Export limit exceeded: 359386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2509 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-6773 | 1 Bowenehs | 1 Cih Quiz Game | 2025-04-12 | N/A |
| The CIH Quiz game (aka com.bowenehs.cihquizgameapp) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-1596 | 1 Siemens | 1 Spcanywhere | 2025-04-12 | N/A |
| The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2015-7923 | 1 Westermo | 1 Weos | 2025-04-12 | N/A |
| Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key. | ||||
| CVE-2014-6176 | 1 Ibm | 3 Business Process Manager, Websphere Enterprise Service Bus, Websphere Process Server | 2025-04-12 | N/A |
| IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5 disregard the SSL setting in the SCA module HTTP import binding and unconditionally select the SSLv3 protocol, which makes it easier for remote attackers to hijack sessions or obtain sensitive information by leveraging the use of a weak cipher. | ||||
| CVE-2014-7406 | 1 Deakin | 1 Deakin University | 2025-04-12 | N/A |
| The Deakin University (aka com.desire2learn.campuslife.deakin.edu.au.directory) application 1.1.729.1694 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7441 | 1 Pakan Ken Tube Project | 1 Pakan Ken Tube | 2025-04-12 | N/A |
| The Pakan Ken Tube (aka com.PakanKen) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7443 | 1 Face Fun Photo Collage Maker Project | 1 Face Fun Photo Collage Maker 2 | 2025-04-12 | N/A |
| The Face Fun Photo Collage Maker 2 (aka com.kauf.facefunphotocollagemaker2) application 1.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7445 | 1 Jowangel | 1 Legend Of Trance | 2025-04-12 | N/A |
| The LEGEND OF TRANCE (aka com.legendoftrance) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7447 | 1 Dattch | 1 Dattch - The Lesbian App | 2025-04-12 | N/A |
| The Dattch - The Lesbian App (aka com.dattch.dattch.app) application 0.30 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6001 | 1 Gewara | 1 Gewara | 2025-04-12 | N/A |
| The gewara (aka com.gewara) application 5.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-6016 | 1 Celluloidapp | 1 Celluloid | 2025-04-12 | N/A |
| The Celluloid (aka com.eurisko.celluloid) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2012-5583 | 1 Apereo | 1 Phpcas | 2025-04-12 | N/A |
| phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
| CVE-2014-5556 | 1 Flyfishing-and-flytying | 1 Fly Fishing \& Fly Tying | 2025-04-12 | N/A |
| The Fly Fishing & Fly Tying (aka air.com.yudu.ReaderAIR3209899) application 3.21.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5557 | 1 Commerce | 1 America\'s Economy For Phone | 2025-04-12 | N/A |
| The America's Economy for Phone (aka air.gov.census.mobile.phone.americaseconomy) application 1.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5561 | 1 Devarai | 1 Word Search Free | 2025-04-12 | N/A |
| The Word Search Free (aka air.wordSearchFree) application 4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5562 | 1 Coles Credit Cards | 1 Coles Credit Card App | 2025-04-12 | N/A |
| The Coles Credit Card App (aka au.com.colesfinancialservices.mobile) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5563 | 1 Show Do Milhao 2014 Project | 1 Show Do Milhao 2014 | 2025-04-12 | N/A |
| The Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application 1.4.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5564 | 1 Aceviral | 1 Angry Gran Toss | 2025-04-12 | N/A |
| The Angry Gran Toss (aka com.aceviral.angrygrantoss) application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5565 | 1 Gadgettrak | 1 Gadgettrak Mobile Security | 2025-04-12 | N/A |
| The GadgetTrak Mobile Security (aka com.activetrak.android.app) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-5566 | 1 Americostech | 1 Selfshot Front Flash Camera | 2025-04-12 | N/A |
| The Selfshot - Front Flash Camera (aka com.americos.selfshot) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||