CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2014(Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-6232 +Info 2014-09-11 2014-09-11
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
2 CVE-2014-6064 200 +Info 2014-09-02 2014-09-13
4.0
None Remote Low Single system Partial None None
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
3 CVE-2014-6025 +Info 2014-09-09 2014-09-09
0.0
None ??? ??? ??? ??? ??? ???
The Chartboost library before 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
4 CVE-2014-6024 310 +Info 2014-09-08 2014-09-11
5.4
None Local Network Medium Not required Partial Partial Partial
The Flurry library before 3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5 CVE-2014-5957 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
6 CVE-2014-5956 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
7 CVE-2014-5955 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
8 CVE-2014-5954 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
9 CVE-2014-5953 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The KASKUS (aka com.kaskus.android) application 2.13.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
10 CVE-2014-5952 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
11 CVE-2014-5951 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
12 CVE-2014-5950 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
13 CVE-2014-5949 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
14 CVE-2014-5948 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Obama for America (aka com.barackobama.ofa) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
15 CVE-2014-5947 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
16 CVE-2014-5946 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) application 3.4.12 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
17 CVE-2014-5945 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
18 CVE-2014-5944 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
19 CVE-2014-5943 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
20 CVE-2014-5942 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
21 CVE-2014-5941 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Armpit Spa & Girl Games (aka com.freegames.spamakeover) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
22 CVE-2014-5940 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
23 CVE-2014-5939 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
24 CVE-2014-5938 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The AllDealsAsia All Deals ADA app (aka com.ada.deals) application 4.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
25 CVE-2014-5937 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Social Networking (aka com.wSocialNetworkingSites) application 0.33.13320.99980 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
26 CVE-2014-5936 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The INCOgnito Private Browser (aka com.SL.InCoBrowser) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
27 CVE-2014-5935 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) application 1.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
28 CVE-2014-5934 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
29 CVE-2014-5933 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
30 CVE-2014-5932 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
31 CVE-2014-5931 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) application 7.21.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
32 CVE-2014-5930 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Store and Share (aka sg.com.singnet.mystorage.android) application 2.0.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
33 CVE-2014-5929 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
34 CVE-2014-5928 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
35 CVE-2014-5927 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The FastCustomer -- Fast Customer (aka www.fastcustomer.com) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
36 CVE-2014-5926 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
37 CVE-2014-5925 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBestSellers) application 0.312 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
38 CVE-2014-5924 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Monster Makeup (aka com.bearhugmedia.android_monster) application 1.0.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
39 CVE-2014-5923 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
40 CVE-2014-5922 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The ga6748 (aka com.g.ga6748) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
41 CVE-2014-5921 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The Need for Speed Network (aka com.ea.nfsautolog.bv) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
42 CVE-2014-5920 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
43 CVE-2014-5919 +Info 2014-09-18 2014-09-18
0.0
None ??? ??? ??? ??? ??? ???
The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application 1.3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
44 CVE-2014-5918 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The Secret Circle - talk freely (aka com.easyxapp.secret) application 2.2.00.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
45 CVE-2014-5917 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
46 CVE-2014-5916 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
47 CVE-2014-5915 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
48 CVE-2014-5914 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
49 CVE-2014-5913 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
50 CVE-2014-5912 +Info 2014-09-17 2014-09-17
0.0
None ??? ??? ??? ??? ??? ???
The InNote (aka com.intsig.notes) application 1.0.3.20131119 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 919   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.