Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-5772 | 1 Govhk | 1 Government Bookstore | 2014-09-16 | 5.4 MEDIUM | N/A |
The Government Bookstore (aka hksarg.isd.sop.govbookstore) application 1.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5773 | 1 Registeredassistant Project | 1 Registeredassistant | 2014-09-16 | 5.4 MEDIUM | N/A |
The RegisteredAssistant (aka Icr.RegisteredAssistant) application 0.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-0993 | 1 Embarcadero | 2 Embarcadero C\+\+builder Xe6, Embarcadero Delphi Xe6 | 2014-09-16 | 6.8 MEDIUM | N/A |
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file. | |||||
CVE-2014-5755 | 1 Gunhillwireless | 1 Verizon | 2014-09-16 | 5.4 MEDIUM | N/A |
The verizon (aka com.wverizonwirelessbill) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5742 | 1 Geteversnap | 1 Eversnap Private Photo Album | 2014-09-16 | 5.4 MEDIUM | N/A |
The Eversnap Private Photo Album (aka com.weddingsnap.android) application 1.0.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5743 | 1 Wegoi | 1 Re-volt 2 \ | 2014-09-16 | 5.4 MEDIUM | N/A |
The RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) application 1.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5744 | 1 Wegoi | 1 Re-volt 2 \ | 2014-09-16 | 5.4 MEDIUM | N/A |
The RE-VOLT 2 : MULTIPLAYER (aka com.wegoi.revolt2multiplayer) application 1.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5753 | 1 Ggbu | 1 Twitter No Background | 2014-09-16 | 5.4 MEDIUM | N/A |
The Twitter No Background (aka com.wTwitternobackground) application 0.85.13509.97828 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5752 | 1 Wtradersactivity Project | 1 Wtradersactivity | 2014-09-16 | 5.4 MEDIUM | N/A |
The wTradersActivity (aka com.wTradersActivity) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5754 | 1 Verizon Instant Refills 24\/7 Project | 1 Verizon Instant Refills 24\/7 | 2014-09-16 | 5.4 MEDIUM | N/A |
The Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5750 | 1 Pro Bet Tips Project | 1 Pro Bet Tips | 2014-09-16 | 5.4 MEDIUM | N/A |
The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5751 | 1 Tor Browser The Short Guide Project | 1 Tor Browser The Short Guide | 2014-09-16 | 5.4 MEDIUM | N/A |
The Tor Browser the Short Guide (aka com.wTorShortUserManual) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5749 | 1 Wooga | 1 Jelly Splash | 2014-09-16 | 5.4 MEDIUM | N/A |
The Jelly Splash (aka com.wooga.jelly_splash) application 1.11.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5745 | 1 Free Pageplus Activation Project | 1 Free Pageplus Activation | 2014-09-16 | 5.4 MEDIUM | N/A |
The FREE Pageplus Activation (aka com.wFREEPageplusActivations) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5746 | 1 Vkr Soft | 1 Government Best Jobs | 2014-09-16 | 5.4 MEDIUM | N/A |
The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5747 | 1 Comcast | 1 Xfinity Constant Guard Mobile | 2014-09-16 | 5.4 MEDIUM | N/A |
The XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) application 3.1.140603 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-5748 | 1 Wk12olslogin Project | 1 Wk12olslogin | 2014-09-16 | 5.4 MEDIUM | N/A |
The wK12olslogin (aka com.wK12olslogin) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-2375 | 1 Ecava | 1 Integraxor | 2014-09-16 | 9.0 HIGH | N/A |
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature. | |||||
CVE-2014-2376 | 1 Ecava | 1 Integraxor | 2014-09-16 | 7.5 HIGH | N/A |
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2014-2377 | 1 Ecava | 1 Integraxor | 2014-09-16 | 5.0 MEDIUM | N/A |
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag. |