CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2014

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2014-7456 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
402 CVE-2014-7455 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Zoella Unofficial (aka com.automon.ay.zoella) application 1.4.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
403 CVE-2014-7454 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Detox Juicing Diet Recipes (aka com.wDetoxJuicingDietRecipes) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
404 CVE-2014-7452 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
405 CVE-2014-7450 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The allnurses (aka com.tapatalk.allnursescom) application 3.4.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
406 CVE-2014-7449 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The My NGEMC Account (aka com.ngemc.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
407 CVE-2014-7448 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The DealSide Institutional (aka com.magzter.dealsideinstitutional) application 3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
408 CVE-2014-7447 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Dattch - The Lesbian App (aka com.dattch.dattch.app) application 0.30 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
409 CVE-2014-7446 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Bilingual Magic Ball (aka com.wBilingualMagicBall) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
410 CVE-2014-7445 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The LEGEND OF TRANCE (aka com.legendoftrance) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
411 CVE-2014-7444 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
412 CVE-2014-7443 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Face Fun Photo Collage Maker 2 (aka com.kauf.facefunphotocollagemaker2) application 1.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
413 CVE-2014-7441 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Pakan Ken Tube (aka com.PakanKen) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
414 CVE-2014-7439 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The bene+ odmeny a slevy (aka cz.gemoney.bene.android) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
415 CVE-2014-7437 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Love Horoscope Guide (aka com.charl.charlylovehoroscopes) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
416 CVE-2014-7436 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SOS recette (aka com.sos.recette) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
417 CVE-2014-7435 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The AJD Bail Bonds (aka com.onesolutionapps.ajdbailbondsandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
418 CVE-2014-7434 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The RTSinfo (aka ch.rts.rtsinfo) application 1.4.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
419 CVE-2014-7433 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Student ID (aka com.computas.studentbevis) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
420 CVE-2014-7432 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The CalculatorApp (aka com.intuit.alm.testandroidapp) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
421 CVE-2014-7431 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Breeze Jersey (aka com.sc.breezeje.banking) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
422 CVE-2014-7430 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Flood-It (aka com.appspot.eoltek.flood) application 4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
423 CVE-2014-7428 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The 7725.com Three Kingdoms (aka com.platform7725.youai.jiejian) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
424 CVE-2014-7427 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) application 0.75.13441.88885 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
425 CVE-2014-7425 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Doodle Devil Free (aka com.joybits.doodledevil_free) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
426 CVE-2014-7424 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Quran Abu Bakr AshShatiri Free (aka com.wQuranAbuBakrFREE) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
427 CVE-2014-7423 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Youth Incorporated (aka com.magzter.youthincorporated) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
428 CVE-2014-7422 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The HEA Mobile (aka com.homerelectric.smartapps) application 1.153.0034 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
429 CVE-2014-7421 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
430 CVE-2014-7420 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Just Bureaucracy (aka com.magzter.justbureaucracy) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
431 CVE-2014-7419 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The PokeCreator Lite (aka com.pokecreator.builderlite) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
432 CVE-2014-7418 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The BBC Knowledge Magazine (aka com.magzter.bbcknowledge) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
433 CVE-2014-7417 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Real Academia de Bellas Artes (aka com.adianteventures.adianteapps.real_academia_de_bellas_artes) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
434 CVE-2014-7416 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Craft Stamper Magazine (aka com.triactivemedia.craftstamper) application @7F080183 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
435 CVE-2014-7415 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Asylum! (aka com.nobexinc.wls_96362255.rc) application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
436 CVE-2014-7414 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The CLEO Malaysia (aka com.magzter.cleomalaysia) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
437 CVE-2014-7413 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Rajendra Suriji (aka com.rajendrasuriji.nakodabhairav.com) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
438 CVE-2014-7410 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Aptallik Testi (aka com.wAptallikTesti) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
439 CVE-2014-7409 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Liburan Hemat (aka com.liburan.bro) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
440 CVE-2014-7408 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Gary Johnson for President '12 (aka com.GaryJohnson2012) application 0.75.13439.53899 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
441 CVE-2014-7407 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Game Day Tix (aka com.xcr.android.mygamedaytickets) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
442 CVE-2014-7406 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Deakin University (aka com.desire2learn.campuslife.deakin.edu.au.directory) application 1.1.729.1694 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
443 CVE-2014-7405 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Belaire Family Orthodontics (aka com.app_bf.layout) application 1.304 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
444 CVE-2014-7403 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The NZHondas.com (aka com.tapatalk.nzhondascom) application 3.6.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
445 CVE-2014-7402 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SK encar (aka com.encardirect.app) application @7F050000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
446 CVE-2014-7399 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Suzanne Glathar (aka com.app_sglathar.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
447 CVE-2014-7398 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Dil Bilgisi Kurallari (aka com.buronya.dilbilgisi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
448 CVE-2014-7397 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The ileri Gazetesi - Yozgat (aka com.byfes.ilerigazetesi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
449 CVE-2014-7396 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The PocketKnife Bravo Super (aka com.wPocketKnifeBravo) application 0.54.13345.33028 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
450 CVE-2014-7395 310 +Info 2014-10-19 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The USF BCM (aka com.appmakr.app193115) application 252847 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1414   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.