CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2014

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2014-5945 310 +Info 2014-09-18 2014-09-24
5.4
None Local Network Medium Not required Partial Partial Partial
The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
352 CVE-2014-5944 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
353 CVE-2014-5943 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
354 CVE-2014-5942 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
355 CVE-2014-5941 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Armpit Spa & Girl Games (aka com.freegames.spamakeover) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
356 CVE-2014-5940 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
357 CVE-2014-5939 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
358 CVE-2014-5938 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The AllDealsAsia All Deals ADA app (aka com.ada.deals) application 4.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
359 CVE-2014-5937 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Social Networking (aka com.wSocialNetworkingSites) application 0.33.13320.99980 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
360 CVE-2014-5936 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The INCOgnito Private Browser (aka com.SL.InCoBrowser) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
361 CVE-2014-5935 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) application 1.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
362 CVE-2014-5934 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
363 CVE-2014-5933 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
364 CVE-2014-5932 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
365 CVE-2014-5931 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) application 7.21.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
366 CVE-2014-5930 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Store and Share (aka sg.com.singnet.mystorage.android) application 2.0.18 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
367 CVE-2014-5929 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
368 CVE-2014-5928 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
369 CVE-2014-5927 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The FastCustomer -- Fast Customer (aka www.fastcustomer.com) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
370 CVE-2014-5926 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
371 CVE-2014-5925 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBestSellers) application 0.312 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
372 CVE-2014-5924 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Monster Makeup (aka com.bearhugmedia.android_monster) application 1.0.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
373 CVE-2014-5923 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
374 CVE-2014-5922 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The ga6748 (aka com.g.ga6748) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
375 CVE-2014-5921 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Need for Speed Network (aka com.ea.nfsautolog.bv) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
376 CVE-2014-5920 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
377 CVE-2014-5919 310 +Info 2014-09-18 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application 1.3.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
378 CVE-2014-5918 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Secret Circle - talk freely (aka com.easyxapp.secret) application 2.2.00.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
379 CVE-2014-5917 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
380 CVE-2014-5916 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
381 CVE-2014-5915 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
382 CVE-2014-5914 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
383 CVE-2014-5913 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
384 CVE-2014-5912 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The InNote (aka com.intsig.notes) application 1.0.3.20131119 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
385 CVE-2014-5911 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
386 CVE-2014-5910 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
387 CVE-2014-5909 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The watcha (aka com.frograms.watcha) application 2.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
388 CVE-2014-5908 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Kmart (aka com.kmart.android) application @7F0C00EF for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
389 CVE-2014-5907 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
390 CVE-2014-5906 310 +Info 2014-09-17 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application 1.138 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
391 CVE-2014-5905 310 +Info 2014-09-15 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
392 CVE-2014-5904 310 +Info 2014-09-15 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The MiniInTheBox Online Shopping (aka com.miniinthebox.android) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
393 CVE-2014-5903 310 +Info 2014-09-15 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
394 CVE-2014-5902 310 +Info 2014-09-15 2014-09-22
5.4
None Local Network Medium Not required Partial Partial Partial
The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
395 CVE-2014-5901 310 +Info 2014-09-15 2014-09-23
5.4
None Local Network Medium Not required Partial Partial Partial
The Beauty Bible - App for Girls (aka com.my.beauty.bible) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
396 CVE-2014-5900 310 +Info 2014-09-15 2014-09-22
5.4
None Local Network Medium Not required Partial Partial Partial
The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
397 CVE-2014-5899 310 +Info 2014-09-15 2014-09-22
5.4
None Local Network Medium Not required Partial Partial Partial
The Nespresso (aka com.nespresso.activities) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
398 CVE-2014-5898 310 +Info 2014-09-15 2014-09-22
5.4
None Local Network Medium Not required Partial Partial Partial
The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application 1.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
399 CVE-2014-5897 310 +Info 2014-09-15 2014-09-22
5.4
None Local Network Medium Not required Partial Partial Partial
The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
400 CVE-2014-5896 310 +Info 2014-09-15 2014-09-22
5.4
None Local Network Medium Not required Partial Partial Partial
The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1150   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.