Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4400 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-6006 1 Gratta \& Vinci\? Project 1 Gratta \& Vinci\? 2025-04-12 N/A
The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-8867 3 Canonical, Php, Redhat 3 Ubuntu Linux, Php, Rhel Software Collections 2025-04-12 N/A
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
CVE-2014-7123 1 Vbwebdesigner 1 Brevir Harian V2 2025-04-12 N/A
The Brevir Harian V2 (aka com.brevir.harian.v) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7124 1 Consulo 1 Ip Alarm 2025-04-12 N/A
The IP Alarm (aka com.cosesy.gadget.alarm) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7127 1 Pocketmags 1 Football Espana Magazine 2025-04-12 N/A
The Football Espana magazine (aka com.triactivemedia.footballespana) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7307 1 Forosocuellamos 1 Forosocuellamos 2025-04-12 N/A
The ForoSocuellamos (aka com.forosocuellamos.tlcttbeukajwpeqreg) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7317 1 Onesolutionapps 1 Aloha Bail Bonds 2025-04-12 N/A
The Aloha Bail Bonds (aka com.onesolutionapps.alohabailbondsandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7320 1 Shirakaba Project 1 Shirakaba 2025-04-12 N/A
The SHIRAKABA (aka com.SHIRAKABA) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7321 1 Offertaviaggi 1 Firenze Map 2025-04-12 N/A
The Firenze map (aka com.wFirenzemap) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6018 1 Global Beauty Research Project 1 Global Beauty Research 2025-04-12 N/A
The global beauty research (aka com.appems.topgirl) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6020 1 Fuelrewards 1 Fuel Rewards Network 2025-04-12 N/A
The Fuel Rewards Network (aka com.excentus.frn) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6022 1 Versentbooks 1 Versent Books 2025-04-12 N/A
The Versent Books (aka com.versentbooks) application 1.1.99 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6969 1 Blynk 1 Deltin Suites 2025-04-12 N/A
The Deltin Suites (aka com.DeltinSuites) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6971 1 Easy Video Downloader Project 1 Easy Video Downloader 2025-04-12 N/A
The Easy Video Downloader (aka com.simon.padillar.EasyVideo) application 4.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6980 1 Naver 1 Line Play 2025-04-12 N/A
The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6983 1 Nbe 1 Nbe 2025-04-12 N/A
The NBE (aka com.nbe.app) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6986 1 Fotoschilenas 1 Pregnancy Tips 2025-04-12 N/A
The Pregnancy Tips (aka com.rareartifact.tipsforpregnant71C80129) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5994 1 Ding 1 Ding Ezetop. Top-up Any Phone 2025-04-12 N/A
The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5995 1 Ericpol 1 Ewus Mobile 2025-04-12 N/A
The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5997 1 Autotrader.co.za 1 Auto Trader 2025-04-12 N/A
The Auto Trader (aka za.co.autotrader.android.app) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.