CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2014

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2014-6985 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Georgia Packing (aka com.tapatalk.georgiapackingorg) application 3.9.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
702 CVE-2014-6984 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Shots (aka com.shots.android) application 1.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
703 CVE-2014-6983 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The NBE (aka com.nbe.app) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
704 CVE-2014-6982 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Arabic Troll Football (aka com.hamoosh.ArabicTrollFootball) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
705 CVE-2014-6981 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Taiwan Business Bank (aka com.mitake.TBB) application 2.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
706 CVE-2014-6980 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
707 CVE-2014-6979 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The MiWay Insurance Ltd (aka com.MiWay.MD) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
708 CVE-2014-6978 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Karim Rahal Essoulami (aka com.karim.rahal.essoulami.lcxogeyuizteegxvnq) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
709 CVE-2014-6977 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The eLearn (aka com.desire2learn.campuslife.chattanoogastate.edu.directory) application 1.0.649.1194 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
710 CVE-2014-6976 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Aeroexpress (aka ru.lynx.aero) application 2.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
711 CVE-2014-6975 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Twin Lin (aka com.twinlin.twmo) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
712 CVE-2014-6974 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The MifaShow Hairstyles (aka com.mifashow) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
713 CVE-2014-6973 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Care4Kids (aka com.codetherapy.care4kids) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
714 CVE-2014-6972 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Kazakhstan Radio (aka com.wordbox.kazakhstanRadio) application 2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
715 CVE-2014-6971 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Easy Video Downloader (aka com.simon.padillar.EasyVideo) application 4.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
716 CVE-2014-6970 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The North American Ismaili Games (aka hr.apps.n166983741) application 5.26.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
717 CVE-2014-6969 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Deltin Suites (aka com.DeltinSuites) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
718 CVE-2014-6968 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Grandma's Grotto (aka com.mobileappsuite.grandmasgrotto) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
719 CVE-2014-6967 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Albion College (aka com.vivomobile.albioncollege) application 2.1.16 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
720 CVE-2014-6966 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The West Bend School District (aka net.parentlink.westbend) application 4.0.500 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
721 CVE-2014-6965 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The FAZ.NET (aka net.faz.FAZ) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
722 CVE-2014-6964 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Hanyang University Admissions (aka kr.ac.hanyang.planner) application 2.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
723 CVE-2014-6963 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The feiron (aka es.sw.feironmobile.app) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
724 CVE-2014-6962 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Elk Grove PublicStuff (aka com.wassabi.elkgrove) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
725 CVE-2014-6961 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The SudaniNet (aka com.sudaninet.wtwqiqbegq_btwlda) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
726 CVE-2014-6960 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Multitrac (aka com.multitrac) application 1.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
727 CVE-2014-6959 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The QinCard (aka com.haowan.qincard) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
728 CVE-2014-6958 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The ISMRM-ESMRMB 2014 (aka com.coreapps.android.followme.ismrm_esmrmb14) application 6.0.8.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
729 CVE-2014-6957 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The scottcolibmn (aka com.bredir.boopsie.scottlib) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
730 CVE-2014-6956 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Hydrogen Water (aka com.appzone628) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
731 CVE-2014-6955 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Le Grand Bleu (aka com.appzone468) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
732 CVE-2014-6954 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
733 CVE-2014-6953 310 +Info 2014-10-16 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The AFTERLIFE WITH ARCHIE (aka com.afterlifewitharchie.afterlifewitharchie) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
734 CVE-2014-6952 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Manga Facts (aka app.mangafacts.ar) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
735 CVE-2014-6951 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The OneFile Ignite (aka uk.co.onefile.ignite) application 1.19 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
736 CVE-2014-6950 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Mt. Airy News (aka com.soln.SBE4A803AD6430A6E9DBA5688AA644148) application 1.0069.b0069 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
737 CVE-2014-6949 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Akne Ernahrung (aka com.rareartifact.akneernahrung72010074) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
738 CVE-2014-6948 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The TH3 professional Al Mohtarif (aka com.th3professional.almohtarif) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
739 CVE-2014-6947 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Archie Comics (aka com.iversecomics.archie.android) application 1.07 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
740 CVE-2014-6946 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Re:kyu (aka com.appzone619) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
741 CVE-2014-6945 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Neeku Naaku Dash Dash (aka com.dakshaa.nndd) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
742 CVE-2014-6944 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The mitfahrgelegenheit.at (aka com.carpooling.android.at) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
743 CVE-2014-6943 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Konigsleiten (aka com.knigsleiten) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
744 CVE-2014-6942 310 +Info 2014-10-15 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Alisha Marie (Unofficial) (aka com.automon.ay.alisha.marie) application 1.4.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
745 CVE-2014-6941 310 +Info 2014-10-11 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The NOS Alive (aka pt.optimus.optimusalive2011) application 5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
746 CVE-2014-6940 310 +Info 2014-10-11 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Absolute Lending Solutions (aka com.soln.S008F6C05EC0B63264B429F6D76286562) application 1.0073.b0073 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
747 CVE-2014-6939 310 +Info 2014-10-11 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFree) application 5.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
748 CVE-2014-6938 310 +Info 2014-10-11 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The Apostilas musicais (aka com.apostilas) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
749 CVE-2014-6937 310 +Info 2014-10-11 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The China CITIC Bank Credit Card (aka com.citiccard.mobilebank) application 3.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
750 CVE-2014-6936 310 +Info 2014-10-11 2014-11-14
5.4
 None Local Network Medium Not required Partial Partial Partial
The IDS 2013 (aka de.mobileeventguide.ids2013) application 1.21 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1414   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 (This Page)16 17 18 19 20 21 22 23 24 25 26 27 28 29
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.