265 matches found
CVE-2014-7713
The Skin&Ink Magazine aka com.triactivemedia.skinandink application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7784
The Schon! Magazine aka com.magzter.schonmagazine application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7764
The Semper Invicta Fitness aka com.semper.invicta.fitness application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
subscription-manager: rhn-migrate-classic-to-rhsm missing SSL certificate verification
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials...
JON: Unapproved agents can connect using the name of an existing approved agent
Red Hat JBoss Operations Network JON before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name...