Search Results (4597 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-7613 1 Pocketmags 1 Wasps Official Programmes 2025-04-12 N/A
The WASPS Official Programmes (aka com.triactivemedia.wasps) application @7F080130 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-2900 1 Yassl 1 Cyassl 2025-04-12 N/A
wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.
CVE-2014-7616 1 Physicsforums 1 Physics Forums 2025-04-12 N/A
The Physics Forums (aka com.tapatalk.physicsforumscom) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7624 1 Aiadp 1 Guess The Pixel Character Quiz 2025-04-12 N/A
The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7633 1 Tappocket 1 Dino Zoo 2025-04-12 N/A
The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7636 1 Unitedhawknation 1 United Hawk Nation 2025-04-12 N/A
The United Hawk Nation (aka com.united12thman) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7638 1 Nobexrc 1 Fabuestereo 88.1 Fm 2025-04-12 N/A
The Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7668 1 Inzeratyzdarma 1 Ads Free. Cz Advert 2025-04-12 N/A
The Ads Free. Cz advert (aka cz.inzeratyzdarma.cz) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7688 1 Home Improvement Project 1 Home Improvement 2025-04-12 N/A
The Home Improvement (aka com.whomeimprovementapp) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7690 1 Myfone 1 Myfone Shopping 2025-04-12 N/A
The myfone Shopping (aka com.twm.pt.eccart) application 2.1.01.00.040 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7692 1 Rowlandsolutions 1 Lent Experience 2025-04-12 N/A
The Lent Experience (aka com.wLentExperience) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2012-5662 1 Paul Mattes 1 X3270 2025-04-12 N/A
x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2014-7795 1 Itp 1 Harpers Bazaar Art 2025-04-12 N/A
The Harpers Bazaar Art (aka com.itp.harpersart) application @7F080181 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7797 1 Gotobestofprice 1 Thai Food 2025-04-12 N/A
The Thai food (aka com.foods.thaifood) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7798 1 Enyetech 1 Coca-cola Fm Brasil 2025-04-12 N/A
The Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) application 2.0.41709 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7799 1 Squishy Birds Project 1 Squishy Birds 2025-04-12 N/A
The Squishy birds (aka com.tatmob.squishybirds) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6646 1 Bellyhoodcom Project 1 Bellyhoodcom 2025-04-12 N/A
The bellyhoodcom (aka com.tapatalk.bellyhoodcom) application 3.4.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7803 1 Onesolutionapps 1 Woodward Bail 2025-04-12 N/A
The Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6708 1 Sportinginnovations 1 Utah Jazz 2025-04-12 N/A
The Sporting Club Uphoria (aka com.sportinginnovations.skc) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-3604 2 Not Yet Commons Ssl Project, Redhat 2 Not Yet Commons Ssl, Jboss Enterprise Soa Platform 2025-04-12 N/A
Certificates.java in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.