Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2500 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-5986 1 Puzzles And Matchup Games Project 1 Educational Puzzles - Letters 2025-04-12 N/A
The Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5849 1 Disney 1 Maleficent Free Fall 2025-04-12 N/A
The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7739 1 Deceiver 1 Anahi A Adopter Fr 2025-04-12 N/A
The Anahi A Adopter FR (aka com.wAnahiAAdopterFR) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7733 1 Magzter 1 Karaf Magazin 2025-04-12 N/A
The Karaf Magazin (aka com.magzter.karafmagazin) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7749 1 Intsig 1 Camdictionary 2025-04-12 N/A
The CamDictionary (aka com.intsig.camdict) application 2.3.0.20131118 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7757 1 Awful Ninja Game Project 1 Awful Ninja Game 2025-04-12 N/A
The Awful Ninja Game (aka com.absolutelyawfulapplications.awfulninjagame) application 1.0.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7769 1 Mibizapps 1 Accurate Lending 2025-04-12 N/A
The Accurate Lending (aka com.soln.S7B193908AEA1937C7CBB4E889A46D3C0) application 1.0021.b0021 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7770 1 Mediaonlinecenter 1 Lagu Pop Indonesia 2025-04-12 N/A
The Lagu POP Indonesia (aka com.lagu.pop.indonesia.xygwphqpuomclljvaa) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7777 1 Gcspublishing 1 Slingshot Forum 2025-04-12 N/A
The Slingshot Forum (aka com.tapatalk.theslingshotforumcom) application 3.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7778 1 Magzter 1 Epc World 2025-04-12 N/A
The Epc World (aka com.magzter.epcworld) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7783 1 Billgbennett 1 Bill G. Bennett 2025-04-12 N/A
The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7786 1 Magzter 1 English Football Magazine 2025-04-12 N/A
The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7787 1 Synapse 1 Ishuttle 2025-04-12 N/A
The iShuttle (aka com.synapse.ishuttle_user) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7788 1 Best Free Giveaways Project 1 Best Free Giveaways 2025-04-12 N/A
The Best Free Giveaways (aka com.wIphone5GiveAways) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7785 1 Onesolutionapps 1 Aaaa Discount Bail 2025-04-12 N/A
The AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7795 1 Itp 1 Harpers Bazaar Art 2025-04-12 N/A
The Harpers Bazaar Art (aka com.itp.harpersart) application @7F080181 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7803 1 Onesolutionapps 1 Woodward Bail 2025-04-12 N/A
The Woodward Bail (aka com.onesolutionapps.woodwardbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-8627 1 Polarssl 1 Polarssl 2025-04-12 N/A
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
CVE-2014-8840 1 Apple 1 Iphone Os 2025-04-12 N/A
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store.
CVE-2014-6010 1 Awesomewidgets 1 Rasta Weed Widgets Hd 2025-04-12 N/A
The Rasta Weed Widgets HD (aka aw.awesomewidgets.rastaweed) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.