Total
2481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5386 | 1 Facebook | 1 Hiphop Virtual Machine | 2014-12-30 | 5.0 MEDIUM | N/A |
| The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initialization vector. | |||||
| CVE-2014-7038 | 1 Al Jazeera Project | 1 Al Jazeera | 2014-12-29 | 5.4 MEDIUM | N/A |
| The Al Jazeera (aka com.Al.Jazeera.net) application 6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7275 | 1 Getmail | 1 Getmail | 2014-12-22 | 5.8 MEDIUM | N/A |
| The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7274 | 1 Getmail | 1 Getmail | 2014-12-22 | 5.8 MEDIUM | N/A |
| The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate from a recognized Certification Authority. | |||||
| CVE-2014-7273 | 1 Getmail | 1 Getmail | 2014-12-19 | 6.8 MEDIUM | N/A |
| The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6636 | 1 Rsupport | 1 Lg Telepresence | 2014-12-15 | 5.4 MEDIUM | N/A |
| The LG Telepresence (aka com.rsupport.rtc.lge) application 2.0.12 Build 63 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5732 | 1 Wamba | 1 Wamba-meet Women And Men | 2014-12-10 | 5.4 MEDIUM | N/A |
| The Wamba - meet women and men (aka com.wamba.client) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5665 | 1 Mr384 | 1 Mzone Login | 2014-12-03 | 5.4 MEDIUM | N/A |
| The Mzone Login (aka com.mr384.MzoneLogin) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5992 | 1 Successsecrets Project | 1 Successsecrets | 2014-12-03 | 5.4 MEDIUM | N/A |
| The successsecrets (aka com.alek.successsecrets) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5972 | 1 Loving.fm | 1 Loving - Couple Essential | 2014-12-03 | 5.4 MEDIUM | N/A |
| The Loving - Couple Essential (aka com.xiaoenai.app) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7796 | 1 Nobexrc | 1 House365 Radio | 2014-11-22 | 5.4 MEDIUM | N/A |
| The House365 Radio (aka com.nobexinc.wls_27853803.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7463 | 1 Im5 Fans Planet Project | 1 Im5 Fans Planet | 2014-11-22 | 5.4 MEDIUM | N/A |
| The IM5 Fans Planet (aka uk.co.pixelkicks.im5) application 2.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7465 | 1 Pocketmags | 1 Pc Advisor | 2014-11-22 | 5.4 MEDIUM | N/A |
| The PC Advisor (aka com.triactivemedia.pcadvisor) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7464 | 1 Magicstamp | 1 Magic Stamp | 2014-11-22 | 5.4 MEDIUM | N/A |
| The Magic Stamp (aka vn.avagame.apotatem) application 2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7462 | 1 Teamlava | 1 Fashion Story\ | 2014-11-22 | 5.4 MEDIUM | N/A |
| The Fashion Story: Neon 90's (aka com.teamlava.fashionstory39) application 1.5.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-6792 | 1 Suriname Radio Project | 1 Suriname Radio | 2014-11-19 | 5.4 MEDIUM | N/A |
| The Suriname Radio (aka com.wordbox.surinameRadio) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7777 | 1 Gcspublishing | 1 Slingshot Forum | 2014-11-19 | 5.4 MEDIUM | N/A |
| The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application 3.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5577 | 1 Beautyntherep | 1 Avon Buy\&sell | 2014-11-19 | 5.4 MEDIUM | N/A |
| The AVON Buy & Sell (aka com.AVONBeautyntheRep) application 0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7469 | 1 Best Beginning Project | 1 Best Beginning | 2014-11-18 | 5.4 MEDIUM | N/A |
| The Best Beginning (aka com.bbbeta) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-7527 | 1 Savage Nation Mobile Web Project | 1 Savage Nation Mobile Web | 2014-11-17 | 5.4 MEDIUM | N/A |
| The Savage Nation Mobile Web (aka com.wSavageNation) application 0.57.13354.63350 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||