Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4416 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-7524 1 Bed And Breakfast Project 1 Bed And Breakfast 2025-04-12 N/A
The Bed and Breakfast (aka com.wbedandbreakfastapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7526 1 Immunize 1 Immunize Canada 2025-04-12 N/A
The Immunize Canada (aka ca.ohri.immunizeapp) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7534 1 Buydot 1 Funny \& Interesting Things 2025-04-12 N/A
The Funny & Interesting Things (aka com.wFunnyandInterestingThings) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7557 1 Zroadster 1 Zroadster.com 2025-04-12 N/A
The zroadster.com (aka com.tapatalk.zroadstercomforum) application 2.4.13.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7565 1 Gmt-editions 1 Rando Noeux 2025-04-12 N/A
The Rando Noeux (aka com.gmteditions.NoeuxLesMinesDistrib) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7573 1 Harvestyourdata 1 Droid Survey Offline Forms 2025-04-12 N/A
The droid Survey Offline Forms (aka com.contact.droidSURVEY) application 2.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7584 1 Dataparadigm 1 Acn2go 2025-04-12 N/A
The ACN2GO (aka com.dataparadigm.acnmobile) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7585 1 Gcspublishing 1 Biplane Forum 2025-04-12 N/A
The Biplane Forum (aka com.gcspublishing.biplaneforum) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7605 1 Actorskey 1 Actors Key 2025-04-12 N/A
The Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.app) application 1.6.24.477 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7606 1 Concursive 1 Concursive 2025-04-12 N/A
The Concursive (aka com.concursive.app) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-1569 1 Fortinet 1 Forticlient 2025-04-12 N/A
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof SSL VPN servers via a crafted certificate.
CVE-2015-1596 1 Siemens 1 Spcanywhere 2025-04-12 N/A
The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-1672 1 Microsoft 1 .net Framework 2025-04-12 N/A
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability."
CVE-2014-6679 1 Wepisdparentportal Project 1 Wepisdparentportal 2025-04-12 N/A
The wEPISDParentPortal (aka com.dreamstep.wEPISDParentPortal) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7552 1 129zou 1 Zombie Diary 2025-04-12 N/A
The Zombie Diary (aka com.ezjoy.feelingtouch.zombiediary) application 1.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-8945 1 Openshift 1 Origin 2025-04-12 N/A
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
CVE-2014-6932 1 All Navalny Project 1 All Navalny 2025-04-12 N/A
The All Navalny (aka com.all.navalny) application 1.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6924 1 Metroseoul 1 Metro News 2025-04-12 N/A
The Metro News (aka com.netpia.ha.metro) application 1.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6920 1 Canal44 1 Canal 44 2025-04-12 N/A
The Canal 44 (aka com.canal.canal44) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6917 1 Kftc 1 Www.knote.kr Smart 2025-04-12 N/A
The www.knote.kr Smart (aka kr.or.knote.android) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.