) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): android
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-6707 |
The 7Sage LSAT Prep - Proctor (aka com.sevensage.lsat) application 2.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 24, 2014; 9:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6706 |
The Embry-Riddle (aka com.dub.app.erau) application 1.4.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 24, 2014; 9:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6705 |
The Maher Zain (aka com.vanagas.app.maher_zain) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 24, 2014; 9:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6704 |
The Utah Jazz (aka com.sportinginnovations.jazz) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 24, 2014; 9:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6703 |
The phonearabs4 (aka com.phonearabs4.myapps) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 24, 2014; 9:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6702 |
The StarSat International (aka com.conduit.app_b15a1814d2d840198e70e3c235af5e8b.app) application 1.41.54.9222 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 24, 2014; 9:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6701 |
The Vendormate Mobile (aka com.vendormate.mobile) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6700 |
The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6699 |
The Weather Channel (aka com.weather.Weather) application 5.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6698 |
The Galaxy Online 2 (aka air.com.igg.galaxyAPhone) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6697 |
The Morocco Weather (aka com.mobilesoft.meteomaroc) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6696 |
The Candy Girl Party Makeover (aka com.bearhugmedia.android_candygirlparty) application 1.0.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6695 |
The Wedding Photo Frames-Love Pics (aka com.WeddingPhotoFramesLovePics) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6694 |
The 5SOS Family Planet (aka uk.co.pixelkicks.fivesos) application 2.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6693 |
The Juiker (aka org.itri) application 3.2.0829.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 9:55:12 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-5323 |
The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application 1.0.5 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 8:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6692 |
The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 6:55:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6691 |
The UC Browser HD (aka com.uc.browser.hd) application 3.3.1.469 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 6:55:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6690 |
The InstaMessage - Instagram Chat (aka com.futurebits.instamessage.free) application 1.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 6:55:08 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6689 |
The JW Cards (aka com.jingwei.card) application 3.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: September 23, 2014; 6:55:08 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |