Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2509 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-5690 1 Runtastic 1 Runtastic Timer 2025-04-12 N/A
The Runtastic Timer (aka com.runtastic.android.timer) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5714 1 Go-text 1 Text Me\! Free Texting \& Call 2025-04-12 N/A
The Text Me! Free Texting & Call (aka com.textmeinc.textme) application 2.5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6638 1 Wtmdesktop Project 1 Wtmdesktop 2025-04-12 N/A
The wTMDesktop (aka com.wTMDesktop) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6657 1 Alhazai 1 Leadership Newspapers 2025-04-12 N/A
The Leadership Newspapers (aka com.LeadershipNewspapers) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6658 1 Apploi 1 Apploi Job Search- Find Jobs 2025-04-12 N/A
The Apploi Job Search- Find Jobs (aka com.apploi) application 4.19 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7330 1 Xtendcu 1 Xtendcu Mobile 2025-04-12 N/A
The XtendCU Mobile (aka com.metova.cuae.xtend) application 1.0.28 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7333 1 Qmania 1 Aloha Guide 2025-04-12 N/A
The Aloha Guide (aka com.aloha.guide.japnese) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7493 1 Ireadercity 1 100 Books 2025-04-12 N/A
The 100 Books (aka com.ireadercity.c20) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7506 1 Imapp 1 Realtime Music Rank 2025-04-12 N/A
The Realtime Music Rank (aka com.blogspot.imapp.immusicrank2) application 5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7518 1 Core-apps 1 Bowl Expo 2014 2025-04-12 N/A
The Bowl Expo 2014 (aka com.coreapps.android.followme.bowlexpo14) application 6.1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7534 1 Buydot 1 Funny \& Interesting Things 2025-04-12 N/A
The Funny & Interesting Things (aka com.wFunnyandInterestingThings) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-2091 1 Apache 1 Mod-gnutls 2025-04-12 N/A
The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate.
CVE-2016-4511 1 Abb 1 Pcm600 2025-04-12 N/A
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.
CVE-2014-5528 1 Appsflyer 1 Appsflyer 2025-04-12 N/A
The Appsflyer library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5537 1 Chewysoftware 1 Abduction Stacker Free 2025-04-12 N/A
The Abduction Stacker Free (aka air.com.chewygames.abductionstacker2) application 1.0.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5538 1 Amiscu 1 Westmoreland Water Fcu 2025-04-12 N/A
The Westmoreland Water FCU (aka air.com.creditunionhomebanking.mb115) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5540 1 Flickatrade 1 Flick A Trade 2025-04-12 N/A
The Flick a Trade (aka air.com.cygnecode.fat) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5541 1 Differencegames 1 Hidden Memory - Aladdin Free\! 2025-04-12 N/A
The Hidden Memory - Aladdin FREE! (aka air.com.differencegames.hmaladdinfree) application 1.0.31 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5543 1 Differencegames 1 Hidden Object - Alice Free 2025-04-12 N/A
The Hidden Object - Alice Free (aka air.com.differencegames.hovisionsofalicefree) application 1.0.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5544 1 Freshplanet 1 Songpop 2025-04-12 N/A
The SongPop (aka air.com.freshplanet.games.WaM) application 1.21.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.