CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2014

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2014-6755 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SDN Forum (TapaTalk) (aka com.tapatalk.forumshiftdeletenet) application 3.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
102 CVE-2014-6754 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Vector Outage Manager (aka nz.co.vector.outagemanager) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
103 CVE-2014-6753 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The sunnat e rasool (aka com.imsoft.sunnat_e_rasool) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
104 CVE-2014-6752 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Mindless Behavior Fan Base (aka com.mindless.behavior.fan.base) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
105 CVE-2014-6751 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Grasshopper Beta (aka com.grasshopper.dialer) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
106 CVE-2014-6750 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The $0.99 Kindle Books (aka com.kindle.books.for99) application 6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
107 CVE-2014-6749 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The American Nurses Association (aka com.dub.poweredbydub.assoc.ana) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
108 CVE-2014-6748 310 +Info 2014-09-28 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The GEMAIRE's HVAC Assist (aka com.es.Gemaire) application 5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
109 CVE-2014-6747 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SeeOn (aka com.seeon) application 4.0.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
110 CVE-2014-6746 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Infiniti Roadside Assistance (aka com.ccas.rsa.common.infiniti) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
111 CVE-2014-6745 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Family Location (aka com.sosocome.family) application 3.4 2014-5-20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
112 CVE-2014-6744 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Al-Ahsa News (aka com.alahsa.news) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
113 CVE-2014-6743 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Hearsay: A Social Party Game (aka air.com.lip.per) application 1.7.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
114 CVE-2014-6742 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The All around Cyprus (aka com.cyprus.newspapers) application 2.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
115 CVE-2014-6741 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The John MacArthur (aka com.john.macarthur) application 1.0.26 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
116 CVE-2014-6740 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The XD Forum (aka com.tapatalk.xdforumcomforum) application 3.9.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
117 CVE-2014-6739 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Well-Being Connect Mobile (aka com.healthways.wellbeinggo) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
118 CVE-2014-6738 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Maccabi Tel Aviv (aka com.monkeytech.maccabi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
119 CVE-2014-6737 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Ultimate Target-Armored Sniper (aka air.wood.liame.ultimatetarget) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
120 CVE-2014-6736 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The EPL Hat Trick (aka com.hat.trick.goal) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
121 CVE-2014-6735 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The imagine Next bmobile (aka com.conduit.app_51c3c19581af465092327dd25591b224.app) application 1.7.10.243 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
122 CVE-2014-6734 310 +Info 2014-09-27 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Wine Making (aka com.gcspublishing.winemakingtalk) application 3.7.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
123 CVE-2014-6733 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The My T-Mobile (aka at.tmobile.android.myt) application @7F0C0030 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
124 CVE-2014-6732 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Westpac Mobile Banking (aka org.westpac.bank) application 5.21 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
125 CVE-2014-6731 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Alfa-Bank (aka ru.alfabank.mobile.android) application 5.5.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
126 CVE-2014-6730 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Melodigram (aka com.minusdegree.melodigramandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
127 CVE-2014-6729 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Grilling with Rich (aka com.grilling.with.rich) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
128 CVE-2014-6728 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The ThinkPal (aka com.mythinkpalapp) application 1.6.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
129 CVE-2014-6727 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Mikeius (Official App) (aka com.automon.mikeius) application 1.4.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
130 CVE-2014-6726 310 +Info 2014-09-26 2014-09-26
5.4
None Local Network Medium Not required Partial Partial Partial
The 30A (aka com.app30a) application 5.26.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
131 CVE-2014-6725 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SchoolXM (aka apprentice.schoolxm) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
132 CVE-2014-6724 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Soap Making (aka com.tapatalk.soapmakingforumcom) application 3.7.13 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
133 CVE-2014-6723 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Comics Plus (aka com.iversecomics.comicsplus.android) application 1.06 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
134 CVE-2014-6722 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Pescuit Crap Lite (aka ro.aventurilapescui.pescuitcrap.lite) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
135 CVE-2014-6721 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Pharmaguideline (aka com.pharmaguideline) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
136 CVE-2014-6720 310 +Info 2014-09-26 2014-09-26
5.4
None Local Network Medium Not required Partial Partial Partial
The Pesca de Carpa Lite (aka com.clearfishing.pescadecarpa.lite) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
137 CVE-2014-6719 310 +Info 2014-09-26 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Kayak Angler Magazine (aka air.com.yudu.ReaderAIR1360155) application 3.12.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
138 CVE-2014-6718 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The My Mobile Day (aka com.mymobileday) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
139 CVE-2014-6717 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The iTriage Health (aka com.healthagen.iTriage) application 5.29 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
140 CVE-2014-6716 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The fastin (aka moda.azyae.fastin.net) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
141 CVE-2014-6715 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SlotMachine (aka com.popoinnovation.SlotMachine) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
142 CVE-2014-6714 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The WebMD (aka com.webmd.android) application 3.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
143 CVE-2014-6713 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The MedQuiz: Medical Chat and MCQs (aka com.pdevsmedd.med) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
144 CVE-2014-6712 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Airlines International (aka org.iata.IAMagazine) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
145 CVE-2014-6711 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The ABC Lounge Webradio (aka com.nobexinc.wls_66087017.rc) application 3.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
146 CVE-2014-6710 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Chifro Kids Coloring Game (aka com.chifro.kids_coloring_game) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
147 CVE-2014-6709 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The TechRadar News (aka com.techradar.news) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
148 CVE-2014-6708 310 +Info 2014-09-25 2014-10-05
5.4
None Local Network Medium Not required Partial Partial Partial
The Sporting Club Uphoria (aka com.sportinginnovations.skc) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
149 CVE-2014-6707 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The 7Sage LSAT Prep - Proctor (aka com.sevensage.lsat) application 2.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
150 CVE-2014-6706 310 +Info 2014-09-25 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Embry-Riddle (aka com.dub.app.erau) application 1.4.04 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1150   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.