CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2014

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2014-6805 310 +Info 2014-09-30 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The weibo (aka magic.weibo) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
52 CVE-2014-6804 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Deschutes Public MobileLibrary (aka com.bredir.boopsie.deschutes) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
53 CVE-2014-6803 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Bank of Moscow EIRTS Rent (aka ru.bm.rbs.android) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
54 CVE-2014-6802 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The First Assembly NLR (aka com.subsplash.thechurchapp.firstassemblynlr) application 2.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
55 CVE-2014-6801 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The frank matano (aka com.frank.matano) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
56 CVE-2014-6800 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Bloom Township 206 (aka net.parentlink.bloom) application 4.0.500 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
57 CVE-2014-6799 310 +Info 2014-09-29 2021-04-09
5.4
None Local Network Medium Not required Partial Partial Partial
The Investigation Tool (aka gov.ca.post.lp.itool) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
58 CVE-2014-6798 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The McMaster Marauders (aka com.weever.marauders) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
59 CVE-2014-6797 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Abu Ali Anasheeds (aka com.faapps.abuali_anasheeds) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
60 CVE-2014-6796 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The LocalSense (aka com.LocalSense) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
61 CVE-2014-6795 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Beekeeping Forum (aka com.tapatalk.supporttapatalkcomxxxxx) application 3.9.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
62 CVE-2014-6794 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The AAPLD (aka com.bredir.boopsie.aapld) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
63 CVE-2014-6793 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Arch Friend (aka com.xyproto.archfriend) application 0.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
64 CVE-2014-6792 310 +Info 2014-09-29 2014-11-19
5.4
None Local Network Medium Not required Partial Partial Partial
The Suriname Radio (aka com.wordbox.surinameRadio) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
65 CVE-2014-6791 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Angel Reigns (aka com.conduit.app_dab60e7bd60d4f23a14b3fb7357f9dcd.app) application 1.2.6.185 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
66 CVE-2014-6790 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The INVEX (aka com.mobilatolye.keyinternet) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
67 CVE-2014-6789 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Anaheim Library 2Go! (aka com.bredir.boopsie.anaheim) application 4.5.110 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
68 CVE-2014-6788 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Oman News (aka com.oman.news.rmtzlnbuooordciw) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
69 CVE-2014-6787 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Counter Intuition (aka com.counter.intuition) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
70 CVE-2014-6786 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Math for Kids - Subtraction (aka it.tinytap.attsa.deepsub) application 1.2.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
71 CVE-2014-6785 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Renny McLean Ministries (aka com.subsplash.thechurchapp.s_GJQX72) application 2.8.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
72 CVE-2014-6784 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Fermononrespiri Mobile (aka com.tapatalk.rmonlineitforums) application 3.8.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
73 CVE-2014-6783 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Campus Link - Campus TV HKUSU (aka com.campus.tv.hkusu) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
74 CVE-2014-6782 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Abraham Tours (aka com.mytoursapp.android.app432) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
75 CVE-2014-6781 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Aloha Stadium - Hawaii (aka com.stadium.aloha) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
76 CVE-2014-6780 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The MeiTalk (aka com.playjia.meitalk) application @7F060012 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
77 CVE-2014-6779 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Cart App (aka com.virtecha.mobilewallet) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
78 CVE-2014-6778 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Goat Forum (aka com.gcspublishing.goatspot) application 3.9.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
79 CVE-2014-6777 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The blueeleph (aka eg.film.blueeleph) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
80 CVE-2014-6776 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The United Advantage NW Federal Cr (aka com.myappengine.uanwfcu) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
81 CVE-2014-6775 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Light for Pets (aka com.helenwoodward.light4pets) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
82 CVE-2014-6774 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The USEK (aka com.university.usek) application 1.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
83 CVE-2014-6773 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The CIH Quiz game (aka com.bowenehs.cihquizgameapp) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
84 CVE-2014-6772 310 +Info 2014-09-29 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The United Educational CU (aka com.metova.cuae.uecu) application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
85 CVE-2014-6771 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The United Heritage Mobile (aka Fi_Mobile.UHCU) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
86 CVE-2014-6770 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Aerospace Jobs (aka com.app_aerospacejobs.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
87 CVE-2014-6769 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Meteo Belgique (aka com.mobilesoft.belgiumweather) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
88 CVE-2014-6768 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Anywhere Anytime Yoga Workout (aka com.bayart.yoga) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
89 CVE-2014-6767 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Juggle! FREE (aka com.jakyl.juggleforfree) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
90 CVE-2014-6766 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Afro-Beat (aka com.zero.themelock.tambourine) application 0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
91 CVE-2014-6765 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The No Fuss Home Loans (aka com.soln.SA2CAA74BBC3AFEFE7C8BE3F3AAC499E7) application 1.0035.b0035 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
92 CVE-2014-6764 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Assyrian (aka com.b2.assyrian.activity) application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
93 CVE-2014-6763 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Codename Birdgame (aka com.devsecondfictioncom.devsecondfictioncom.birdadhoc) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
94 CVE-2014-6762 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The bongomovie (aka com.mbwasi.bongomovie) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
95 CVE-2014-6761 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Aprende a Meditar (aka com.rareartifact.aprendeameditar544CB0A2) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
96 CVE-2014-6760 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Harem Thief Dating (aka com.haremthief.haremthief) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
97 CVE-2014-6759 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Downton Abbey Fan Portal (aka com.downton.abbey.fan.portal) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
98 CVE-2014-6758 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Qin Story (aka com.kongzhong.tjmammoth.android.cqqslengp) application 1.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
99 CVE-2014-6757 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Koran - AlqoranVideos (aka com.alqoran.videos.example) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
100 CVE-2014-6756 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Reddit Aww (aka org.biais.redditawww) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1150   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.