CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2014

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2014-5995 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
302 CVE-2014-5994 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
303 CVE-2014-5993 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The MLB Preplay (aka com.preplay.android.mlb) application 5.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
304 CVE-2014-5992 310 +Info 2014-09-22 2014-12-03
5.4
None Local Network Medium Not required Partial Partial Partial
The successsecrets (aka com.alek.successsecrets) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
305 CVE-2014-5991 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
306 CVE-2014-5990 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The cookbible (aka net.bookjam.cookbible) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
307 CVE-2014-5989 310 +Info 2014-09-20 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The baby days (aka jp.co.cyberagent.babydays) application 1.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
308 CVE-2014-5988 310 +Info 2014-09-20 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The Azkend Gold (aka com.the10tons.azkend.gold) application 1.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
309 CVE-2014-5987 310 +Info 2014-09-20 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The My3 - by 3HK (aka com.my3) application @7F0A0001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
310 CVE-2014-5986 310 +Info 2014-09-20 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
311 CVE-2014-5985 310 +Info 2014-09-20 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
312 CVE-2014-5984 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Little Dragons (aka com.playcomo.dragongame) application 1.0.256 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
313 CVE-2014-5983 310 +Info 2014-09-22 2017-07-11
5.4
None Local Network Medium Not required Partial Partial Partial
The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
314 CVE-2014-5982 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The RunKeeper - GPS Track Run Walk (aka com.fitnesskeeper.runkeeper.pro) application 4.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
315 CVE-2014-5981 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The MoWeather (aka com.moji.moweather) application 1.40.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
316 CVE-2014-5980 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Genertel (aka com.genertel) application 2.6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
317 CVE-2014-5979 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The TV Bengali Open Directory (aka com.TVBengali) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
318 CVE-2014-5978 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The memetan (aka memetan.android.com.activity) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
319 CVE-2014-5977 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Mobile Face (aka com.wFacemobile) application 0.74.13432.91159 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
320 CVE-2014-5976 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
321 CVE-2014-5975 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
322 CVE-2014-5974 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
323 CVE-2014-5973 310 +Info 2014-09-20 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Aquarium Advice (aka com.socialknowledge.aquariumadvice) application 3.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
324 CVE-2014-5972 310 +Info 2014-09-20 2014-12-03
5.4
None Local Network Medium Not required Partial Partial Partial
The Loving - Couple Essential (aka com.xiaoenai.app) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
325 CVE-2014-5971 310 +Info 2014-09-22 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
326 CVE-2014-5970 310 +Info 2014-09-19 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
327 CVE-2014-5969 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The healthylifestyle (aka com.alek.healthylifestyle) application 1.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
328 CVE-2014-5968 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The iGolf - Golf GPS (aka com.igolf) application 20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
329 CVE-2014-5967 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The Designs Nail Arts (aka com.decoracionesnailart.flickr) application 3.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
330 CVE-2014-5966 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The Dreamland Super Theme GO Gold (aka com.gau.go.launcherex.viptheme.dreamland.gold) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
331 CVE-2014-5965 310 +Info 2014-09-19 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The GrooveMusic (aka com.mobincube.android.sc_2HKFF) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
332 CVE-2014-5964 310 +Info 2014-09-19 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The MegaBank (aka com.megabank.mobilebank) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
333 CVE-2014-5963 310 +Info 2014-09-19 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The Halieutics (aka com.corn.Halieutics) application 21.40.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
334 CVE-2014-5962 310 +Info 2014-09-19 2014-09-25
5.4
None Local Network Medium Not required Partial Partial Partial
The Guess The Actor (aka com.gamelikeinc.actors) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
335 CVE-2014-5961 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The russiananime (aka com.rareartifact.russiananime68A5CCFE) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
336 CVE-2014-5960 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
337 CVE-2014-5959 310 +Info 2014-09-19 2014-10-02
5.4
None Local Network Medium Not required Partial Partial Partial
The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
338 CVE-2014-5958 310 +Info 2014-09-19 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) application 2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
339 CVE-2014-5957 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
340 CVE-2014-5956 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
341 CVE-2014-5955 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
342 CVE-2014-5954 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
343 CVE-2014-5953 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The KASKUS (aka com.kaskus.android) application 2.13.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
344 CVE-2014-5952 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
345 CVE-2014-5951 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
346 CVE-2014-5950 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
347 CVE-2014-5949 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
348 CVE-2014-5948 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Obama for America (aka com.barackobama.ofa) application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
349 CVE-2014-5947 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
350 CVE-2014-5946 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) application 3.4.12 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1150   Page : 1 2 3 4 5 6 7 (This Page)8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.