Total
976 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8941 | 1 Interval International | 1 Interval International | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Interval International app 3.3 through 3.5.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8940 | 1 Zipongo Inc. | 1 Healthy Recipes And Grocery Deals | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8939 | 1 Warnerbros | 1 Ellentube | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8938 | 1 Radiojavan | 1 Radio Javan | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8937 | 1 Life Before Us | 1 Yo. | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Life Before Us Yo app 2.5.8 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8936 | 1 Changyou | 1 Dolphin Web Browser | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.23.0 through 9.23.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8935 | 1 Gocivix | 1 Indiana Voters | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-8060 | 1 Watchguard | 1 Panda Mobile Security | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | |||||
| CVE-2017-8059 | 1 Foxitsoftware | 1 Foxit Pdf | 2023-11-07 | 4.3 MEDIUM | 8.1 HIGH |
| Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in. | |||||
| CVE-2017-8058 | 1 Atlassian | 1 Hipchat | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | |||||
| CVE-2017-7429 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. | |||||
| CVE-2017-5919 | 1 21st Century Insurance | 1 21st Century Insurance | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The 21st Century Insurance app 10.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5918 | 1 Banco De Costa Rica | 1 Bcr Movil | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Banco de Costa Rica BCR Movil app 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5916 | 1 America\'s First Federal Credit Union | 1 America\'s First Fcu Mobile Banking | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The America's First Federal Credit Union (FCU) Mobile Banking app 3.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5915 | 1 Emirates Nbd Bank P.j.s.c | 2 Emirates Nbd, Emirates Nbd Ksa | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Emirates NBD Bank P.J.S.C Emirates NBD KSA app 3.10.0 through 3.10.4 (UAE) and 2.0.1 through 2.1.0 (KSA) for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5914 | 1 Dotit-corp | 1 Banque Zitouna | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5913 | 1 Forex | 1 Tradeking Forex | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The TradeKing Forex for iPhone app 1.2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5912 | 1 Forex | 1 Forextrader | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The FOREX.com FOREXTrader for iPhone app 2.9.12 through 2.9.14 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5911 | 1 Banco Santander Mexico Sa | 1 Supermovil | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Banco Santander Mexico SA Supermovil app 3.5 through 3.7 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2017-5909 | 1 Electronic Funds Source Llc | 1 Efs Mobile Driver Source | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||