Search Results (2510 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-7468 1 Ag-klettern-odenwald 1 Ag Klettern Odenwald 2025-04-12 N/A
The AG Klettern Odenwald (aka de.appack.project.agko) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2016-6899 1 Huawei 14 Rh1288 V3 Server, Rh1288 V3 Server Firmware, Rh2288 V3 Server and 11 more 2025-04-12 N/A
The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm.
CVE-2014-7469 1 Best Beginning Project 1 Best Beginning 2025-04-12 N/A
The Best Beginning (aka com.bbbeta) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7491 1 Ireadercity 1 Short Stories 2025-04-12 N/A
The Short Stories (aka com.ireadercity.c48) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7527 1 Savage Nation Mobile Web Project 1 Savage Nation Mobile Web 2025-04-12 N/A
The Savage Nation Mobile Web (aka com.wSavageNation) application 0.57.13354.63350 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7558 1 Everest Poker Project 1 Everest Poker 2025-04-12 N/A
The Everest Poker (aka com.wEverestPoker) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6221 1 Ibm 1 Rational Clearcase 2025-04-12 N/A
The MSCAPI/MSCNG interface implementation in GSKit in IBM Rational ClearCase 7.1.2.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 does not properly generate random numbers, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
CVE-2014-7573 1 Harvestyourdata 1 Droid Survey Offline Forms 2025-04-12 N/A
The droid Survey Offline Forms (aka com.contact.droidSURVEY) application 2.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7596 1 Paramore Project 1 Paramore 2025-04-12 N/A
The Paramore (aka uk.co.pixelkicks.paramore) application 2.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2016-7270 1 Microsoft 1 .net Framework 2025-04-12 N/A
The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain sensitive cleartext information by leveraging key guessability, aka ".NET Information Disclosure Vulnerability."
CVE-2014-7604 1 Easy Tips For Glowing Skin Project 1 Easy Tips For Glowing Skin 2025-04-12 N/A
The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7605 1 Actorskey 1 Actors Key 2025-04-12 N/A
The Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.app) application 1.6.24.477 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7609 1 Miniclip 1 Istunt 2 2025-04-12 N/A
The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7613 1 Pocketmags 1 Wasps Official Programmes 2025-04-12 N/A
The WASPS Official Programmes (aka com.triactivemedia.wasps) application @7F080130 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-2900 1 Yassl 1 Cyassl 2025-04-12 N/A
wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.
CVE-2014-7618 1 Moderndecoration 1 Interior Design 2025-04-12 N/A
The Interior Design (aka com.interior.design.mcreda) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7633 1 Tappocket 1 Dino Zoo 2025-04-12 N/A
The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2016-8224 1 Lenovo 57 Bios, Notebook 110 14ibr, Notebook 110 14ibr Bios and 54 more 2025-04-12 N/A
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.
CVE-2014-7668 1 Inzeratyzdarma 1 Ads Free. Cz Advert 2025-04-12 N/A
The Ads Free. Cz advert (aka cz.inzeratyzdarma.cz) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7695 1 Easaa 1 Easaa Baoneng 2025-04-12 N/A
The easaa Baoneng (aka com.easaa.baoneng) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.