CVE List - 2014 / October
Showing 1001 - 1100 of 1413 CVEs for October 2014 (Page 11 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-7575 | 2014-10-20 | The eBiblio Andalucia (aka com.bqreaders.reader.ebiblioandalucia) application 1.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7576 | 2014-10-20 | The Chien Binh Bakugan 2 LongTieng (aka com.htv.chien.binh.bakugan.ii.hanh.trinh.moi.long.tieng) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive... |
| CVE-2014-7577 | 2014-10-20 | The B&H Photo Video Pro Audio (aka com.bhphoto) application 2.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive... |
| CVE-2014-7578 | 2014-10-20 | The Bieber News Now (aka com.jbnews) application 12.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7580 | 2014-10-20 | The Thailand Investor News (aka nudecreative.thaistock.set) application 1.39s for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7581 | 2014-10-20 | The Quotes of Travis Barker (aka com.celebrity_quotes.travisbarker) application 0.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-7582 | 2014-10-20 | The Water Lateral Sizer (aka com.wWaterLateralSizer) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7584 | 2014-10-20 | The ACN2GO (aka com.dataparadigm.acnmobile) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7585 | 2014-10-20 | The Biplane Forum (aka com.gcspublishing.biplaneforum) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7587 | 2014-10-20 | The Blocked in Free (aka com.blueup.blocked) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7589 | 2014-10-20 | The Industrial and Commercial Bank of China (ICBC) Banking (aka com.icbc.android) application 2.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers... |
| CVE-2014-7590 | 2014-10-20 | The WebPromoExperts (aka ua.com.webpromoexperts) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7591 | 2014-10-20 | The Demon (aka com.ireadercity.c24) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7592 | 2014-10-20 | The FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) application 3.0.729.1459 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7593 | 2014-10-20 | The Mr Whippet - Yorkshire Ice (aka com.appytimes.ice) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive... |
| CVE-2014-7595 | 2014-10-20 | The devada.co.uk (aka com.wdevadacouk) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7596 | 2014-10-20 | The Paramore (aka uk.co.pixelkicks.paramore) application 2.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7597 | 2014-10-20 | The Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7598 | 2014-10-20 | The Poker Puzzle (aka com.sharpiq.pokerpuzzle) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7602 | 2014-10-20 | The FRONT (aka com.magazinecloner.front) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7603 | 2014-10-20 | The Gravey Design (aka com.dreamstep.wGraveyDesign) application 0.58.13357.54919 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7604 | 2014-10-20 | The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive... |
| CVE-2014-7605 | 2014-10-20 | The Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.app) application 1.6.24.477 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7606 | 2014-10-20 | The Concursive (aka com.concursive.app) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7607 | 2014-10-20 | The Swamiji.tv (aka org.yidl.SwamijiTV) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7608 | 2014-10-20 | The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-7609 | 2014-10-20 | The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7610 | 2014-10-20 | The Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) application 3.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7611 | 2014-10-20 | The Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7612 | 2014-10-20 | The e-Kiosk (aka com.ekioskreader.android.pdfviewer) application 1.74 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7613 | 2014-10-20 | The WASPS Official Programmes (aka com.triactivemedia.wasps) application @7F080130 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7614 | 2014-10-20 | The Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-7616 | 2014-10-20 | The Physics Forums (aka com.tapatalk.physicsforumscom) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7617 | 2014-10-20 | The www.roads365.com (aka ydx.android) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-7618 | 2014-10-20 | The Interior Design (aka com.interior.design.mcreda) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7620 | 2014-10-20 | The Authors On Tour - Live! (aka com.appmakr.app122286) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive... |
| CVE-2014-7621 | 2014-10-20 | The EIN Lookup (aka appinventor.ai_siwanuth.EINLookup) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7622 | 2014-10-20 | The Affinity Mobile ATM Locator (aka com.collegemobile.affinity.locator) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-7624 | 2014-10-20 | The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive... |
| CVE-2014-7626 | 2014-10-20 | The Atme (aka com.bedigital.atme) application 1.0.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2012-2413 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php. |
| CVE-2012-5244 | 2014-10-20 | Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter... |
| CVE-2014-6280 | 2014-10-20 | Multiple cross-site scripting (XSS) vulnerabilities in OSClass before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) action or (2) nsextt parameter to oc-admin/index.php or... |
| CVE-2014-6308 | 2014-10-20 | Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php. |
| CVE-2012-5701 | 2014-10-20 | Multiple SQL injection vulnerabilities in dotProject before 2.1.7 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search_string or (2) where parameter in a contacts action, (3)... |
| CVE-2012-5865 | 2014-10-20 | SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action. |
| CVE-2012-5866 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in include.php in Achievo 1.4.5 allows remote attackers to inject arbitrary web script or HTML via the field parameter. |
| CVE-2014-2081 | 2014-10-20 | Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua before 2013.2.4 and 2014.x before 2014.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username... |
| CVE-2014-5094 | 2014-10-20 | Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function. |
| CVE-2014-5098 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in the Search module before 1.2.2 in Jamroom allows remote attackers to inject arbitrary web script or HTML via the query string to search/results/. |
| CVE-2014-5447 | 2014-10-20 | Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability... |
| CVE-2014-5448 | 2014-10-20 | Zarafa 5.00 uses world-readable permissions for the files in the log directory, which allows local users to obtain sensitive information by reading the log files. |
| CVE-2014-5449 | 2014-10-20 | Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data. |
| CVE-2014-8329 | 2014-10-20 | Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp... |
| CVE-2012-5694 | 2014-10-20 | Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4)... |
| CVE-2012-5695 | 2014-10-20 | Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1)... |
| CVE-2012-5696 | 2014-10-20 | Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request. |
| CVE-2012-5697 | 2014-10-20 | The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain... |
| CVE-2014-3830 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in info.php in TomatoCart 1.1.8.6.1 allows remote attackers to inject arbitrary web script or HTML via the faqs_id parameter. |
| CVE-2014-3978 | 2014-10-20 | SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact. |
| CVE-2014-5275 | 2014-10-20 | Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) email, or... |
| CVE-2014-5276 | 2014-10-20 | Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture... |
| CVE-2014-8331 | 2014-10-20 | Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B146D41SP00C00 and E3236sWebUI-V100R007B100D03SP01C03 allow remote attackers to hijack the authentication of administrators for... |
| CVE-2014-8330 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in EspoCRM allows remote authenticated users to inject arbitrary web script or HTML via the Name field in a new account. |
| CVE-2014-3564 | 2014-10-20 | Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly... |
| CVE-2014-5025 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit... |
| CVE-2014-5026 | 2014-10-20 | Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a... |
| CVE-2014-5169 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or... |
| CVE-2014-8363 | 2014-10-20 | SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter. |
| CVE-2014-8364 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ss_id parameter. |
| CVE-2014-3863 | 2014-10-20 | Cross-site scripting (XSS) vulnerability in the JChatSocial component before 2.3 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the filename parameter in a file upload... |
| CVE-2014-8365 | 2014-10-20 | Multiple cross-site scripting (XSS) vulnerabilities in Xornic Contact Us allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) email parameter to contact.php or... |
| CVE-2014-8366 | 2014-10-20 | SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php. |
| CVE-2014-4884 | 2014-10-21 | The Conrad Hotel (aka com.wConradHotel) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4885 | 2014-10-21 | The CPWORLD Close Protection World (aka com.tapatalk.closeprotectionworldcom) application 3.4.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-4887 | 2014-10-21 | The Joint Radio Blues (aka com.nobexinc.wls_69685189.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-4888 | 2014-10-21 | The BattleFriends at Sea GOLD (aka com.tequilamobile.warshipslivegold) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-4889 | 2014-10-21 | The Diabetic Diet Guide (aka com.wDiabeticDietGuide) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-4890 | 2014-10-21 | The Nano Digest (aka com.magzter.nanodigest) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4891 | 2014-10-21 | The CT iHub (aka com.concursive.ctihub) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4892 | 2014-10-21 | The uControl Smart Home Automation (aka de.ucontrol) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-4894 | 2014-10-21 | The MyMetro (aka com.myrippleapps.mymetro) application 2.4.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-4895 | 2014-10-21 | The Herpin Time Radio (aka com.herpin.time.radio) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-4896 | 2014-10-21 | The Parque Imperial (aka com.a792139893520606f84b2188a.a23428594a) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4897 | 2014-10-21 | The Touriosity Travelmag (aka com.magzter.touriositytravelmag) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4898 | 2014-10-21 | The Harivijay (aka com.upasanhar.marathi.harivijay) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-4899 | 2014-10-21 | The Indian Cement Review (aka com.magzter.indiancementreview) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-4900 | 2014-10-21 | The migme (aka com.projectgoth) application 4.03.002 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted... |
| CVE-2014-4901 | 2014-10-21 | The Bond Trading (aka com.appmakr.app613309) application 197705 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4903 | 2014-10-21 | The Kakao Bingo Garden (aka com.mocoga.bingogarden) application 1.0.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-4904 | 2014-10-21 | The Crossmo Calendar (aka com.crossmo.calendar) application 1.7.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-4905 | 2014-10-21 | The Clean Internet Browser (aka com.cleantab.browsesecure) application 1.36 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |
| CVE-2014-4906 | 2014-10-21 | The Brisbane & Queensland Alert (aka com.queensland.alert) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-7628 | 2014-10-21 | The Acorn Comms (aka com.acorncomms.app) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7629 | 2014-10-21 | The Yulman Stadium (aka com.dub.app.tulanestadium) application 1.4.25 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7630 | 2014-10-21 | The Fling Gold (aka com.mbgames.fling.gold) application 1.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7631 | 2014-10-21 | The Villa Antonia (aka com.appbuilder.u7p5019) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7632 | 2014-10-21 | The news revolution - bahrain (aka com.news.revolution.BH) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information... |
| CVE-2014-7633 | 2014-10-21 | The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a... |
| CVE-2014-7634 | 2014-10-21 | The Adopt O Pet (aka com.wFindAPet) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via... |