) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-6890 |
The CouponCabin - Coupons & Deals (aka com.couponcabin) application 3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6889 |
The GunBroker.com (aka com.gunbroker.android) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6888 |
The PennyTalk Mobile (aka net.idt.pennytalk.android) application 2.0.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6886 |
The WePhone - phone calls vs skype (aka com.wephoneapp) application 1.03.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6885 |
The Academy Sports + Outdoors Visa (aka com.usbank.icsmobile.academysports) application 1.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6884 |
The Ford Credit Account Manager (aka com.fordcredit.accountmanager) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6883 |
The CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6882 |
The Western Federal Credit Union (aka com.kerrata.pulse.western) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:07 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6881 |
The PNC Virtual Wallet (aka com.pnc.ecommerce.mobile.vw.android) application before 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6880 |
The TradeHero (aka com.tradehero.th) application 2.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6879 |
The Equifax Mobile (aka com.equifax) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6878 |
The RBFCU Mobile (aka com.Vertifi.DeposZip.P314089681) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6877 |
The Santander Personal Banking (aka com.sovereign.santander) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6876 |
The American Express Serve (aka com.serve.mobile) application @7F0901E4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6875 |
The Woodforest Mobile Banking (aka com.woodforest) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6874 |
The ModSim Connected (aka com.concursive.modsim) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6873 |
The AMGC (aka com.amec.uae) application 6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6872 |
The TTNET Muzik (aka com.ttnet.muzik) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6871 |
The Hogs Fly Crazy (aka com.pedrojayme.hogsflycrazy) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
| CVE-2014-6870 |
The BGEnergy (aka com.bluegrass.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: October 02, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |