Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0741 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | ||||
| CVE-2014-7550 | 1 Basketball News \& Videos Project | 1 Basketball News \& Videos | 2025-04-12 | N/A |
| The basketball news & videos (aka com.basketbal.news.caesar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-0866 | 1 Ibm | 2 Algo Credit Limits, Algorithmics | 2025-04-12 | N/A |
| RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics sends cleartext credentials over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2014-0936 | 1 Ibm | 1 Security Appscan Source | 2025-04-12 | N/A |
| IBM Security AppScan Source 8.0 through 9.0, when the publish-assessment permission is not properly restricted for the configured database server, transmits cleartext assessment data, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2014-1210 | 1 Vmware | 1 Vsphere Client | 2025-04-12 | N/A |
| VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | ||||
| CVE-2014-7568 | 1 Automon | 1 Marcus Butler Unofficial | 2025-04-12 | N/A |
| The Marcus Butler Unofficial (aka com.automon.ay.marcus.butler) application 1.4.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5782 | 1 Playscape | 1 Bouncy Bill Holloween | 2025-04-12 | N/A |
| The Bouncy Bill Halloween (aka mominis.Generic_Android.Bouncy_Bill_Halloween) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5792 | 1 Drecom | 1 Reign Of Dragons\ | 2025-04-12 | N/A |
| The Reign of Dragons: Build-Battle (aka net.gree.android.pf.greeapp57501) application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5794 | 1 Passion4profession | 1 8 Minutes Abs Workout | 2025-04-12 | N/A |
| The 8 Minutes Abs Workout (aka net.p4p.absen) application 2.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5785 | 1 Playscape | 1 Bouncy Bill World-cup | 2025-04-12 | N/A |
| The Bouncy Bill World-Cup (aka mominis.Generic_Android.Bouncy_Bill_World_Cup) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7597 | 1 Gowkster | 1 Fabulas Infantiles | 2025-04-12 | N/A |
| The Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-1771 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | N/A |
| SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "TLS Server Certificate Renegotiation Vulnerability." | ||||
| CVE-2014-5799 | 1 Nonghyup | 1 Smart Card | 2025-04-12 | N/A |
| The smart.card (aka nh.smart.card) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5810 | 1 Sgk | 1 Sgk Hizmet Dokumu 4a | 2025-04-12 | N/A |
| The SGK Hizmet Dokumu 4a (aka tr.gov.sgk.hizmetDokumu4a) application 1.103 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5815 | 1 Mavenhut | 1 Solitaire Arena | 2025-04-12 | N/A |
| The Solitaire Arena (aka com.mavenhut.solitaire) application 1.0.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-1976 | 1 Yumenomachi | 1 Demaecan | 2025-04-12 | N/A |
| The Demaecan application 2.1.0 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2010-4832 | 1 Google | 1 Android | 2025-04-12 | N/A |
| Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which (1) the certificate of the last loaded resource is checked, instead of for the main page, or (2) later certificates are not checked when the HTTPS connection is reused. | ||||
| CVE-2014-5800 | 1 Nonghyup | 1 Smart Nhibzbanking | 2025-04-12 | N/A |
| The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5811 | 1 Zoom | 1 Zoom Cloud Meetings | 2025-04-12 | N/A |
| The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application @7F060008 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-5907 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate. | ||||