Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-1976 | 1 Yumenomachi | 1 Demaecan | 2025-04-12 | N/A |
| The Demaecan application 2.1.0 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-2001 | 1 Jreast | 1 Jr East Japan | 2025-04-12 | N/A |
| The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7072 | 1 Offertaviaggi | 1 Venezia Map | 2025-04-12 | N/A |
| The Venezia map (aka com.wVeneziamap) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7581 | 1 Quotes Of Travis Barker Project | 1 Quotes Of Travis Barker | 2025-04-12 | N/A |
| The Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) application 0.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-8804 | 4 Canonical, Nettle Project, Opensuse and 1 more | 5 Ubuntu Linux, Nettle, Leap and 2 more | 2025-04-12 | N/A |
| x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors. | ||||
| CVE-2014-7075 | 1 Happycloud | 1 Happy | 2025-04-12 | N/A |
| The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7076 | 1 Magzter | 1 Sanctuary Asia | 2025-04-12 | N/A |
| The Sanctuary Asia (aka com.magzter.sanctuaryasia) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7080 | 1 Sigong Ebook Project | 1 Sigong Ebook | 2025-04-12 | N/A |
| The Sigong ebook (aka com.sigongsa.sigonggenre) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7082 | 1 Imapp | 1 No Disturb | 2025-04-12 | N/A |
| The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7099 | 1 Magzter | 1 Woodcraft Magazine | 2025-04-12 | N/A |
| The Woodcraft Magazine (aka com.magzter.woodcraftmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7103 | 1 Oskarshamnsliv Project | 1 Oskarshamnsliv | 2025-04-12 | N/A |
| The Oskarshamnsliv (aka appinventor.ai_stadslivsguiden.Oskarshamnsliv) application 6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7144 | 2 Openstack, Redhat | 3 Keystonemiddleware, Python-keystoneclient, Openstack | 2025-04-12 | N/A |
| OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. | ||||
| CVE-2014-5783 | 1 Playscape | 1 Bouncy Bill Monster Smasher Ed | 2025-04-12 | N/A |
| The Bouncy Bill Monster Smasher ed (aka mominis.Generic_Android.Bouncy_Bill_Monster_Smasher_Edition) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5787 | 1 Playscape | 1 Ninja Chicken | 2025-04-12 | N/A |
| The Ninja Chicken (aka mominis.Generic_Android.Ninja_Chicken) application 1.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5797 | 1 Nonghyup | 1 Smart | 2025-04-12 | N/A |
| The smart (aka nh.smart) application 3.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5798 | 1 Nonghyup | 1 Smart Calculator | 2025-04-12 | N/A |
| The smart.calculator (aka nh.smart.calculator) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-2319 | 1 Powerarchiver | 1 Powerarchiver | 2025-04-12 | N/A |
| The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack. | ||||
| CVE-2016-1788 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages. | ||||
| CVE-2015-4637 | 1 F5 | 4 Big-iq Adc, Big-iq Cloud, Big-iq Device and 1 more | 2025-04-12 | N/A |
| The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 before HF2, when configured for LDAP remote authentication and the LDAP server allows anonymous BIND operations, allows remote attackers to obtain an authentication token for arbitrary users by guessing an LDAP user account name. | ||||
| CVE-2014-7454 | 1 Mbtcreations | 1 Detox Juicing Diet Recipes | 2025-04-12 | N/A |
| The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||