CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-6232 +Info 2014-09-11 2014-09-11
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
2 CVE-2014-6064 200 +Info 2014-09-02 2014-09-13
4.0
None Remote Low Single system Partial None None
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
3 CVE-2014-6025 +Info 2014-09-09 2014-09-09
0.0
None ??? ??? ??? ??? ??? ???
The Chartboost library before 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
4 CVE-2014-6024 310 +Info 2014-09-08 2014-09-11
5.4
None Local Network Medium Not required Partial Partial Partial
The Flurry library before 3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5 CVE-2014-5905 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
6 CVE-2014-5904 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The MiniInTheBox Online Shopping (aka com.miniinthebox.android) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
7 CVE-2014-5903 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
8 CVE-2014-5902 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
9 CVE-2014-5901 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Beauty Bible - App for Girls (aka com.my.beauty.bible) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
10 CVE-2014-5900 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
11 CVE-2014-5899 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Nespresso (aka com.nespresso.activities) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
12 CVE-2014-5898 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application 1.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
13 CVE-2014-5897 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
14 CVE-2014-5896 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
15 CVE-2014-5895 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The ShopYourWay (aka com.sears.shopyourway) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
16 CVE-2014-5894 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
17 CVE-2014-5893 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
18 CVE-2014-5892 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
19 CVE-2014-5891 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
20 CVE-2014-5890 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
21 CVE-2014-5889 +Info 2014-09-15 2014-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Android Forums (aka com.tapatalk.androidforumscom) application 2.4.4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
22 CVE-2014-5888 +Info 2014-09-12 2014-09-12
0.0
None ??? ??? ??? ??? ??? ???
The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) application 1.122 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
23 CVE-2014-5887 +Info 2014-09-12 2014-09-12
0.0
None ??? ??? ??? ??? ??? ???
The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
24 CVE-2014-5886 +Info 2014-09-12 2014-09-12
0.0
None ??? ??? ??? ??? ??? ???
The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
25 CVE-2014-5885 +Info 2014-09-12 2014-09-12
0.0
None ??? ??? ??? ??? ??? ???
The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
26 CVE-2014-5884 +Info 2014-09-12 2014-09-12
0.0
None ??? ??? ??? ??? ??? ???
The 1&1 Online Storage (aka de.einsundeins.smartdrive) application 5.0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
27 CVE-2014-5883 +Info 2014-09-12 2014-09-12
0.0
None ??? ??? ??? ??? ??? ???
The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
28 CVE-2014-5882 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
29 CVE-2014-5881 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Yahoo! ybox (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
30 CVE-2014-5879 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The tvguide (aka kenneth.tvguide) application 1.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
31 CVE-2014-5878 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The ium (aka net.ium.mobile.android) application 3.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
32 CVE-2014-5877 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The TV Guide (aka net.micene.minigroup.palimpsests.lite) application 5.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
33 CVE-2014-5876 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The WD My Cloud (aka com.wdc.wd2go) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
34 CVE-2014-5875 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Sylphone (aka com.sylpheo.prospectosyl) application 5.3.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
35 CVE-2014-5874 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The SplashID (aka com.splashidandroid) application 7.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
36 CVE-2014-5873 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Sears (aka com.sears.android) application 6.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
37 CVE-2014-5872 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The SafeNetMobile Pass (aka securecomputing.devices.android.controller) application 8.3.7.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
38 CVE-2014-5871 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
39 CVE-2014-5870 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Kmart (aka com.kmart.android) application 6.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
40 CVE-2014-5869 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
41 CVE-2014-5868 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Cisco Technical Support (aka com.cisco.swtg_android) application 3.7.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
42 CVE-2014-5867 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
43 CVE-2014-5866 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
44 CVE-2014-5865 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Ask.com (aka com.ask.android) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
45 CVE-2014-5864 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The Swish payments (aka se.bankgirot.swish) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
46 CVE-2014-5863 +Info 2014-09-11 2014-09-11
0.0
None ??? ??? ??? ??? ??? ???
The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
47 CVE-2014-5862 +Info 2014-09-10 2014-09-10
0.0
None ??? ??? ??? ??? ??? ???
The ecalendar2 (aka cn.etouch.ecalendar2) application 4.5.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
48 CVE-2014-5861 +Info 2014-09-10 2014-09-10
0.0
None ??? ??? ??? ??? ??? ???
The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
49 CVE-2014-5860 +Info 2014-09-10 2014-09-10
0.0
None ??? ??? ??? ??? ??? ???
The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
50 CVE-2014-5859 +Info 2014-09-10 2014-09-10
0.0
None ??? ??? ??? ??? ??? ???
The Star Girl: Colors of Spring (aka com.animoca.google.starGirlSpring) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 4175   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.