Export limit exceeded: 365287 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365287 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365287 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4599 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7121 | 1 Magzter | 1 Dhanam | 2025-04-12 | N/A |
| The Dhanam (aka com.magzter.dhanam) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7122 | 1 Gannett | 1 Lansing State Journal Print | 2025-04-12 | N/A |
| The Lansing State Journal Print (aka com.lansingjournal.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7123 | 1 Vbwebdesigner | 1 Brevir Harian V2 | 2025-04-12 | N/A |
| The Brevir Harian V2 (aka com.brevir.harian.v) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7124 | 1 Consulo | 1 Ip Alarm | 2025-04-12 | N/A |
| The IP Alarm (aka com.cosesy.gadget.alarm) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7125 | 1 Magzter | 1 Motor | 2025-04-12 | N/A |
| The Motor (aka com.magzter.motorhwpublishing) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7127 | 1 Pocketmags | 1 Football Espana Magazine | 2025-04-12 | N/A |
| The Football Espana magazine (aka com.triactivemedia.footballespana) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7128 | 1 Toyotaownersclub | 1 Toyota Oc | 2025-04-12 | N/A |
| The Toyota OC (aka com.tapatalk.toyotaownersclubcomforums) application 3.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7129 | 1 Gannett | 1 Argus Leader Print Edition | 2025-04-12 | N/A |
| The Argus Leader Print Edition (aka com.argusleader.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7131 | 1 Core-apps | 1 Digital Content Newfronts 2014 | 2025-04-12 | N/A |
| The Digital Content NewFronts 2014 (aka com.coreapps.android.followme.newfronts2014) application 6.0.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7132 | 1 Jambatan Pbb Semporna Project | 1 Jambatan Pbb Semporna | 2025-04-12 | N/A |
| The Jambatan PBB Semporna (aka com.wJAMBATANPBBSEMPORNA) application 13523.82613 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7134 | 1 Skydreams | 1 Prof. Usman Ali Awheela | 2025-04-12 | N/A |
| The PROF. USMAN ALI AWHEELA (aka com.wPROFUAAWHEELA) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7135 | 1 Ayuntamientodecoana | 1 Ayuntamiento De Coana | 2025-04-12 | N/A |
| The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7144 | 2 Openstack, Redhat | 3 Keystonemiddleware, Python-keystoneclient, Openstack | 2025-04-12 | N/A |
| OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. | ||||
| CVE-2014-7228 | 1 Joomla | 1 Joomla\! | 2025-04-12 | N/A |
| Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, 3.x through 3.2.5, and 3.3.0 through 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 through 4.0.2; Backup Professional for WordPress 1.0.b1 through 1.1.3; Solo 1.0.b1 through 1.1.2; Admin Tools Core and Professional 2.0.0 through 2.4.4; and CMS Update 1.0.a1 through 1.0.1, when performing a backup or update for an archive, does not delete parameters from $_GET and $_POST when it is cleansing $_REQUEST, but later accesses $_GET and $_POST using the getQueryParam function, which allows remote attackers to bypass encryption and execute arbitrary code via a command message that extracts a crafted archive. | ||||
| CVE-2014-7553 | 1 Getnycelightworks | 1 Get Nyce Lightworks | 2025-04-12 | N/A |
| The GET NYCE Lightworks (aka com.wGETNYCE) application 0.84.13506.98953 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7554 | 1 Bouqs - Flowers Simplified Project | 1 Bouqs - Flowers Simplified | 2025-04-12 | N/A |
| The Bouqs - Flowers Simplified (aka com.bouqs.activity) application 1.8.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7555 | 1 Apparound | 1 Apparound Blend | 2025-04-12 | N/A |
| The Apparound BLEND (aka com.apparound.mobile.catalogo) application 4.9.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7557 | 1 Zroadster | 1 Zroadster.com | 2025-04-12 | N/A |
| The zroadster.com (aka com.tapatalk.zroadstercomforum) application 2.4.13.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7558 | 1 Everest Poker Project | 1 Everest Poker | 2025-04-12 | N/A |
| The Everest Poker (aka com.wEverestPoker) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-7559 | 1 Instatalks | 1 Instatalks | 2025-04-12 | N/A |
| The InstaTalks (aka com.natrobit.instatalks) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||