2025-04-12 | N/A |
| The Sword (aka com.ireadercity.c25) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7495 | 1 Logosquest - Beginnings Project | 1 Logosquest - Beginnings | 2025-04-12 | N/A |
| The LogosQuest - Beginnings (aka com.wLogosQuest) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5970 | 1 Babybus | 1 Babybus | 2025-04-12 | N/A |
| The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5673 | 1 Nq | 1 Easy Finder \& Anti-theft | 2025-04-12 | N/A |
| The Easy Finder & Anti-Theft (aka com.nqmobile.easyfinder) application 2.0.10.08 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7492 | 1 Tejonstore | 1 Secretos De Belleza | 2025-04-12 | N/A |
| The Secretos de belleza (aka com.rareartifact.secretosdebelleza83A55CB8) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7491 | 1 Ireadercity | 1 Short Stories | 2025-04-12 | N/A |
| The Short Stories (aka com.ireadercity.c48) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2013-2100 | 1 Gentoo | 1 Portage | 2025-04-12 | N/A |
| The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate. | ||||
| CVE-2014-7490 | 1 Magzter | 1 Menaka - Marathi | 2025-04-12 | N/A |
| The Menaka - Marathi (aka com.magzter.menakamarathi) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7488 | 1 Highlighterstudio | 1 Vineyard All In | 2025-04-12 | N/A |
| The Vineyard All In (aka com.wVineyardAllIn) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-2741 | 3 Mozilla, Oracle, Redhat | 4 Firefox, Firefox Esr, Solaris and 1 more | 2025-04-12 | N/A |
| Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled. | ||||