Search Results (2509 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-2053 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt 2025-04-12 N/A
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.
CVE-2014-7366 1 Magzter 1 Identity 2025-04-12 N/A
The Identity (aka com.magzter.identity) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2016-6899 1 Huawei 14 Rh1288 V3 Server, Rh1288 V3 Server Firmware, Rh2288 V3 Server and 11 more 2025-04-12 N/A
The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm.
CVE-2014-7368 1 Creatingahaven 1 Compassion Satisfaction 2025-04-12 N/A
The Compassion Satisfaction (aka com.wCompassionSatisfactionWorkshopPresentation) application 0.75.13440.35155 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7369 1 Galsila 1 Il Brillo Parlante 2025-04-12 N/A
The Il Brillo Parlante (aka com.wIlBrilloParlante) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7373 1 Magzter 1 Inspire Weddings 2025-04-12 N/A
The Inspire Weddings (aka com.magzter.inspireweddings) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7375 1 Mobileappcity 1 Childcare 2025-04-12 N/A
The Childcare (aka com.app_macchildcare.layout) application 1.399 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7379 1 Eigenwinkelapp 1 Kiddie Kinderschoenen 2025-04-12 N/A
The Kiddie Kinderschoenen (aka nl.eigenwinkelapp.kiddiekinderschoenen) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7452 1 Shaklee Product Catalog Project 1 Shaklee Product Catalog 2025-04-12 N/A
The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7456 1 Magzter 1 Digit Magazine 2025-04-12 N/A
The Digit Magazine (aka com.magzter.digitmagazine) application 3.01 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-1848 2 Fedora, Redhat 6 Pacemaker Configuration System, Enterprise Linux, Enterprise Linux High Availability and 3 more 2025-04-12 N/A
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.
CVE-2014-7458 1 Bloomyou 1 Bloomyou Valentine 2025-04-12 N/A
The BloomYou Valentine (aka com.bloomyouteam.bloomyou.valentine) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7467 1 Magzter 1 Honeybee Mag 2025-04-12 N/A
The HoneyBee Mag (aka com.magzter.honeybeemag) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7475 1 Drifty 1 Ionic View 2025-04-12 N/A
The Ionic View (aka com.ionic.viewapp) application 0.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2016-3071 2 Fedoraproject, Libreswan 2 Fedora, Libreswan 2025-04-12 N/A
Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.
CVE-2014-7079 1 Cybird 1 Romeo And Juliet 2025-04-12 N/A
The Romeo and Juliet (aka jp.co.cybird.appli.android.rjs) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7080 1 Sigong Ebook Project 1 Sigong Ebook 2025-04-12 N/A
The Sigong ebook (aka com.sigongsa.sigonggenre) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7082 1 Imapp 1 No Disturb 2025-04-12 N/A
The No Disturb (aka com.blogspot.imapp.imnodisturb) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7083 1 Jiujik 1 Jiu Jik 2025-04-12 N/A
The Jiu Jik (aka com.scmp.jiujik) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7087 1 Appa-apps 1 Top Roller Coasters Europe 1 2025-04-12 N/A
The Top Roller Coasters Europe 1 (aka com.appaapps.top10tallesteuropeanrollercoasters1) application @7F050001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.