# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
10951 |
CVE-2014-5909 |
310 |
|
+Info |
2014-09-17 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The watcha (aka com.frograms.watcha) application 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10952 |
CVE-2014-5908 |
310 |
|
+Info |
2014-09-17 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Kmart (aka com.kmart.android) application @7F0C00EF for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10953 |
CVE-2014-5907 |
310 |
|
+Info |
2014-09-17 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10954 |
CVE-2014-5906 |
310 |
|
+Info |
2014-09-17 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application 1.138 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10955 |
CVE-2014-5905 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10956 |
CVE-2014-5904 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The MiniInTheBox Online Shopping (aka com.miniinthebox.android) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10957 |
CVE-2014-5903 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The [email protected] (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10958 |
CVE-2014-5902 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10959 |
CVE-2014-5901 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Beauty Bible - App for Girls (aka com.my.beauty.bible) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10960 |
CVE-2014-5900 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10961 |
CVE-2014-5899 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Nespresso (aka com.nespresso.activities) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10962 |
CVE-2014-5898 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application 1.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10963 |
CVE-2014-5897 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10964 |
CVE-2014-5896 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10965 |
CVE-2014-5895 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The ShopYourWay (aka com.sears.shopyourway) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10966 |
CVE-2014-5894 |
310 |
|
+Info |
2014-09-15 |
2017-07-11 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10967 |
CVE-2014-5893 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10968 |
CVE-2014-5892 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10969 |
CVE-2014-5891 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10970 |
CVE-2014-5890 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10971 |
CVE-2014-5889 |
310 |
|
+Info |
2014-09-15 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Android Forums (aka com.tapatalk.androidforumscom) application 2.4.4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10972 |
CVE-2014-5888 |
310 |
|
+Info |
2014-09-12 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) application 1.122 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10973 |
CVE-2014-5887 |
310 |
|
+Info |
2014-09-12 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10974 |
CVE-2014-5886 |
310 |
|
+Info |
2014-09-12 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10975 |
CVE-2014-5885 |
310 |
|
+Info |
2014-09-12 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10976 |
CVE-2014-5884 |
310 |
|
+Info |
2014-09-12 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The 1&1 Online Storage (aka de.einsundeins.smartdrive) application 5.0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10977 |
CVE-2014-5883 |
310 |
|
+Info |
2014-09-12 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10978 |
CVE-2014-5882 |
310 |
|
+Info |
2014-09-11 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10979 |
CVE-2014-5881 |
310 |
|
+Info |
2014-09-11 |
2015-12-18 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10980 |
CVE-2014-5879 |
310 |
|
+Info |
2014-09-11 |
2014-09-22 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The tvguide (aka kenneth.tvguide) application 1.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10981 |
CVE-2014-5878 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The ium (aka net.ium.mobile.android) application 3.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10982 |
CVE-2014-5877 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The TV Guide (aka net.micene.minigroup.palimpsests.lite) application 5.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10983 |
CVE-2014-5876 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The WD My Cloud (aka com.wdc.wd2go) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10984 |
CVE-2014-5875 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Sylphone (aka com.sylpheo.prospectosyl) application 5.3.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10985 |
CVE-2014-5874 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The SplashID (aka com.splashidandroid) application 7.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10986 |
CVE-2014-5873 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Sears (aka com.sears.android) application 6.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10987 |
CVE-2014-5872 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The SafeNetMobile Pass (aka securecomputing.devices.android.controller) application 8.3.7.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10988 |
CVE-2014-5871 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10989 |
CVE-2014-5870 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Kmart (aka com.kmart.android) application 6.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10990 |
CVE-2014-5869 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10991 |
CVE-2014-5868 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Cisco Technical Support (aka com.cisco.swtg_android) application 3.7.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10992 |
CVE-2014-5867 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10993 |
CVE-2014-5866 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10994 |
CVE-2014-5865 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Ask.com (aka com.ask.android) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10995 |
CVE-2014-5864 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Swish payments (aka se.bankgirot.swish) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10996 |
CVE-2014-5863 |
310 |
|
+Info |
2014-09-11 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10997 |
CVE-2014-5862 |
310 |
|
+Info |
2014-09-10 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The ecalendar2 (aka cn.etouch.ecalendar2) application 4.5.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10998 |
CVE-2014-5861 |
310 |
|
+Info |
2014-09-10 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
10999 |
CVE-2014-5860 |
310 |
|
+Info |
2014-09-10 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
11000 |
CVE-2014-5859 |
310 |
|
+Info |
2014-09-10 |
2014-09-21 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
The Star Girl: Colors of Spring (aka com.animoca.google.starGirlSpring) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |