Total
2500 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-5590 | 1 Snake Evolution Project | 1 Snake Evolution | 2025-04-12 | N/A |
| The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5592 | 1 Choiceoflove | 1 Free Dating Heart Col | 2025-04-12 | N/A |
| The Free Dating Heart COL (aka com.choiceoflove.dating) application 2.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5594 | 1 Cibc | 1 Cibc Mobile Banking | 2025-04-12 | N/A |
| The CIBC Mobile Banking (aka com.cibc.android.mobi) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5602 | 1 Magzter | 1 Magzter -magazine \& Book Store | 2025-04-12 | N/A |
| The Magzter -Magazine & Book Store (aka com.dci.magzter) application 3.31 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5612 | 1 Gmarket | 1 Gmarket | 2025-04-12 | N/A |
| The Gmarket (aka com.ebay.kr.gmarket) application 5.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5613 | 1 Entertailion | 1 Able Remote | 2025-04-12 | N/A |
| The Able Remote (aka com.entertailion.android.remote) application 2.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-0118 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2025-04-12 | N/A |
| IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit 9 before 9003 IF1 are distributed with MQ client JAR files that support only weak TLS ciphers, which might make it easier for remote attackers to obtain sensitive information by sniffing the network during a connection to an Integration Bus node. | ||||
| CVE-2014-5948 | 1 Barackobama | 1 Obama For America | 2025-04-12 | N/A |
| The Obama for America (aka com.barackobama.ofa) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5749 | 1 Wooga | 1 Jelly Splash | 2025-04-12 | N/A |
| The Jelly Splash (aka com.wooga.jelly_splash) application 1.11.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5750 | 1 Pro Bet Tips Project | 1 Pro Bet Tips | 2025-04-12 | N/A |
| The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5751 | 1 Tor Browser The Short Guide Project | 1 Tor Browser The Short Guide | 2025-04-12 | N/A |
| The Tor Browser the Short Guide (aka com.wTorShortUserManual) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5756 | 1 99only | 1 Buy 99 Cents Only Products | 2025-04-12 | N/A |
| The Buy 99 Cents Only Products (aka com.ww99CentsOnlyStores) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5759 | 1 Awesome Antivirus 2014 Project | 1 Awesome Antivirus 2014 | 2025-04-12 | N/A |
| The Awesome Antivirus 2014 (aka com.yoursite.top5antivirus2014) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5760 | 1 Pizzahut | 1 Pizza Hut | 2025-04-12 | N/A |
| The Pizza Hut (aka com.yum.pizzahut) application 2.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5774 | 1 Web Browser \& Explorer Project | 1 Web Browser \& Explorer | 2025-04-12 | N/A |
| The Web Browser & Explorer (aka internetexplorer.browser.webexplorer) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-2268 | 1 Dell | 1 Secureworks | 2025-04-12 | N/A |
| Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-5824 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly verify X.509 certificates from SSL servers after a certificate change, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2010-0362 | 1 Zeus | 1 Zeus Web Server | 2025-04-11 | N/A |
| Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses. | ||||
| CVE-2010-3400 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-11 | N/A |
| The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2008-5913. | ||||
| CVE-2010-2978 | 1 Cisco | 1 Unified Wireless Network Solution Software | 2025-04-11 | N/A |
| Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. | ||||