Export limit exceeded: 363437 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2510 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-3404 1 Cisco 1 Ios Xe 2025-04-12 N/A
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.
CVE-2014-5864 1 Getswish 1 Swish Payments 2025-04-12 N/A
The Swish payments (aka se.bankgirot.swish) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5868 1 Cisco 1 Cisco Technical Support 2025-04-12 N/A
The Cisco Technical Support (aka com.cisco.swtg_android) application 3.7.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5870 1 Kmart 1 Kmart 2025-04-12 N/A
The Kmart (aka com.kmart.android) application 6.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-0741 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461.
CVE-2014-0860 1 Ibm 6 Advanced Management Module, Advanced Management Module Firmware, Integrated Management Module and 3 more 2025-04-12 N/A
The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Management Module (IMM), and the firmware before 4.15 in IBM Integrated Management Module II (IMM2) contains cleartext IPMI credentials, which allows attackers to execute arbitrary IPMI commands, and consequently establish a blade remote-control session, by leveraging access to (1) the chassis internal network or (2) the Ethernet-over-USB interface.
CVE-2014-0866 1 Ibm 2 Algo Credit Limits, Algorithmics 2025-04-12 N/A
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics sends cleartext credentials over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2014-7780 1 Ienvisage 1 Pakistan Cricket News 2025-04-12 N/A
The Pakistan Cricket News (aka com.conduit.app_cf18df8bdf454eb0a836e2d29886bc40.app) application 1.21.38.6504 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7782 1 Macedonia Hacienda Hotel Project 1 Macedonia Hacienda Hotel 2025-04-12 N/A
The Macedonia Hacienda Hotel (aka appinventor.ai_orolimpio999.HotelMacedonia) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7783 1 Billgbennett 1 Bill G. Bennett 2025-04-12 N/A
The Bill G. Bennett (aka com.billgbennett) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7785 1 Onesolutionapps 1 Aaaa Discount Bail 2025-04-12 N/A
The AAAA Discount Bail (aka com.onesolutionapps.aaaadiscountbailandroid) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-2001 1 Jreast 1 Jr East Japan 2025-04-12 N/A
The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.
CVE-2014-7786 1 Magzter 1 English Football Magazine 2025-04-12 N/A
The English Football Magazine (aka com.magzter.englishfootball) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7788 1 Best Free Giveaways Project 1 Best Free Giveaways 2025-04-12 N/A
The Best Free Giveaways (aka com.wIphone5GiveAways) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7878 1 Hp 1 Helion Cloud Development Platform 2025-04-12 N/A
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
CVE-2014-3620 2 Apple, Haxx 3 Mac Os X, Curl, Libcurl 2025-04-12 N/A
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.
CVE-2014-7075 1 Happycloud 1 Happy 2025-04-12 N/A
The HAPPY (aka com.tw.knowhowdesign.sinfonghuei) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7948 2 Google, Redhat 2 Chrome, Rhel Extras 2025-04-12 N/A
The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate.
CVE-2014-3908 1 Amazon 1 Kindle 2025-04-12 N/A
The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-3089 1 Ibm 2 Rational Directory Administrator, Rational Directory Server 2025-04-12 N/A
The RDS Java Client library in IBM Rational Directory Server (RDS) 5.1.1.x before 5.1.1.2 iFix004 and 5.2.x before 5.2.1 iFix003, and Rational Directory Administrator (RDA) 6.0 before iFix002, includes the cleartext root password, which allows local users to obtain sensitive information by reading a library file.