Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-5613 | 1 Entertailion | 1 Able Remote | 2025-04-12 | N/A |
| The Able Remote (aka com.entertailion.android.remote) application 2.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5572 | 1 Jazzpodiumdetor | 1 Jazzpodium De Tor | 2025-04-12 | N/A |
| The Jazzpodium De Tor (aka com.appmakr.app273713) application 206160 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5617 | 1 Exsoul-browser | 1 Exsoul Web Browser | 2025-04-12 | N/A |
| The Exsoul Web Browser (aka com.exsoul) application 3.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7391 | 1 Pintsized | 1 Synx Addictive Puzzle Game | 2025-04-12 | N/A |
| The Synx addictive puzzle game (aka us.synx.mobile.play) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5626 | 1 Gameloft | 1 Brothers In Arms 2 Free\+ | 2025-04-12 | N/A |
| The Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) application 1.2.0b for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-9037 | 3 Debian, Mageia Project, Wordpress | 3 Debian Linux, Mageia, Wordpress | 2025-04-12 | N/A |
| WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash. | ||||
| CVE-2014-5857 | 1 Avantar | 1 White \& Yellow Pages | 2025-04-12 | N/A |
| The White & Yellow Pages (aka com.avantar.wny) application 5.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-4754 | 1 Apple | 1 Os X Server | 2025-04-12 | N/A |
| ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | ||||
| CVE-2014-5633 | 1 Girlsgames123 | 1 Kiss Kiss Office | 2025-04-12 | N/A |
| The Kiss Kiss Office (aka com.girlsgames123.kisskissoffice) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7024 | 1 Pdlk | 1 Hardest Game Collection | 2025-04-12 | N/A |
| The Hardest Game Collection (aka com.lotfun.abuse) application 1.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5634 | 1 Madipass | 1 Madipass Martinique | 2025-04-12 | N/A |
| The Madipass Martinique (aka com.goodbarber.madipassmartinique) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-1273 | 1 Juniper | 3 Junos, Qfx10002, Qfx5100 | 2025-04-12 | N/A |
| Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic encryption and authentication protection mechanisms via unspecified vectors. | ||||
| CVE-2014-5635 | 1 Createdineden | 1 Buy Yorkshire Conference | 2025-04-12 | N/A |
| The Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-2306 | 1 Ecava | 1 Integraxor | 2025-04-12 | N/A |
| The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. | ||||
| CVE-2016-2951 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data. | ||||
| CVE-2016-4005 | 1 Huawei | 1 Hilink App | 2025-04-12 | N/A |
| The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008. | ||||
| CVE-2014-7550 | 1 Basketball News \& Videos Project | 1 Basketball News \& Videos | 2025-04-12 | N/A |
| The basketball news & videos (aka com.basketbal.news.caesar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-4495 | 1 Kmc Controls | 2 Bac-5051e, Bac-5051e Firmware | 2025-04-12 | N/A |
| KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allow remote attackers to bypass intended access restrictions and read a configuration file via unspecified vectors. | ||||
| CVE-2014-5651 | 1 Kicksend | 1 Kicksend\ | 2025-04-12 | N/A |
| The Kicksend: Share & Print Photos (aka com.kicksend.android) application 3.3.2.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5852 | 1 Withhive | 1 Kakao | 2025-04-12 | N/A |
| The Kakao (aka com.com2us.tinypang.kakao.freefull2.google.global.android.common) application 2.11.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||