CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2014

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2014-7648 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The SMARTalk (aka jp.co.fusioncom.smartalk.android) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
252 CVE-2014-7647 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The BOOKING DISCOUNT (aka com.wmygoodhotelscom) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
253 CVE-2014-7646 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The EMT-Paramedic Lite (aka com.wEMTparamedicLite) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
254 CVE-2014-7644 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Go MSX MLS (aka com.doapps.android.realestate.RE_16b9c09c4d5b0e174208f35e7c49f9a0) application 2.3.4.MR3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
255 CVE-2014-7643 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The C.R. Group (aka com.c.r.group) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
256 CVE-2014-7642 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Pegasus Airlines (aka com.wPegasusAirlines) application 0.84.13503.96707 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
257 CVE-2014-7640 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Hotel Room (aka com.wHotelRoom) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
258 CVE-2014-7638 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Fabuestereo 88.1 FM (aka com.nobexinc.wls_27892411.rc) application 3.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
259 CVE-2014-7636 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The United Hawk Nation (aka com.united12thman) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
260 CVE-2014-7634 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Adopt O Pet (aka com.wFindAPet) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
261 CVE-2014-7633 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
262 CVE-2014-7632 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The news revolution - bahrain (aka com.news.revolution.BH) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
263 CVE-2014-7631 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Villa Antonia (aka com.appbuilder.u7p5019) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
264 CVE-2014-7630 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Fling Gold (aka com.mbgames.fling.gold) application 1.1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
265 CVE-2014-7629 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Yulman Stadium (aka com.dub.app.tulanestadium) application 1.4.25 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
266 CVE-2014-7628 310 +Info 2014-10-21 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Acorn Comms (aka com.acorncomms.app) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
267 CVE-2014-7626 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Atme (aka com.bedigital.atme) application 1.0.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
268 CVE-2014-7624 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Guess the Pixel Character Quiz (aka com.aiadp.pixelcQuiz) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
269 CVE-2014-7622 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Affinity Mobile ATM Locator (aka com.collegemobile.affinity.locator) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
270 CVE-2014-7621 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The EIN Lookup (aka appinventor.ai_siwanuth.EINLookup) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
271 CVE-2014-7620 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Authors On Tour - Live! (aka com.appmakr.app122286) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
272 CVE-2014-7618 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Interior Design (aka com.interior.design.mcreda) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
273 CVE-2014-7617 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The www.roads365.com (aka ydx.android) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
274 CVE-2014-7616 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Physics Forums (aka com.tapatalk.physicsforumscom) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
275 CVE-2014-7614 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Warrior Beach Retreat (aka com.wWarriorBeachRetreat) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
276 CVE-2014-7613 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The WASPS Official Programmes (aka com.triactivemedia.wasps) application @7F080130 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
277 CVE-2014-7612 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The e-Kiosk (aka com.ekioskreader.android.pdfviewer) application 1.74 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
278 CVE-2014-7611 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Lost Temple (aka com.crazy.game.good.mengchenglu.templeI) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
279 CVE-2014-7610 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Kadinlar Kulubu KKMobileApp (aka com.tapatalk.kadinlarkulubucom) application 3.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
280 CVE-2014-7609 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The iStunt 2 (aka com.miniclip.istunt2) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
281 CVE-2014-7608 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
282 CVE-2014-7607 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Swamiji.tv (aka org.yidl.SwamijiTV) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
283 CVE-2014-7606 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Concursive (aka com.concursive.app) application 2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
284 CVE-2014-7605 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Actors Key (aka com.conduit.app_f83daeb6861b401bb103c33ea4210029.app) application 1.6.24.477 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
285 CVE-2014-7604 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
286 CVE-2014-7603 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Gravey Design (aka com.dreamstep.wGraveyDesign) application 0.58.13357.54919 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
287 CVE-2014-7602 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The FRONT (aka com.magazinecloner.front) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
288 CVE-2014-7598 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Poker Puzzle (aka com.sharpiq.pokerpuzzle) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
289 CVE-2014-7597 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Fabulas Infantiles (aka com.mobincube.android.sc_9I1A3) application 3.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
290 CVE-2014-7596 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Paramore (aka uk.co.pixelkicks.paramore) application 2.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
291 CVE-2014-7595 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The devada.co.uk (aka com.wdevadacouk) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
292 CVE-2014-7593 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Mr Whippet - Yorkshire Ice (aka com.appytimes.ice) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
293 CVE-2014-7592 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The FOL (aka com.desire2learn.fol.mobile.app.campuslife.directory) application 3.0.729.1459 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
294 CVE-2014-7591 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Demon (aka com.ireadercity.c24) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
295 CVE-2014-7590 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The WebPromoExperts (aka ua.com.webpromoexperts) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
296 CVE-2014-7589 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Industrial and Commercial Bank of China (ICBC) Banking (aka com.icbc.android) application 2.40 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
297 CVE-2014-7587 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Blocked in Free (aka com.blueup.blocked) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
298 CVE-2014-7585 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Biplane Forum (aka com.gcspublishing.biplaneforum) application 3.7.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
299 CVE-2014-7584 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The ACN2GO (aka com.dataparadigm.acnmobile) application 1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
300 CVE-2014-7582 310 +Info 2014-10-20 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The Water Lateral Sizer (aka com.wWaterLateralSizer) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Total number of vulnerabilities : 1414   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.