CVEs from 2014
Total
7,878
critical
critical 837
high
high 1,288
medium
medium 4,980
low
low 583
% Critical
10.6%
% with KEV
0.4%
% with exploit
2.1%
Top vendors
Top products
- chrome 3,804
- moodle 1,668
- flash_player 1,397
- firefox 1,239
- mediawiki 1,130
- ffmpeg 998
- acrobat 966
- acrobat_reader 944
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-1496 | medium | 5.5 | 5.5 | 12y ago | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during… | |||
| CVE-2014-0833 | medium | — | 5.5 | 13y ago | The OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intende… | |||
| CVE-2014-0678 | medium | — | 5.5 | 13y ago | The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vect… | |||
| CVE-2014-0009 | medium | — | 5.5 | 13y ago | course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 does not enforce the moodle/site:accessallgroups capability requiremen… | |||
| CVE-2014-0423 | medium | — | 5.5 | 13y ago | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and a… | |||
| CVE-2014-0372 | medium | — | 5.5 | 13y ago | Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated use… | |||
| CVE-2014-0367 | medium | — | 5.5 | 13y ago | Unspecified vulnerability in the Hyperion Essbase Administration Services component in Oracle Hyperion 11.1.2.1, 11.1.2.2, and 11.1.2.3 allows remote authenticated users to affect confidentiality and… | |||
| CVE-2014-3531 | medium | 5.4 | 5.4 | 9y ago | Multiple cross-site scripting (XSS) vulnerabilities in Foreman before 1.5.2 allow remote authenticated users to inject arbitrary web script or HTML via the operating system (1) name or (2) descriptio… | |||
| CVE-2014-0208 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in the search auto-completion functionality in Foreman before 1.4.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted key… | |||
| CVE-2014-8957 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter. | |||
| CVE-2014-6191 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2, 6.0.4, and 6.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X… | |||
| CVE-2014-5144 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted markdown. | |||
| CVE-2014-3887 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors… | |||
| CVE-2014-8707 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 allows remote authenticated users to inject arbitrary web script or HTML via the "edit HTML source" option. | |||
| CVE-2014-9194 | medium | — | 5.4 | 12y ago | Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts. | |||
| CVE-2014-9271 | medium | 5.4 | 5.4 | 12y ago | Cross-site scripting (XSS) vulnerability in file_download.php in MantisBT before 1.2.18 allows remote authenticated users to inject arbitrary web script or HTML via a Flash file with an image extensi… | |||
| CVE-2014-7994 | medium | — | 5.4 | 12y ago | Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and … | |||
| CVE-2014-8680 | medium | — | 5.4 | 12y ago | The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP database… | |||
| CVE-2014-8594 | medium | — | 5.4 | 12y ago | The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointe… | |||
| CVE-2014-4452 | medium | — | 5.4 | 12y ago | WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra… | |||
| CVE-2014-8538 | medium | — | 5.4 | 12y ago | The Hijab Modern (aka com.Aisyaidea.HijabModern) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain … | |||
| CVE-2014-7804 | medium | — | 5.4 | 12y ago | The Gangsta Auto Thief III (aka com.apptreestudios.gdup3) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers an… | |||
| CVE-2014-7803 | medium | — | 5.4 | 12y ago | The Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv… | |||
| CVE-2014-7802 | medium | — | 5.4 | 12y ago | The Top Roller Coasters Europe 2 (aka com.appaapps.top10tallesteuropeanrollercoasters2) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-… | |||
| CVE-2014-7800 | medium | — | 5.4 | 12y ago | The Daily Green (aka it.opentt.blog.dailygreen) application 2014.07 dlygrn for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers a… | |||
| CVE-2014-7799 | medium | — | 5.4 | 12y ago | The Squishy birds (aka com.tatmob.squishybirds) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain… | |||
| CVE-2014-7798 | medium | — | 5.4 | 12y ago | The Coca-Cola FM Brasil (aka com.enyetech.radio.coca_cola.fm_br) application 2.0.41709 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo… | |||
| CVE-2014-7797 | medium | — | 5.4 | 12y ago | The Thai food (aka com.foods.thaifood) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive … | |||
| CVE-2014-7796 | medium | — | 5.4 | 12y ago | The House365 Radio (aka com.nobexinc.wls_27853803.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and … | |||
| CVE-2014-7795 | medium | — | 5.4 | 12y ago | The Harpers Bazaar Art (aka com.itp.harpersart) application @7F080181 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ob… | |||
| CVE-2014-7794 | medium | — | 5.4 | 12y ago | The Knights of the Void (aka me.narr8.android.serial.knights_of_the_void) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers t… | |||
| CVE-2014-7793 | medium | — | 5.4 | 12y ago | The CB - Calciatori Brutti (aka com.calciatori.brutti) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and o… | |||
| CVE-2014-7791 | medium | — | 5.4 | 12y ago | The Backyard Wrestling (aka com.wBackyardWrestling) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta… | |||
| CVE-2014-7789 | medium | — | 5.4 | 12y ago | The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain … | |||
| CVE-2014-7788 | medium | — | 5.4 | 12y ago | The Best Free Giveaways (aka com.wIphone5GiveAways) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta… | |||
| CVE-2014-7787 | medium | — | 5.4 | 12y ago | The iShuttle (aka com.synapse.ishuttle_user) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sens… | |||
| CVE-2014-7786 | medium | — | 5.4 | 12y ago | The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv… | |||
| CVE-2014-7785 | medium | — | 5.4 | 12y ago | The AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to s… | |||
| CVE-2014-7784 | medium | — | 5.4 | 12y ago | The Schon! Magazine (aka com.magzter.schonmagazine) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta… | |||
| CVE-2014-7783 | medium | — | 5.4 | 12y ago | The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensit… | |||
| CVE-2014-7782 | medium | — | 5.4 | 12y ago | The Macedonia Hacienda Hotel (aka appinventor.ai_orolimpio999.HotelMacedonia) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers… | |||
| CVE-2014-7781 | medium | — | 5.4 | 12y ago | The Marijuana Handbook Lite - Weed (aka com.fallacystudios.marijuanahandbooklite) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attac… | |||
| CVE-2014-7780 | medium | — | 5.4 | 12y ago | The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application 1.21.38.6504 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-… | |||
| CVE-2014-7779 | medium | — | 5.4 | 12y ago | The Kuran'in Bilimsel Mucizeleri (aka com.wKurannBilimselMucizeleri) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof… | |||
| CVE-2014-7778 | medium | — | 5.4 | 12y ago | The Epc World (aka com.magzter.epcworld) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitiv… | |||
| CVE-2014-7777 | medium | — | 5.4 | 12y ago | The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application 3.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serve… | |||
| CVE-2014-7776 | medium | — | 5.4 | 12y ago | The Kavita KS (aka com.snaplion.kavitaks) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti… | |||
| CVE-2014-7775 | medium | — | 5.4 | 12y ago | The Champak - Hindi (aka com.magzter.champakhindi) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt… | |||
| CVE-2014-7774 | medium | — | 5.4 | 12y ago | The Herbs & Flowers Dictionary (aka com.wHerbsNFlowersDictionary) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof se… | |||
| CVE-2014-7773 | medium | — | 5.4 | 12y ago | The Cleveland Football STREAM (aka com.appstronautme.clevelandfootballstream) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attacke… | |||
| CVE-2014-7772 | medium | — | 5.4 | 12y ago | The MB Tickets (aka com.xcr.android.mbtickets) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain … | |||
| CVE-2014-7771 | medium | — | 5.4 | 12y ago | The World Tamil Bayan (aka com.wWorldTamilBayan) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain … | |||
| CVE-2014-7770 | medium | — | 5.4 | 12y ago | The Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo… | |||
| CVE-2014-7769 | medium | — | 5.4 | 12y ago | The Accurate Lending (aka com.soln.S7B193908AEA1937C7CBB4E889A46D3C0) application 1.0021.b0021 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attacker… | |||
| CVE-2014-7768 | medium | — | 5.4 | 12y ago | The Analects of Confucius (aka com.azbc88881.lunyu) application 8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta… | |||
| CVE-2014-7767 | medium | — | 5.4 | 12y ago | The A+ (aka cn.xrzcm) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via… | |||
| CVE-2014-7766 | medium | — | 5.4 | 12y ago | The 7 Habits Personal Development (aka appinventor.ai_ingka_d_jiw.TheCompleteGuideToApplyingThe7HabitsInHolisticPersonalDevelopment) application 1.0 for Android does not verify X.509 certificates fro… | |||
| CVE-2014-7765 | medium | — | 5.4 | 12y ago | The Hundred Thousands Kid Book (aka it.tinytap.attsa.thousands) application 1.6.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof se… | |||
| CVE-2014-7764 | medium | — | 5.4 | 12y ago | The Semper Invicta Fitness (aka com.semper.invicta.fitness) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers … | |||
| CVE-2014-7763 | medium | — | 5.4 | 12y ago | The Listen up! mirucho (aka jp.ameba.kiiteyo.android) application 1.1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and … | |||
| CVE-2014-7762 | medium | — | 5.4 | 12y ago | The Bite it! (aka com.ASA1Touch.Bite_it) application 1.1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensit… | |||
| CVE-2014-7761 | medium | — | 5.4 | 12y ago | The Ink Cards (aka com.sincerely.android.ink) application 2.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s… | |||
| CVE-2014-7760 | medium | — | 5.4 | 12y ago | The Health assistance service (aka net.nttcloud.ft.karada) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers… | |||
| CVE-2014-7759 | medium | — | 5.4 | 12y ago | The Jazz Lovers Radio (aka com.nobexinc.wls_99273254.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers a… | |||
| CVE-2014-7758 | medium | — | 5.4 | 12y ago | The AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof ser… | |||
| CVE-2014-7757 | medium | — | 5.4 | 12y ago | The Awful Ninja Game (aka com.absolutelyawfulapplications.awfulninjagame) application 1.0.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers … | |||
| CVE-2014-7756 | medium | — | 5.4 | 12y ago | The Radiohead fan (aka nl.jborsje.android.bandnews.radiohead) application 4.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv… | |||
| CVE-2014-7755 | medium | — | 5.4 | 12y ago | The eTopUpOnline (aka com.moremagic.etopup.client.android) application 3.4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers… | |||
| CVE-2014-7754 | medium | — | 5.4 | 12y ago | The Condor S.E. (aka com.app_condorsoutheast.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and o… | |||
| CVE-2014-7753 | medium | — | 5.4 | 12y ago | The Circa News (aka cir.ca) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informati… | |||
| CVE-2014-7752 | medium | — | 5.4 | 12y ago | The NASIOC (aka net.endoftime.android.forumrunner.nasioc) application 3.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers … | |||
| CVE-2014-7751 | medium | — | 5.4 | 12y ago | The Recetas de Tragos (aka com.wRecetasdeTragos) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain … | |||
| CVE-2014-7750 | medium | — | 5.4 | 12y ago | The Taster Magazine (aka com.magazinecloner.taster) application @7F080183 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers an… | |||
| CVE-2014-7749 | medium | — | 5.4 | 12y ago | The CamDictionary (aka com.intsig.camdict) application 2.3.0.20131118 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ob… | |||
| CVE-2014-7748 | medium | — | 5.4 | 12y ago | The Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers an… | |||
| CVE-2014-7746 | medium | — | 5.4 | 12y ago | The Fusion Flowers - Weddings (aka com.triactivemedia.fusionweddings) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers t… | |||
| CVE-2014-7745 | medium | — | 5.4 | 12y ago | The Flight Manager (aka com.flightmanager.view) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s… | |||
| CVE-2014-7744 | medium | — | 5.4 | 12y ago | The Musulmanin.com (aka com.wSalyafiyailimurdjiya) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtai… | |||
| CVE-2014-7743 | medium | — | 5.4 | 12y ago | The Humor Ironias y Realidades (aka com.wHumork) application 0.63.13371.13576 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof server… | |||
| CVE-2014-7742 | medium | — | 5.4 | 12y ago | The Noticias del Vaticano (aka com.wNoticiasdelVaticano) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and… | |||
| CVE-2014-7741 | medium | — | 5.4 | 12y ago | The Healing Bookstore (aka com.wHealingBookstore) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain… | |||
| CVE-2014-7740 | medium | — | 5.4 | 12y ago | The Pony Magazine (aka com.triactivemedia.ponymagazine) application @7F080193 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof server… | |||
| CVE-2014-7739 | medium | — | 5.4 | 12y ago | The Anahi A Adopter FR (aka com.wAnahiAAdopterFR) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain… | |||
| CVE-2014-7737 | medium | — | 5.4 | 12y ago | The FMAC : Federation Culinaire (aka com.fmac) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain se… | |||
| CVE-2014-7735 | medium | — | 5.4 | 12y ago | The Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers … | |||
| CVE-2014-7734 | medium | — | 5.4 | 12y ago | The Reds Anytime Bail (aka com.onesolutionapps.redsanytimebailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo… | |||
| CVE-2014-7733 | medium | — | 5.4 | 12y ago | The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain … | |||
| CVE-2014-7731 | medium | — | 5.4 | 12y ago | The Radio de la Cato (aka com.radio.de.la.cato) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s… | |||
| CVE-2014-7728 | medium | — | 5.4 | 12y ago | The Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) application 1.0010.b0010 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to… | |||
| CVE-2014-7727 | medium | — | 5.4 | 12y ago | The Dj Brad H (aka com.dreamstep.wDjBradH) application 0.90 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensi… | |||
| CVE-2014-7726 | medium | — | 5.4 | 12y ago | The Golosinas Simpson1 (aka com.wGolosinasSimpson1) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta… | |||
| CVE-2014-7725 | medium | — | 5.4 | 12y ago | The Rally Albania Live 2014 (aka com.wRallyAlbaniaLIVE2014) application 0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers… | |||
| CVE-2014-7724 | medium | — | 5.4 | 12y ago | The Chemssou Blink (aka com.chemssou.blink) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensi… | |||
| CVE-2014-7723 | medium | — | 5.4 | 12y ago | The Carnegie Mellon Silicon Valley (aka edu.cmu.sv.mobile) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers a… | |||
| CVE-2014-7722 | medium | — | 5.4 | 12y ago | The Indian Jeweller (aka com.magzter.indianjeweller) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt… | |||
| CVE-2014-7721 | medium | — | 5.4 | 12y ago | The President Clicker (aka com.flexymind.pclicker) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt… | |||
| CVE-2014-7720 | medium | — | 5.4 | 12y ago | The Better Homes and Gardens Aus (aka com.pacificmagazines.betterhomesandgardens) application @7F0801B2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle… | |||
| CVE-2014-7719 | medium | — | 5.4 | 12y ago | The BASEBALL MANAGER K (aka com.cjenm.yagamkgoogle) application 1.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt… | |||
| CVE-2014-7718 | medium | — | 5.4 | 12y ago | The Travel+Leisure (aka com.magzter.travelleisure) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtai… | |||
| CVE-2014-7717 | medium | — | 5.4 | 12y ago | The Mills-Hazel Property Mgmt (aka com.appexpress.millshazelpropertymanagement) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attac… |