Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-6153 | 1 Ibm | 1 Websphere Service Registry And Repository | 2025-04-12 | N/A |
| The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | ||||
| CVE-2014-5789 | 1 Playscape | 1 Ninja Chicken Ooga Booga | 2025-04-12 | N/A |
| The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicken_Ooga_Booga) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2013-5444 | 1 Ibm | 1 Cognos Express | 2025-04-12 | N/A |
| The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors. | ||||
| CVE-2014-0636 | 1 Dell | 1 Bsafe Micro-edition-suite | 2025-04-12 | N/A |
| EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain. | ||||
| CVE-2014-6834 | 1 Instaroid - Instagram Viewer Project | 1 Instaroid - Instagram Viewer | 2025-04-12 | N/A |
| The Instaroid - Instagram Viewer (aka net.muik.instaroid) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7644 | 1 Doapps | 1 Go Msx Mls | 2025-04-12 | N/A |
| The Go MSX MLS (aka com.doapps.android.realestate.RE_16b9c09c4d5b0e174208f35e7c49f9a0) application 2.3.4.MR3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7697 | 1 Endulujans | 1 Eyvah\! Bosandim Ozgurum | 2025-04-12 | N/A |
| The Eyvah! Bosandim ozgurum (aka com.wEyvahBosandimBlog) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7742 | 1 Informaciondelvaticano | 1 Noticias Del Vaticano | 2025-04-12 | N/A |
| The Noticias del Vaticano (aka com.wNoticiasdelVaticano) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7743 | 1 Humor Ironias Y Realidades Project | 1 Humor Ironias Y Realidades | 2025-04-12 | N/A |
| The Humor Ironias y Realidades (aka com.wHumork) application 0.63.13371.13576 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7744 | 1 Musulmanin | 1 Musulmanin.com | 2025-04-12 | N/A |
| The Musulmanin.com (aka com.wSalyafiyailimurdjiya) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7763 | 1 Mirucho | 1 Listen Up\! Mirucho | 2025-04-12 | N/A |
| The Listen up! mirucho (aka jp.ameba.kiiteyo.android) application 1.1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7771 | 1 Worldtamilbayan | 1 World Tamil Bayan | 2025-04-12 | N/A |
| The World Tamil Bayan (aka com.wWorldTamilBayan) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7780 | 1 Ienvisage | 1 Pakistan Cricket News | 2025-04-12 | N/A |
| The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application 1.21.38.6504 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6876 | 1 Serve | 1 American Express Serve | 2025-04-12 | N/A |
| The American Express Serve (aka com.serve.mobile) application @7F0901E4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6140 | 1 Ibm | 1 Tivoli Endpoint Manager Mobile Device Management | 2025-04-12 | N/A |
| IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote attackers to execute arbitrary code via crafted marshalled Ruby objects in cookies to (1) Enrollment and Apple iOS Management Extender, (2) Self-service portal, (3) Trusted Services provider, or (4) Admin Portal. | ||||
| CVE-2014-9742 | 1 Botan Project | 1 Botan | 2025-04-12 | N/A |
| The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group. | ||||
| CVE-2014-5171 | 1 Sap | 1 Hana Extended Application Services | 2025-04-12 | N/A |
| SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network. | ||||
| CVE-2014-6894 | 1 Lucktastic | 1 Lucktastic | 2025-04-12 | N/A |
| The Lucktastic (aka com.lucktastic.scratch) application 1.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7638 | 1 Nobexrc | 1 Fabuestereo 88.1 Fm | 2025-04-12 | N/A |
| The Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7636 | 1 Unitedhawknation | 1 United Hawk Nation | 2025-04-12 | N/A |
| The United Hawk Nation (aka com.united12thman) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||