Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2508 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-7700 1 Chillingo 1 Flying Fox 2025-04-12 N/A
The Flying Fox (aka com.chillingo.slyfoxfree.android.aja) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7702 1 Ahtty 1 Ahtty 2025-04-12 N/A
The ahtty (aka com.crevation.babylon.ahtty) application 1.97.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-2576 2 Claws-mail, Opensuse 2 Claws-mail, Opensuse 2025-04-12 N/A
plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.
CVE-2014-6642 1 Marksdailyapple 1 Mark\'s Daily Apple Forum 2025-04-12 N/A
The Mark's Daily Apple Forum (aka com.tapatalk.marksdailyapplecomforum) application 2.4.9.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6645 1 Batch 1 Batch Library 2025-04-12 N/A
The Batch library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6650 1 Nextgenupdate 1 Nextgenupdate 2025-04-12 N/A
The NextGenUpdate (aka com.tapatalk.nextgenupdatecomforums) application 3.1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-4885 1 Closeprotectionworld 1 Cpworld Close Protection World 2025-04-12 N/A
The CPWORLD Close Protection World (aka com.tapatalk.closeprotectionworldcom) application 3.4.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-4894 1 Mymetro Project 1 Mymetro 2025-04-12 N/A
The MyMetro (aka com.myrippleapps.mymetro) application 2.4.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-2992 1 Misli 1 Misli.com App 2025-04-12 N/A
The Misli.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5972 1 Loving.fm 1 Loving - Couple Essential 2025-04-12 N/A
The Loving - Couple Essential (aka com.xiaoenai.app) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5975 1 Grabapp 1 Eponyms 2025-04-12 N/A
The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5977 1 Mobile Face Project 1 Mobile Face 2025-04-12 N/A
The Mobile Face (aka com.wFacemobile) application 0.74.13432.91159 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5980 1 Genertel 1 Genertel 2025-04-12 N/A
The Genertel (aka com.genertel) application 2.6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5985 1 Topappsbuilder Project 1 Animal Kaiser Zangetsu 2025-04-12 N/A
The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6770 1 Apppasta 1 Aerospace Jobs 2025-04-12 N/A
The Aerospace Jobs (aka com.app_aerospacejobs.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-0296 1 Microsoft 4 Windows 7, Windows 8, Windows 8.1 and 1 more 2025-04-12 N/A
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka "RDP MAC Vulnerability."
CVE-2014-6789 1 Boopsie 1 Anaheim Library 2go\! 2025-04-12 N/A
The Anaheim Library 2Go! (aka com.bredir.boopsie.anaheim) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6847 1 Horoscopesanddreams 1 Horoscopes And Dreams 2025-04-12 N/A
The Horoscopes and Dreams (aka com.horoscopesanddreams) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6860 1 Trialtracker 1 Trial Tracker 2025-04-12 N/A
The Trial Tracker (aka com.etcweb.android.trial_tracker) application 1.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6863 1 Digitalfruit 1 Mootorratturid \& Biker.ee 2025-04-12 N/A
The Mootorratturid & biker.ee (aka ee.digitalfruit.mootorratturid) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.