Search Results (363423 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-6640 1 Dnb 1 Dnb Trade 2025-04-12 N/A
The DNB Trade (aka lt.dnb.mobiletrade) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6645 1 Batch 1 Batch Library 2025-04-12 N/A
The Batch library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-0499 6 Canonical, Debian, Mariadb and 3 more 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.
CVE-2014-6648 1 Iphone4 1 Iphone4.tw 2025-04-12 N/A
The iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application 3.3.20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6649 1 Mybroadband 1 Mybroadband Tapatalk 2025-04-12 N/A
The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-3788 1 Cogentdatahub 1 Cogent Datahub 2025-04-12 N/A
Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request.
CVE-2014-6650 1 Nextgenupdate 1 Nextgenupdate 2025-04-12 N/A
The NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) application 3.1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-3789 1 Cogentdatahub 1 Cogent Datahub 2025-04-12 N/A
GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2015-0500 2 Oracle, Suse 5 Communications Policy Management, Mysql, Suse Linux Enterprise Desktop and 2 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
CVE-2014-6655 1 Exoticpetnetwork 1 Tortoise Forum 2025-04-12 N/A
The Tortoise Forum (aka org.tortoiseforum.android.forumrunner) application 3.5.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6656 1 Drar-eym 1 Drareym 2025-04-12 N/A
The drareym (aka com.drareym) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-0501 7 Canonical, Debian, Juniper and 4 more 16 Ubuntu Linux, Debian Linux, Junos Space and 13 more 2025-04-12 N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
CVE-2014-6657 1 Alhazai 1 Leadership Newspapers 2025-04-12 N/A
The Leadership Newspapers (aka com.LeadershipNewspapers) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-0502 1 Oracle 1 Siebel Crm 2025-04-12 N/A
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1 and 8.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework.
CVE-2014-6663 1 Addisgag 1 Addis Gag Funny Amharic Pic 2025-04-12 N/A
The Addis Gag Funny Amharic Pic (aka com.wAmharicFunnyPicture) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-0504 1 Oracle 1 E-business Suite 2025-04-12 N/A
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Error Messages.
CVE-2014-6668 1 Nana Project 1 African Radios Live 2025-04-12 N/A
The African Radios Live (aka com.nana.africanradioslive) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6670 1 Singaporemotherhood 1 Singaporemotherhood Forum 2025-04-12 N/A
The SingaporeMotherhood Forum (aka com.tapatalk.singaporemotherhoodcomforum) application 3.6.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-8471 1 Ca 1 Cloud Service Management 2025-04-12 N/A
CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors.
CVE-2014-6671 1 Letshare 1 World Cup 2014 Brazil - Xem Tv 2025-04-12 N/A
The World Cup 2014 Brazil - Xem TV (aka vn.letshare.football.worldcup) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.