CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-6645 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Batch library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
2 CVE-2014-6643 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The FIAT Forum (aka com.tapatalk.fiatforumcom) application 3.8.41 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
3 CVE-2014-6642 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application 2.4.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
4 CVE-2014-6641 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Homesteading Today (aka com.tapatalk.homesteadingtodaycom) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
5 CVE-2014-6640 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The DNB Trade (aka lt.dnb.mobiletrade) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
6 CVE-2014-6639 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The TIO MobilePay - Bill Payments (aka com.tionetworks.mobile.android.tioclient) application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
7 CVE-2014-6638 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The wTMDesktop (aka com.wTMDesktop) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
8 CVE-2014-6637 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Facebook Facts (aka com.wFacebookFacts) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
9 CVE-2014-6636 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The LG Telepresence (aka com.rsupport.rtc.lge) application 2.0.12 Build 63 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
10 CVE-2014-6232 +Info 2014-09-11 2014-09-11
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
11 CVE-2014-6064 200 +Info 2014-09-02 2014-09-13
4.0
None Remote Low Single system Partial None None
The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors.
12 CVE-2014-6025 310 +Info 2014-09-09 2014-09-21
5.4
None Local Network Medium Not required Partial Partial Partial
The Chartboost library before 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
13 CVE-2014-6024 310 +Info 2014-09-08 2014-09-11
5.4
None Local Network Medium Not required Partial Partial Partial
The Flurry library before 3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
14 CVE-2014-6023 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The s-peek credit rating report (aka com.rhomobile.speek) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
15 CVE-2014-6022 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Versent Books (aka com.versentbooks) application 1.1.99 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
16 CVE-2014-6021 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Harley-Davidson Visa (aka com.usbank.icsmobile.harleydavidson) application 1.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
17 CVE-2014-6020 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Fuel Rewards Network (aka com.excentus.frn) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
18 CVE-2014-6019 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The psychology (aka com.alek.psychology) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
19 CVE-2014-6018 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The global beauty research (aka com.appems.topgirl) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
20 CVE-2014-6017 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Doodle Drop (aka net.lazyer.DoodleDrop) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
21 CVE-2014-6016 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Celluloid (aka com.eurisko.celluloid) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
22 CVE-2014-6015 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The TuCarro (aka com.tucarro) application 2.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
23 CVE-2014-6014 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Conquest Of Fantasia (aka air.com.ingen.studios.cof.sg) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
24 CVE-2014-6013 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The nuSquare (aka tw.com.nuphoto.nusquare) application 1.0.78 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
25 CVE-2014-6012 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Gravity Bounce (aka net.toddm.gb) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
26 CVE-2014-6011 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The cutprice (aka kr.co.wedoit.cutprice) application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
27 CVE-2014-6010 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Rasta Weed Widgets HD (aka aw.awesomewidgets.rastaweed) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
28 CVE-2014-6009 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Zombie Detector (aka com.jimmybolstad.zombiedetector) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
29 CVE-2014-6008 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Blitz Bingo (aka com.appMobi.sbbingo.app) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
30 CVE-2014-6007 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The LikeHero Get Instagram Likes (aka com.fraoula.likehero) application 1.0.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
31 CVE-2014-6006 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
32 CVE-2014-6005 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Survey.com Mobile (aka com.survey.android) application 3.2.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
33 CVE-2014-6004 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
34 CVE-2014-6003 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Belas Frases de Amor (aka com.goodbarber.frasesdeamor) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
35 CVE-2014-6002 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The DTE Energy (aka com.dteenergy.mydte) application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
36 CVE-2014-6001 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The gewara (aka com.gewara) application 5.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
37 CVE-2014-6000 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The FreshDirect (aka com.freshdirect.android) application 2.7.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
38 CVE-2014-5999 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The autonavi (aka com.telenav.doudouyou.android.autonavi) application 4.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
39 CVE-2014-5998 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The SkyDrive Assistant (aka com.dhh.sky) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
40 CVE-2014-5997 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Auto Trader (aka za.co.autotrader.android.app) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
41 CVE-2014-5996 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The DEKRA Used Car Report (aka com.dekra.maengelreport) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
42 CVE-2014-5995 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
43 CVE-2014-5994 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
44 CVE-2014-5993 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The MLB Preplay (aka com.preplay.android.mlb) application 5.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
45 CVE-2014-5992 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The successsecrets (aka com.alek.successsecrets) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
46 CVE-2014-5991 +Info 2014-09-22 2014-09-22
0.0
None ??? ??? ??? ??? ??? ???
The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
47 CVE-2014-5990 +Info 2014-09-20 2014-09-20
0.0
None ??? ??? ??? ??? ??? ???
The cookbible (aka net.bookjam.cookbible) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
48 CVE-2014-5989 +Info 2014-09-20 2014-09-20
0.0
None ??? ??? ??? ??? ??? ???
The baby days (aka jp.co.cyberagent.babydays) application 1.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
49 CVE-2014-5988 +Info 2014-09-20 2014-09-20
0.0
None ??? ??? ??? ??? ??? ???
The Azkend Gold (aka com.the10tons.azkend.gold) application 1.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
50 CVE-2014-5987 +Info 2014-09-20 2014-09-20
0.0
None ??? ??? ??? ??? ??? ???
The My3 - by 3HK (aka com.my3) application @7F0A0001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 4324   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.