CVE-2014-5xxx

There are 873 CVE in this subgroup.

Last updated:

← Back to 2014

ID	Summary	Flags
CVE-2014-5000	The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the cur...	E
CVE-2014-5001	lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysql...	E
CVE-2014-5002	The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows loc...	E
CVE-2014-5003	chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb in the ciborg gem 3.0.0 for Ruby al...
CVE-2014-5004	lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command...
CVE-2014-5005	Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 all...	E
CVE-2014-5006	Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 all...	E
CVE-2014-5007	Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Centr...	E
CVE-2014-5008	Snoopy allows remote attackers to execute arbitrary commands....	S
CVE-2014-5009	Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due t...	S
CVE-2014-5011	DOMPDF before 0.6.2 allows Information Disclosure....	S
CVE-2014-5012	DOMPDF before 0.6.2 allows denial of service....	S
CVE-2014-5013	DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383....
CVE-2014-5014	The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute ar...
CVE-2014-5015	bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checkin...	S
CVE-2014-5016	Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote at...	E S
CVE-2014-5017	SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeS...	E S
CVE-2014-5018	Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in LimeSurvey 2.0...	E S
CVE-2014-5019	The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause...	S
CVE-2014-5020	The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which a...	S
CVE-2014-5021	Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x ...
CVE-2014-5022	Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote ...
CVE-2014-5023	Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to exec...	E
CVE-2014-5024	Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and U...	E
CVE-2014-5025	Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authentic...	E S
CVE-2014-5026	Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users...	E
CVE-2014-5027	Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 ...
CVE-2014-5028	The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2....
CVE-2014-5029	The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a sym...	S
CVE-2014-5030	CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (...	S
CVE-2014-5031	The web interface in CUPS before 2.0 does not check that files have world-readable permissions, whic...	S
CVE-2014-5032	GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attack...
CVE-2014-5033	KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a po...	E S
CVE-2014-5034	Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for W...	E
CVE-2014-5035	The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an...
CVE-2014-5036	The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equa...
CVE-2014-5037	Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, w...	S
CVE-2014-5038	Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system pa...	S
CVE-2014-5039	Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 a...
CVE-2014-5040	HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus 4.2.x before 4.2.1 allow remote au...
CVE-2014-5043	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2014-5044	Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or ...	S
CVE-2014-5045	The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maint...	E S
CVE-2014-5068	Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote ...
CVE-2014-5069	Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inj...	E
CVE-2014-5070	Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related t...
CVE-2014-5071	SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote...
CVE-2014-5072	Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for Wor...
CVE-2014-5073	vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute...	E
CVE-2014-5074	Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denia...	E S
CVE-2014-5075	The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is use...
CVE-2014-5076	The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an acti...	E
CVE-2014-5077	The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP...	S
CVE-2014-5081	sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication...	E
CVE-2014-5082	Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and earlier, Sphider Pro,...	E
CVE-2014-5083	A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of...	E
CVE-2014-5084	A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwri...	E
CVE-2014-5085	A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwr...	E
CVE-2014-5086	A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sa...	E
CVE-2014-5087	A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfunc...	E
CVE-2014-5088	Cross-site scripting (XSS) vulnerability in Status2k allows remote attackers to inject arbitrary web...	E
CVE-2014-5089	SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated admini...	E
CVE-2014-5090	admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary c...	E
CVE-2014-5091	A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includ...	E
CVE-2014-5092	Status2k allows Remote Command Execution in admin/options/editpl.php....	E
CVE-2014-5093	Status2k does not remove the install directory allowing credential reset....	E
CVE-2014-5094	Status2k allows remote attackers to obtain configuration information via a phpinfo action in a reque...	E
CVE-2014-5097	Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote...	E
CVE-2014-5098	Cross-site scripting (XSS) vulnerability in the Search module before 1.2.2 in Jamroom allows remote ...	E
CVE-2014-5100	Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attack...	E S
CVE-2014-5101	Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject ...	E
CVE-2014-5102	SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to exec...	E
CVE-2014-5103	Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows ...	E
CVE-2014-5104	Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitr...	E
CVE-2014-5105	Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1.1 allow remote attackers to i...	E
CVE-2014-5106	Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.4.x t...
CVE-2014-5107	concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request ...
CVE-2014-5108	Cross-site scripting (XSS) vulnerability in single_pages\download_file.php in concrete5 before 5.6.3...
CVE-2014-5109	SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox al...	E
CVE-2014-5110	Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remo...	E
CVE-2014-5111	Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbi...	E
CVE-2014-5112	maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary comman...	E
CVE-2014-5113	Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9....	E
CVE-2014-5114	WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attack via the (1) js or (2) cat pa...	E
CVE-2014-5115	Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files ...	E
CVE-2014-5116	The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows con...	E
CVE-2014-5117	Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY ...
CVE-2014-5118	Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability...
CVE-2014-5119	Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc)...
CVE-2014-5120	gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that...
CVE-2014-5121	Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1.1 allow remote at...
CVE-2014-5122	Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows remote attackers to redirect use...
CVE-2014-5127	Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote att...
CVE-2014-5128	Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI, which might a...
CVE-2014-5129	Cross-site scripting (XSS) vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers t...
CVE-2014-5130	Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information fro...
CVE-2014-5131	Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive in...
CVE-2014-5132	Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to ema...
CVE-2014-5136	Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1...
CVE-2014-5137	Innovative Interfaces Sierra Library Services Platform 1.2_3 provides different responses for login ...
CVE-2014-5138	Innovative Interfaces Sierra Library Services Platform 1.2_3 does not properly handle query strings ...
CVE-2014-5139	The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL se...
CVE-2014-5140	The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 ...	E S
CVE-2014-5144	Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 allows remote authenticated users...	E
CVE-2014-5146	Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when us...	S
CVE-2014-5147	Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the gu...	S
CVE-2014-5148	Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit...	S
CVE-2014-5149	Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are ...	S
CVE-2014-5157	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5196. Reason: This candida...	R
CVE-2014-5158	The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault ...
CVE-2014-5159	SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows r...
CVE-2014-5160	Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Prote...
CVE-2014-5161	The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x bef...
CVE-2014-5162	The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wiresh...
CVE-2014-5163	The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_...	E
CVE-2014-5164	The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x ...	E
CVE-2014-5165	The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER diss...	E
CVE-2014-5169	Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote ...	S
CVE-2014-5170	The Storage API module 7.x before 7.x-1.6 for Drupal might allow remote attackers to execute arbitra...
CVE-2014-5171	SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enabl...
CVE-2014-5172	Multiple cross-site scripting (XSS) vulnerabilities in the XS Administration Tools in SAP HANA allow...
CVE-2014-5173	SAP HANA Extend Application Services (XS) allows remote attackers to bypass access restrictions via ...
CVE-2014-5174	The SAP Netweaver Business Warehouse component does not properly restrict access to the functions in...
CVE-2014-5175	The License Measurement servlet in SAP Solution Manager 7.1 allows remote attackers to bypass authen...
CVE-2014-5176	SAP FI Manager Self-Service has a hard-coded user name, which makes it easier for remote attackers t...
CVE-2014-5177	libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local ...	S
CVE-2014-5178	Multiple cross-site scripting (XSS) vulnerabilities in Easy File Sharing (EFS) Web Server 6.8 allow ...	E
CVE-2014-5179	The freelinking module for Drupal, as used in the Freelinking for Case Tracker module, does not prop...
CVE-2014-5180	SQL injection vulnerability in the videos page in the HDW Player Plugin (hdw-player-video-player-vid...	E S
CVE-2014-5181	Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plug...	E
CVE-2014-5182	Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authentica...	E S
CVE-2014-5183	SQL injection vulnerability in includes/mode-edit.php in the Simple Retail Menus (simple-retail-menu...	E S
CVE-2014-5184	SQL injection vulnerability in the stripshow-storylines page in the stripShow plugin 2.5.2 for WordP...	E
CVE-2014-5185	SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated us...	E
CVE-2014-5186	SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress al...	E
CVE-2014-5187	Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remot...	E
CVE-2014-5188	Cross-site scripting (XSS) vulnerability in doemailpassword.tml in Lyris ListManager (LM) 8.95a allo...	E
CVE-2014-5189	SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress all...	E
CVE-2014-5190	Cross-site scripting (XSS) vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Ant...	E
CVE-2014-5191	Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remot...	S
CVE-2014-5192	SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute a...	E
CVE-2014-5193	Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers...	E
CVE-2014-5194	Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated ...	E
CVE-2014-5195	Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the ke...
CVE-2014-5196	Cross-site request forgery (CSRF) vulnerability in improved-user-search-in-backend.php in the backen...	E S
CVE-2014-5197	Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterpr...	S
CVE-2014-5198	Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allow...	S
CVE-2014-5199	Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload)...	S
CVE-2014-5200	SQL injection vulnerability in game_play.php in the FB Gorilla plugin for WordPress allows remote at...	E
CVE-2014-5201	SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote attackers ...	E
CVE-2014-5202	Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for Wor...	E S
CVE-2014-5203	wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3....	S
CVE-2014-5204	wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different tim...	S
CVE-2014-5205	wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of ...	S
CVE-2014-5206	The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the M...	S
CVE-2014-5207	fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT...	E S
CVE-2014-5208	BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM...	E
CVE-2014-5209	An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET...
CVE-2014-5210	The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbi...
CVE-2014-5211	Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FT...
CVE-2014-5212	Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before ...
CVE-2014-5213	nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before ...	E
CVE-2014-5214	nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4....	E
CVE-2014-5215	NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discov...	E
CVE-2014-5216	Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 H...	E
CVE-2014-5217	Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console ...	E
CVE-2014-5220	The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not pro...
CVE-2014-5221	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5222	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5223	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5224	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5225	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5226	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5227	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5228	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5229	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5230	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5231	The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers...
CVE-2014-5232	The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an inten...
CVE-2014-5233	The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers...
CVE-2014-5234	Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-r...
CVE-2014-5235	Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite before 7.4.2-...
CVE-2014-5236	Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite ...
CVE-2014-5237	Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange ...
CVE-2014-5238	XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x b...
CVE-2014-5239	The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Android does not verify X.509 cert...
CVE-2014-5240	Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, whe...	S
CVE-2014-5241	The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through 1.2...	E S
CVE-2014-5242	Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x b...	E
CVE-2014-5243	MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enf...	E S
CVE-2014-5246	The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote attackers to b...	E
CVE-2014-5247	The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0 before ...	E
CVE-2014-5248	Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arb...	S
CVE-2014-5249	SQL injection vulnerability in the "Biblio self autocomplete" submodule in the Biblio Autocomplete m...	S
CVE-2014-5250	Unspecified vulnerability in the AJAX autocompletion callback in the Biblio Autocomplete module 6.x-...	S
CVE-2014-5251	The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before J...
CVE-2014-5252	The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 update...
CVE-2014-5253	OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly re...
CVE-2014-5254	xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symli...	E
CVE-2014-5255	xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symli...	E
CVE-2014-5256	Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive pro...	E S
CVE-2014-5257	Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attac...	E S
CVE-2014-5258	Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows r...	E
CVE-2014-5259	Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in Bl...	E S
CVE-2014-5260	The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbi...
CVE-2014-5261	The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers t...	S
CVE-2014-5262	SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and ea...	S
CVE-2014-5263	vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_E...	S
CVE-2014-5265	The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and ...	S
CVE-2014-5266	The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and ...
CVE-2014-5267	modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to hav...	S
CVE-2014-5268	The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote attackers to block or unblock an ...	S
CVE-2014-5269	Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows r...	S
CVE-2014-5270	Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext no...	S
CVE-2014-5271	Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg b...
CVE-2014-5272	libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2...
CVE-2014-5273	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x befor...	E S
CVE-2014-5274	Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1....	E S
CVE-2014-5275	Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8...	E
CVE-2014-5276	Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow re...	E
CVE-2014-5277	Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the re...
CVE-2014-5278	A vulnerability exists in Docker before 1.2 via container names, which may collide with and override...
CVE-2014-5279	The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP conn...
CVE-2014-5280	boot2docker 1.2 and earlier allows attackers to conduct cross-site request forgery (CSRF) attacks by...
CVE-2014-5282	Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to...
CVE-2014-5284	host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without veri...	E S
CVE-2014-5285	Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x ...
CVE-2014-5286	The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before ...
CVE-2014-5287	A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure...	E
CVE-2014-5288	A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administra...	E
CVE-2014-5289	Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long U...	E
CVE-2014-5297	The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8 through...	E S
CVE-2014-5298	FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, ...
CVE-2014-5300	Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signat...	E
CVE-2014-5301	Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1...	E
CVE-2014-5302	Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 through v9.0 v9030; AssetExplo...	E
CVE-2014-5307	Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products befo...
CVE-2014-5308	Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execut...	E
CVE-2014-5313	Cross-site scripting (XSS) vulnerability in the management page in Six Apart Movable Type before 5.2...
CVE-2014-5314	Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 ...
CVE-2014-5315	Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and Col...
CVE-2014-5316	Cross-site scripting (XSS) vulnerability in Dotclear before 2.6.4 allows remote attackers to inject ...	S
CVE-2014-5317	Cross-site scripting (XSS) vulnerability in php365.com 365 Links 3.11 and earlier, 365 Links2 3.11 a...
CVE-2014-5318	The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Ori...
CVE-2014-5319	Directory traversal vulnerability in the S-Link SLFileManager application 1.2.5 and earlier for Andr...
CVE-2014-5320	The Bump application for Android does not properly handle implicit intents, which allows attackers t...
CVE-2014-5321	FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL serve...
CVE-2014-5322	Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before...
CVE-2014-5323	The Yuko Yuko (aka jp.co.yukoyuko.android.yukoyuko_android) application 1.0.5 and earlier for Androi...
CVE-2014-5324	Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for WordPress ...
CVE-2014-5325	The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) XOMConverter functions in Direc...
CVE-2014-5326	Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through...
CVE-2014-5327	Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allow...
CVE-2014-5328	Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allow...
CVE-2014-5329	GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443...
CVE-2014-5330	Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web...
CVE-2014-5331	Cross-site scripting (XSS) vulnerability in Aflax allows remote attackers to inject arbitrary web sc...
CVE-2014-5332	Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via ...	E
CVE-2014-5333	Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2....	S
CVE-2014-5334	FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privile...
CVE-2014-5335	Multiple cross-site request forgery (CSRF) vulnerabilities in innovaphone PBX 10.00 sr11 and earlier...
CVE-2014-5336	Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error me...	E S
CVE-2014-5337	The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to pas...	E S
CVE-2014-5338	Multiple cross-site scripting (XSS) vulnerabilities in the multisite component in Check_MK before 1....	S
CVE-2014-5339	Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authenticated users to write check_mk...	S
CVE-2014-5340	The wato component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 uses the pickle Python module...	S
CVE-2014-5341	The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA ...
CVE-2014-5342	Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbi...
CVE-2014-5343	Cross-site scripting (XSS) vulnerability in Feng Office allows remote attackers to inject arbitrary ...
CVE-2014-5344	Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (mobiloud-mobile-app-plugin) plu...	S
CVE-2014-5345	Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2...	E S
CVE-2014-5346	Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin 2.77 ...	E
CVE-2014-5347	Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin befor...	E S
CVE-2014-5348	Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in Riverbed Stingray (aka SteelAp...	E
CVE-2014-5349	Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a...	E
CVE-2014-5350	Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remo...	E
CVE-2014-5351	The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5...
CVE-2014-5352	The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgss...
CVE-2014-5353	The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c...	S
CVE-2014-5354	plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before...
CVE-2014-5355	MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is ...
CVE-2014-5356	OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and ...
CVE-2014-5359	Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (...	E
CVE-2014-5360	Cross-site scripting (XSS) vulnerability in the admin interface in LANDESK Management Suite before 9...	E
CVE-2014-5361	Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earli...	E
CVE-2014-5362	The admin interface in Landesk Management Suite 9.6 and earlier allows remote attackers to conduct r...	E
CVE-2014-5367	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5368	Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in...	E
CVE-2014-5369	Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipi...	E S
CVE-2014-5370	Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in...	E
CVE-2014-5375	The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 does not properly validate the...	E
CVE-2014-5376	Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0, when a pre-generated key is used, does not ...	E
CVE-2014-5377	ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attacker...	E S
CVE-2014-5380	Grand MA 300 allows retrieval of the access PIN from sniffed data....	E
CVE-2014-5381	Grand MA 300 allows a brute-force attack on the PIN....	E
CVE-2014-5382	Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microCon...	E
CVE-2014-5383	SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to ex...	E
CVE-2014-5384	The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-depe...
CVE-2014-5385	com/salesmanager/central/profile/ProfileAction.java in Shopizer 1.1.5 and earlier does not restrict ...	E
CVE-2014-5386	The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual M...
CVE-2014-5387	Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authen...	E
CVE-2014-5388	Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEM...	S
CVE-2014-5389	SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 f...	E
CVE-2014-5391	Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobSched...	S
CVE-2014-5392	XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allo...	S
CVE-2014-5393	Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler be...	E
CVE-2014-5394	Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving ...
CVE-2014-5395	Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU bef...	E
CVE-2014-5396	The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded p...	E
CVE-2014-5397	Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) P...
CVE-2014-5398	Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote atta...
CVE-2014-5399	SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1...
CVE-2014-5400	The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuratio...
CVE-2014-5401	Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Appli...
CVE-2014-5402	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5403	Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from...
CVE-2014-5404	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5405	Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization,...
CVE-2014-5406	The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated wit...
CVE-2014-5407	Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local ...
CVE-2014-5408	Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Contr...
CVE-2014-5409	The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does n...
CVE-2014-5410	The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers ...
CVE-2014-5411	Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ...
CVE-2014-5412	Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attack...
CVE-2014-5413	Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorit...
CVE-2014-5414	Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT comp...
CVE-2014-5415	Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT comp...
CVE-2014-5416	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5417	Cross-site scripting (XSS) vulnerability in Meinberg NTP Server firmware on LANTIME M-Series devices...
CVE-2014-5418	GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilin...
CVE-2014-5419	GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilin...
CVE-2014-5420	CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application...
CVE-2014-5421	CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded databa...
CVE-2014-5422	CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded service pas...
CVE-2014-5423	CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtai...
CVE-2014-5424	Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to c...
CVE-2014-5425	IOServer before Beta2112.exe allows remote attackers to cause a denial of service (out-of-bounds rea...
CVE-2014-5426	MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of servi...
CVE-2014-5427	Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended App...
CVE-2014-5428	Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 t...
CVE-2014-5429	DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, a...
CVE-2014-5430	Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.61.02 and Test Signal Viewer 1....
CVE-2014-5431	Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WB...	M
CVE-2014-5432	Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WB...	M
CVE-2014-5433	An unauthenticated remote attacker may be able to execute commands to view wireless account credenti...	M
CVE-2014-5434	Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WB...	M
CVE-2014-5435	An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PK...	M
CVE-2014-5436	A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x be...	M
CVE-2014-5437	Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony G...
CVE-2014-5438	Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmwa...
CVE-2014-5439	Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted ...	E S
CVE-2014-5440	SQL injection vulnerability in Login.aspx in MPEX Business Solutions MX-SmartTimer before 13.19.18 a...
CVE-2014-5441	Multiple cross-site scripting (XSS) vulnerabilities in app/views/layouts/application.html.haml in Fa...	E S
CVE-2014-5443	Seafile Server before 3.1.2 and Server Professional Edition before 3.1.0 allow local users to gain p...
CVE-2014-5444	Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected...	S
CVE-2014-5445	Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 1...	E S
CVE-2014-5446	Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyz...	E S
CVE-2014-5447	Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows...
CVE-2014-5448	Zarafa 5.00 uses world-readable permissions for the files in the log directory, which allows local u...
CVE-2014-5449	Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory...
CVE-2014-5450	Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which all...
CVE-2014-5451	Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in MODX Revolution ...	E
CVE-2014-5452	CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents ...	E S
CVE-2014-5453	Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program ins...	E
CVE-2014-5454	Unrestricted file upload vulnerability in the image upload module in SAS Visual Analytics 6.4M1 allo...
CVE-2014-5455	Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3...	E
CVE-2014-5456	Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows...	S
CVE-2014-5457	QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readab...
CVE-2014-5458	SQL injection vulnerability in sqrl_verify.php in php-sqrl allows remote attackers to execute arbitr...	E
CVE-2014-5459	The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrar...	E
CVE-2014-5460	Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for Wo...	E S
CVE-2014-5461	Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows contex...	E S
CVE-2014-5462	Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and earlier allow remote authentic...	E
CVE-2014-5464	Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka n...	E
CVE-2014-5465	Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and e...	E S
CVE-2014-5466	Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x b...	S
CVE-2014-5468	A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request...	E
CVE-2014-5470	Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted ...
CVE-2014-5471	Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c i...	E S
CVE-2014-5472	The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 a...	E S
CVE-2014-5500	Synacor Zimbra Collaboration before 8.0.8 has XSS....
CVE-2014-5501	Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamO...
CVE-2014-5502	The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to...
CVE-2014-5503	SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with Cyberoa...
CVE-2014-5504	SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for rem...
CVE-2014-5505	Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code...
CVE-2014-5506	Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code v...
CVE-2014-5507	iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Control) for ib_service.exe, whi...	E
CVE-2014-5508	Multiple integer overflows in the HelpServ module (mod-helpserv.c) in srvx 1.3.1 allow remote authen...	E
CVE-2014-5509	clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink...	S
CVE-2014-5516	Cross-site request forgery (CSRF) vulnerability in the Storefront Application in DS Data Systems Kon...
CVE-2014-5519	The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell met...	E
CVE-2014-5520	SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute arbitra...	E
CVE-2014-5521	plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to ...	E
CVE-2014-5522	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6025. Reason: This candida...	R
CVE-2014-5523	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5524. Reason: This candida...	R
CVE-2014-5524	The Adcolony library for Android does not verify X.509 certificates from SSL servers, which allows m...
CVE-2014-5525	The MoMinis library for Android does not verify X.509 certificates from SSL servers, which allows ma...
CVE-2014-5526	The Inmobi library for Android does not verify X.509 certificates from SSL servers, which allows man...
CVE-2014-5527	The Tapjoy library for Android does not verify X.509 certificates from SSL servers, which allows man...
CVE-2014-5528	The Appsflyer library for Android does not verify X.509 certificates from SSL servers, which allows ...
CVE-2014-5529	The Gameloft library for Android does not verify X.509 certificates from SSL servers, which allows m...
CVE-2014-5530	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5754, CVE-2014-5755, CVE-20...	R
CVE-2014-5531	The Abode (aka abode.webview) application 1.7 for Android does not verify X.509 certificates from SS...
CVE-2014-5532	The Honolulu (aka adidas.jp.android.running.honolulu) application 2 for Android does not verify X.50...
CVE-2014-5533	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2014-5534	The Princess Shopping (aka air.android.PrincessShopping) application 2 for Android does not verify X...
CVE-2014-5535	The Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application 1.0.3 for Android does not ve...
CVE-2014-5536	The Bingo Bash - Free Bingo Casino (aka air.com.bitrhymes.bingo) application 1.31.1 for Android does...
CVE-2014-5537	The Abduction Stacker Free (aka air.com.chewygames.abductionstacker2) application 1.0.7 for Android ...
CVE-2014-5538	The Westmoreland Water FCU (aka air.com.creditunionhomebanking.mb115) application 1.2.0 for Android ...
CVE-2014-5539	The Michael Baker FCU (aka air.com.creditunionhomebanking.mb155) application 1.2.0 for Android does ...
CVE-2014-5540	The Flick a Trade (aka air.com.cygnecode.fat) application 3.3 for Android does not verify X.509 cert...
CVE-2014-5541	The Hidden Memory - Aladdin FREE! (aka air.com.differencegames.hmaladdinfree) application 1.0.31 for...
CVE-2014-5542	The Hidden Object Mystery (aka air.com.differencegames.hodetectivemysteryfree) application 1.0.65 fo...
CVE-2014-5543	The Hidden Object - Alice Free (aka air.com.differencegames.hovisionsofalicefree) application 1.0.17...
CVE-2014-5544	The SongPop (aka air.com.freshplanet.games.WaM) application 1.21.2 for Android does not verify X.509...
CVE-2014-5545	The Sprint jump (aka air.com.ilaz.appilas) application 1 for Android does not verify X.509 certifica...
CVE-2014-5546	The Africa Memory (aka air.com.klon4enabor4e.AfricaMemory) application 1.0.1 for Android does not ve...
CVE-2014-5547	The Mahjong Galaxy Space Lite (aka air.com.permadi.mahjongIris) application 2.5 for Android does not...
CVE-2014-5548	The Christmas Words (aka air.com.sevenBulls.summerWords) application 1.0.1 for Android does not veri...
CVE-2014-5549	The Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) application 3 for Android does not verif...
CVE-2014-5550	The Animals! Kids Preschool Games (aka air.com.tribalnova.Animals) application 1.6.1 for Android doe...
CVE-2014-5551	The Alphabet & Spelling Kids Games (aka air.com.tribalnova.ilearnwith.ipad.App1En) application 1.4.2...
CVE-2014-5552	The Numbers & Addition! Math games (aka air.com.tribalnova.ilearnwith.ipad.App2En) application 1.4.3...
CVE-2014-5553	The Kids Preschool Learning Games (aka air.com.tribalnova.ilearnwith.ipad.App3En) application 1.3.2 ...
CVE-2014-5554	The Fun Preschool Creativity Game (aka air.com.tribalnova.ilearnwith.ipad.MotherAppEn) application 1...
CVE-2014-5555	The Counting & Addition Kids Games (aka air.com.tribalnova.ilearnwith.ipad.PokoAddEn) application 1....
CVE-2014-5556	The Fly Fishing & Fly Tying (aka air.com.yudu.ReaderAIR3209899) application 3.21.0 for Android does ...
CVE-2014-5557	The America's Economy for Phone (aka air.gov.census.mobile.phone.americaseconomy) application 1.5.2 ...
CVE-2014-5558	The Hard Time (Prison Sim) (aka air.HardTime) application 1.111 for Android does not verify X.509 ce...
CVE-2014-5559	The Kids GoldFish Care (aka air.josiane.sauveterre.kidsgoldfishcare) application 1.0.3 for Android d...
CVE-2014-5560	The Popscene (Music Industry Sim) (aka air.Popscene) application 1.04 for Android does not verify X....
CVE-2014-5561	The Word Search Free (aka air.wordSearchFree) application 4.9 for Android does not verify X.509 cert...
CVE-2014-5562	The Coles Credit Card App (aka au.com.colesfinancialservices.mobile) application 1.0.0 for Android d...
CVE-2014-5563	The Show do Milhao 2014 (aka br.com.lgrmobile.sdm) application 1.4.6 for Android does not verify X.5...
CVE-2014-5564	The Angry Gran Toss (aka com.aceviral.angrygrantoss) application 1.1.1 for Android does not verify X...
CVE-2014-5565	The GadgetTrak Mobile Security (aka com.activetrak.android.app) application 1.6 for Android does not...
CVE-2014-5566	The Selfshot - Front Flash Camera (aka com.americos.selfshot) application 1.1 for Android does not v...
CVE-2014-5567	The hasb_e_haal (aka com.anawaz.hasb_e_haal) application 1.0.9 for Android does not verify X.509 cer...
CVE-2014-5568	The Las Vegas Lottery Scratch Off (aka com.androkera.lottery) application 1.2 for Android does not v...
CVE-2014-5569	The Star Girl (aka com.animoca.google.starGirl) application 3.4.1 for Android does not verify X.509 ...
CVE-2014-5570	The DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application 2.0.2.1 for Android d...
CVE-2014-5571	The Appeak Poker (aka com.appeak.poker) application 2.4.5 for Android does not verify X.509 certific...
CVE-2014-5572	The Jazzpodium De Tor (aka com.appmakr.app273713) application 206160 for Android does not verify X.5...
CVE-2014-5573	The Appstros - FREE Gift Cards! (aka com.appstros.main) application 1.1.3 for Android does not verif...
CVE-2014-5574	The Ask.fm - Social Q&A Network (aka com.askfm) application 1.2.4 for Android does not verify X.509 ...
CVE-2014-5575	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2014-5576	The Avira Secure Backup (aka com.avira.avirabackup) application 1.2.3 for Android does not verify X....
CVE-2014-5577	The AVON Buy & Sell (aka com.AVONBeautyntheRep) application 0.3 for Android does not verify X.509 ce...	S
CVE-2014-5578	The Trading 212 FOREX (aka com.avuscapital.trading212) application before 2.0.9 for Android does not...
CVE-2014-5579	The Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) application 4.0.1031 for Android does...
CVE-2014-5580	The BackgroundCheckProTool (aka com.BackgroundCheckProTool) application 3.5 for Android does not ver...
CVE-2014-5581	The mirror photo shape (aka com.baiwang.styleinstamirror) application 1.4 for Android does not verif...
CVE-2014-5582	The Ingress Intel Helper (aka com.bb.ingressintel) application 1.2 for Android does not verify X.509...
CVE-2014-5583	The Most Popular Ringtones (aka com.bbs.mostpopularringtones) application 32 for Android does not ve...
CVE-2014-5584	The Background Check BeenVerified (aka com.beenverified.android) application 4.01.67 for Android doe...
CVE-2014-5585	The Like4Like: Get Instagram Likes (aka com.bepop.bepop) application 2.1.5 for Android does not veri...
CVE-2014-5586	The BIATNET (aka com.biatnet.mobile) application 1.1 for Android does not verify X.509 certificates ...
CVE-2014-5587	The brokenscreencrank (aka com.biggame.brokenscreencrank) application 1.1 for Android does not verif...
CVE-2014-5588	The Free eBooks (aka com.bmfapps.freekindlebooks) application 14 for Android does not verify X.509 c...
CVE-2014-5589	The Now Browser (Material) (aka com.browser.nowbasic) 2.8.1 application Material for Android does no...
CVE-2014-5590	The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for Android does not verify X.509 cer...
CVE-2014-5591	The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for Android does not verify X.509 c...
CVE-2014-5592	The Free Dating Heart COL (aka com.choiceoflove.dating) application 2.6.1 for Android does not verif...
CVE-2014-5593	The Christian Dating Cafe (aka com.christiancafe.mobile.android) application 1.0.3 for Android does ...
CVE-2014-5594	The CIBC Mobile Banking (aka com.cibc.android.mobi) application 3.2 for Android does not verify X.50...
CVE-2014-5595	The actionpuzzlefamily for Kakao (aka com.com2us.actionpuzzlefamily.kakao.freefull.google.global.and...
CVE-2014-5596	The Homerun Battle 2 (aka com.com2us.homerunbattle2.normal.freefull.google.global.android.common) ap...
CVE-2014-5597	The 9 Innings: 2014 Pro Baseball (aka com.com2us.nipb2013.normal.freefull.google.global.android.comm...
CVE-2014-5598	The Puzzle Family (aka com.com2us.puzzlefamily.up.freefull.google.global.android.common) application...
CVE-2014-5599	The Tiny Farm (aka com.com2us.tinyfarm.normal.freefull.google.global.android.common) application 2.0...
CVE-2014-5600	The familyconnect (aka com.comcast.plaxo.familyconnect.app) application 1.5.0 for Android does not v...
CVE-2014-5601	The 1800CONTACTS App (aka com.contacts1800.ecomapp) application 2.7.0 for Android does not verify X....
CVE-2014-5602	The Magzter -Magazine & Book Store (aka com.dci.magzter) application 3.31 for Android does not verif...
CVE-2014-5603	The DeskRoll Remote Desktop (aka com.deskroll.client1) application 0.6 for Android does not verify X...
CVE-2014-5604	The Akinator the Genie FREE (aka com.digidust.elokence.akinator.freemium) application 2.46 for Andro...
CVE-2014-5605	The QQ Copy (aka com.digimobistudio.qqcopy) application 1 for Android does not verify X.509 certific...
CVE-2014-5606	The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 for Android does not verify X....
CVE-2014-5607	The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1 for Android does not verify X....
CVE-2014-5608	The Line Runner (Free) (aka com.djinnworks.linerunnerfree) application 4 for Android does not verify...
CVE-2014-5609	The Stickman Ski Racer (aka com.djinnworks.StickmanSkiRacer.free) application 2.1 for Android does n...
CVE-2014-5610	The ce4arab market (aka com.dreamstep.wce4arabmarket) application 0.12.13093.40460 for Android does ...
CVE-2014-5611	The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application 5.0.2 for Android does n...
CVE-2014-5612	The Gmarket (aka com.ebay.kr.gmarket) application 5.1.3 for Android does not verify X.509 certificat...
CVE-2014-5613	The Able Remote (aka com.entertailion.android.remote) application 2.3.6 for Android does not verify ...
CVE-2014-5614	The Love Collage - Photo Editor (aka com.etoolkit.lovecollage) application 1.3 for Android does not ...
CVE-2014-5615	The Snap Secure (aka com.exclaim.snapsecure.app) application 9.5 for Android does not verify X.509 c...
CVE-2014-5616	The Web Browser & Explorer (aka com.explore.web.browser) application 2.0.7 for Android does not veri...
CVE-2014-5617	The Exsoul Web Browser (aka com.exsoul) application 3.3.3 for Android does not verify X.509 certific...
CVE-2014-5618	The Cartoon Camera (aka com.fingersoft.cartooncamera) application 1.2.2 for Android does not verify ...
CVE-2014-5619	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5665, CVE-2014-5982. Reaso...	R
CVE-2014-5620	The Office Jerk Free (aka com.fluik.OfficeJerkFree) application 1.7.13 for Android does not verify X...
CVE-2014-5621	The Office Zombie (aka com.fluik.OfficeZombieGoogleFree) application 1.3.13 for Android does not ver...
CVE-2014-5622	The Follow Mania for Instagram (aka com.followmania) application 1.2.1 for Android does not verify X...
CVE-2014-5623	The penguinchefshop (aka com.freegames.penguinchefshop) application 1.0.1 for Android does not verif...
CVE-2014-5624	The Sniper Shooter Free - Fun Game (aka com.fungamesforfree.snipershooter.free) application 2.8 for ...
CVE-2014-5625	The Perfect Kick (aka com.gamegou.PerfectKick.google) application 1.3.0 for Android does not verify ...
CVE-2014-5626	The Brothers In Arms 2 Free+ (aka com.gameloft.android.ANMP.GloftB2HM) application 1.2.0b for Androi...
CVE-2014-5627	The Ice Age Village (aka com.gameloft.android.ANMP.GloftIAHM) application 2.8.0m for Android does no...
CVE-2014-5628	The Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZRHM) application 1.6.1 for And...
CVE-2014-5629	The Stupid Zombies (aka com.gameresort.stupidzombies) application 1.12 for Android does not verify X...
CVE-2014-5630	The Home Repair (aka com.gcspublishing.houserepairtalk) application 3.7.9 for Android does not verif...
CVE-2014-5631	The Video Poker Casino (aka com.geaxgame.videopoker) application 1.0.5 for Android does not verify X...
CVE-2014-5632	The Mega Jump (aka com.getsetgames.megajump) application @7F080002 for Android does not verify X.509...
CVE-2014-5633	The Kiss Kiss Office (aka com.girlsgames123.kisskissoffice) application 1 for Android does not verif...
CVE-2014-5634	The Madipass Martinique (aka com.goodbarber.madipassmartinique) application 1.8 for Android does not...
CVE-2014-5635	The Buy Yorkshire Conference (aka com.gotfocus.buyyorkshire) application 1.4 for Android does not ve...
CVE-2014-5636	The Cloud Browser (aka com.granitamalta.cloudbrowser) application 2.2.1 for Android does not verify ...
CVE-2014-5637	The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for Android does not verify X.509 ...
CVE-2014-5638	The Huntington Mobile (aka com.huntington.m) application 2.1.222 for Android does not verify X.509 c...
CVE-2014-5639	The ADT Taxis (aka com.icabbi.adttaxisApp) application 6 for Android does not verify X.509 certifica...
CVE-2014-5640	The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application 1.1.0.135 for Android does...
CVE-2014-5641	The Cloud Manager (aka com.ileaf.cloud_manager) application 1.6 for Android does not verify X.509 ce...
CVE-2014-5642	The IMPI Mobile Security (aka com.impi) application 2.1.0 for Android does not verify X.509 certific...
CVE-2014-5643	The Instachat -Instagram Messenger (aka com.instachat.android) application 1.6.2 for Android does no...
CVE-2014-5644	The Brightest LED Flashlight (aka com.intellectualflame.ledflashlight.washer) application 1.2.4 for ...
CVE-2014-5645	The CamScanner -Phone PDF Creator (aka com.intsig.camscanner) application 3.4.0.20140624 for Android...
CVE-2014-5646	The AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) application 4.4.1 for Android does not...
CVE-2014-5647	The ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application 2.1.0 for Andro...
CVE-2014-5648	The Chat, Flirt & Dating Heart JAUMO (aka com.jaumo) application 2.7.5 for Android does not verify X...
CVE-2014-5649	The iLove - Free Dating & Chat App (aka com.jestadigital.android.ilove) application 1.3.3 for Androi...
CVE-2014-5650	The Traffic Jam Free (aka com.jiuzhangtech.rushhour) application 1.7.7 for Android does not verify X...
CVE-2014-5651	The Kicksend: Share & Print Photos (aka com.kicksend.android) application 3.3.2.18 for Android does ...
CVE-2014-5652	The Kicksend Photo Prints (aka com.kicksend.android.print) application 1.0.7 for Android does not ve...
CVE-2014-5653	The Unblock Me FREE (aka com.kiragames.unblockmefree) application 1.4.4.2 for Android does not verif...
CVE-2014-5654	The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verif...
CVE-2014-5655	The CM Browser - Fast & Secure (aka com.ksmobile.cb) application 5.0.50 for Android does not verify ...
CVE-2014-5656	The TRA Auctions for Buyers (aka com.manheim.tra) application 2.6 for Android does not verify X.509 ...
CVE-2014-5657	The CA Lottery Results (aka com.matcho0.calotto) application 2.1 for Android does not verify X.509 c...
CVE-2014-5658	The MercadoLibre (aka com.mercadolibre) application 3.8.7 for Android does not verify X.509 certific...
CVE-2014-5659	The ASTRO File Manager with Cloud (aka com.metago.astro) application ASTRO-4.4.592 for Android does ...
CVE-2014-5660	The TN Members 1st FCU-RDC (aka com.metova.cuae.tmffcu) application 1.0.28 for Android does not veri...
CVE-2014-5661	The Anger of Stick 3 (aka com.miniclip.angerofstick3) application 1.0.3 for Android does not verify ...
CVE-2014-5662	The Rail Rush (aka com.miniclip.railrush) application 1.9.0 for Android does not verify X.509 certif...
CVE-2014-5663	The FreeCell Solitaire (aka com.mobilityware.freecell) application 2.1.2 for Android does not verify...
CVE-2014-5664	The Spider Solitaire (aka com.mobilityware.spider) application 3.0.0 for Android does not verify X.5...
CVE-2014-5665	The Mzone Login (aka com.mr384.MzoneLogin) application 1.2.0 for Android does not verify X.509 certi...
CVE-2014-5666	The AVD Download Video (aka com.myboyfriendisageek.videocatcher.demo) application 3.3.13 for Android...
CVE-2014-5667	The Vault-Hide SMS, Pics & Videos (aka com.netqin.ps) application 5.0.14.22 for Android does not ver...
CVE-2014-5668	The BAND -Group sharing & planning (aka com.nhn.android.band) application 3.2.8 for Android does not...
CVE-2014-5669	The 9GAG - Funny pics and videos (aka com.ninegag.android.app) application 2.4.10 for Android does n...
CVE-2014-5670	The SAS: Zombie Assault 3 (aka com.ninjakiwi.sas3zombieassault) application 2.56 for Android does no...
CVE-2014-5671	The Super Stickman Golf (aka com.noodlecake.ssg) application 2.2 for Android does not verify X.509 c...
CVE-2014-5672	The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android ...
CVE-2014-5673	The Easy Finder & Anti-Theft (aka com.nqmobile.easyfinder) application 2.0.10.08 for Android does no...
CVE-2014-5674	The PicsArt - Photo Studio (aka com.picsart.studio) application 4.5.5 for Android does not verify X....
CVE-2014-5675	The Phonegram - Instagram Download (aka com.pinssible.padgram) application 1.9.5 for Android does no...
CVE-2014-5676	The Township (aka com.playrix.township) application 1.5.1 for Android does not verify X.509 certific...
CVE-2014-5677	The Point Inside Shopping & Travel (aka com.pointinside.android.app) application 3.1.0 for Android d...
CVE-2014-5678	The IQ Test (aka com.pophub.androidiqtest.free) application 3.3 for Android does not verify X.509 ce...
CVE-2014-5679	The PopU 2: Get Likes on Instagram (aka com.popuapp.popu) application 1.7.5 for Android does not ver...
CVE-2014-5680	The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 for Android does not verify X.5...
CVE-2014-5681	The XDA-Developers (aka com.quoord.tapatalkxda.activity) application 3.9.8 for Android does not veri...
CVE-2014-5682	The Retale - Weekly Ads & Deals (aka com.retale.android) application 2.1.3 for Android does not veri...
CVE-2014-5683	The Piano Teacher (aka com.rubycell.pianisthd) application 20140730 for Android does not verify X.50...
CVE-2014-5684	The Runtastic Running & Fitness (aka com.runtastic.android) application 5.1.2 for Android does not v...
CVE-2014-5685	The Runtastic Heart Rate (aka com.runtastic.android.heartrate.lite) application 1.3 for Android does...
CVE-2014-5686	The Runtastic Me (aka com.runtastic.android.me.lite) application 1.0.2 for Android does not verify X...
CVE-2014-5687	The Runtastic Mountain Bike (aka com.runtastic.android.mountainbike.lite) application 2.0.1 for Andr...
CVE-2014-5688	The Runtastic Pedometer (aka com.runtastic.android.pedometer.lite) application 1.5 for Android does ...
CVE-2014-5689	The Runtastic Road Bike (aka com.runtastic.android.roadbike.lite) application 2.0.1 for Android does...
CVE-2014-5690	The Runtastic Timer (aka com.runtastic.android.timer) application 1.0.1 for Android does not verify ...
CVE-2014-5691	The Best Phone Security (aka com.rvappstudios.phonesecurity) application for Android does not verify...
CVE-2014-5692	The Safeway (aka com.safeway.client.android.safeway) application 4.1.0 for Android does not verify X...
CVE-2014-5693	The Slots Vacation - FREE Slots (aka com.scopely.slotsvacation) application 1.47.2 for Android does ...
CVE-2014-5694	The Scoutmob local deals & events (aka com.scoutmob.ile) application 3.0.18 for Android does not ver...
CVE-2014-5695	The Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application 1.4.0 for Android does not verif...
CVE-2014-5696	The Sonic 4 Episode II LITE (aka com.sega.sonic4ep2lite) application 2.3 for Android does not verify...
CVE-2014-5697	The Dress Up! Girl Party (aka com.sgn.DressUp.GirlParty) application 2 for Android does not verify X...
CVE-2014-5698	The Furdiburb (aka com.sheado.lite.pet) application 1.1.2 for Android does not verify X.509 certific...
CVE-2014-5699	The Parallel Kingdom MMO (aka com.silvermoon.client) application @7F070019 for Android does not veri...
CVE-2014-5700	The Brain lab - brain age games IQ (aka com.sixdead.brainlab) application 2.37 for Android does not ...
CVE-2014-5701	The Skout: Chats. Friends. Fun. (aka com.skout.android) application 4.3.3 for Android does not verif...
CVE-2014-5702	The Penguin Run (aka com.skyboard.google.penguinRun) application 1.1 for Android does not verify X.5...
CVE-2014-5703	The Slingo Lottery Challenge (aka com.slingo.slingolotterychallenge) application 1.0.34 for Android ...
CVE-2014-5704	The DISH Anywhere (aka com.sm.SlingGuide.Dish) application 3.5.10 for Android does not verify X.509 ...
CVE-2014-5705	The Sonic CD Lite (aka com.soa.sega.soniccdlite) application 1.0.4 for Android does not verify X.509...
CVE-2014-5706	The SomNote - Journal/Memo (aka com.somcloud.somnote) application 2.1.5 for Android does not verify ...
CVE-2014-5707	The Bunny Run (aka com.stargirlgames.google.bunnyrun) application 1.1.2 for Android does not verify ...
CVE-2014-5708	The Best Racing/moto Games Ranking (aka com.subapp.android.racing) application 2.2.7 for Android doe...
CVE-2014-5709	The Donut Maker (aka com.sunstorm.android.donut) application 1.27 for Android does not verify X.509 ...
CVE-2014-5710	The Cisco Class Locator Fast Lane (aka com.tabletkings.mycompany.fastlane.cisco) application for And...
CVE-2014-5711	The Microsoft Tech Companion (aka com.technet) application 1.0.6 for Android does not verify X.509 c...
CVE-2014-5712	The Turbo River Racing Free (aka com.tektite.androidgames.trrfree) application 1.07 for Android does...
CVE-2014-5713	The Telly - Watch the good stuff (aka com.telly) application 2.5.1 for Android does not verify X.509...
CVE-2014-5714	The Text Me! Free Texting & Call (aka com.textmeinc.textme) application 2.5.5 for Android does not v...
CVE-2014-5715	The Street Racing (aka com.tgb.streetracing.lite5pp) application 4.0.4 for Android does not verify X...
CVE-2014-5716	The GUNSHIP BATTLE : Helicopter 3D (aka com.theonegames.gunshipbattle) application 1.1.7 for Android...
CVE-2014-5717	The Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) application 3.4.1 for Android...
CVE-2014-5718	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5809, CVE-2014-5983. Reaso...	R
CVE-2014-5719	The BIKE RACING 2014 (aka com.timuzsolutions.bikeracing2014) application 1.6 for Android does not ve...
CVE-2014-5720	The Bike Race Free - Top Free Game (aka com.topfreegames.bikeracefreeworld) application 4.3 for Andr...
CVE-2014-5721	The Touchnote Postcards (aka com.touchnote.android) application 4.2.7 for Android does not verify X....
CVE-2014-5722	The SwiftKey Keyboard + Emoji (aka com.touchtype.swiftkey) application 5.0.2.4 for Android does not ...
CVE-2014-5723	The Trapster (aka com.trapster.android) application 4.3.2 for Android does not verify X.509 certific...
CVE-2014-5724	The Gambling Insider Magazine (aka com.triactivemedia.gambling) application @7F0801AA for Android do...
CVE-2014-5725	The Truecaller - Caller ID & Block (aka com.truecaller) application 4.32 for Android does not verify...
CVE-2014-5726	The Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) application 7.88.00.145 for Androi...
CVE-2014-5727	The uTorrent Remote (aka com.utorrent.web) application 1.0.20110929 for Android does not verify X.50...
CVE-2014-5728	The Vevo - Watch HD Music Videos (aka com.vevo) application 2.0.27 for Android does not verify X.509...
CVE-2014-5729	The Viddy (aka com.viddy.Viddy) application 1.3.9 for Android does not verify X.509 certificates fro...
CVE-2014-5730	The russkoe TB HD (aka com.videotelecom.russkoeHD) application 3.6 for Android does not verify X.509...
CVE-2014-5731	The Word Search (aka com.virtuesoft.wordsearch) application 2.3.0 for Android does not verify X.509 ...
CVE-2014-5732	The Wamba - meet women and men (aka com.wamba.client) application 3 for Android does not verify X.50...
CVE-2014-5733	The Shop Love (aka com.waterwish.shoplove) application 1.05 for Android does not verify X.509 certif...
CVE-2014-5734	The Buy Books (aka com.wBooksForSale) application 0.1 for Android does not verify X.509 certificates...
CVE-2014-5735	The Buy A Gift (aka com.wBuyAGift) application 13529.90084 for Android does not verify X.509 certifi...
CVE-2014-5736	The Buy Coins (aka com.wBuyCoins) application 0.62.13364.24150 for Android does not verify X.509 cer...
CVE-2014-5737	The CDsoft (aka com.wCDSOFT) application 0.2 for Android does not verify X.509 certificates from SSL...
CVE-2014-5738	The Garfield's Defense (aka com.webprancer.google.garfieldDefense) application 1.5.4 for Android doe...
CVE-2014-5739	The Garfield's Diner (aka com.webprancer.google.GarfieldsDiner) application 1.4.0 for Android does n...
CVE-2014-5740	The Security - Free (aka com.webroot.security) application 3.6.0.6610 for Android does not verify X....
CVE-2014-5741	The Security - Complete (aka com.webroot.security.complete) application 3.6.0.6610 for Android does ...
CVE-2014-5742	The Eversnap Private Photo Album (aka com.weddingsnap.android) application 1.0.23 for Android does n...
CVE-2014-5743	The RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) application 1.2.6 for Android does n...
CVE-2014-5744	The RE-VOLT 2 : MULTIPLAYER (aka com.wegoi.revolt2multiplayer) application 1.1.4 for Android does no...
CVE-2014-5745	The FREE Pageplus Activation (aka com.wFREEPageplusActivations) application 0.1 for Android does not...
CVE-2014-5746	The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 for Android does not verify X...
CVE-2014-5747	The XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) application 3.1.140603 for Andro...
CVE-2014-5748	The wK12olslogin (aka com.wK12olslogin) application 0.1 for Android does not verify X.509 certificat...
CVE-2014-5749	The Jelly Splash (aka com.wooga.jelly_splash) application 1.11.3 for Android does not verify X.509 c...
CVE-2014-5750	The Pro Bet Tips (aka com.wProBetTips) application 0.2 for Android does not verify X.509 certificate...
CVE-2014-5751	The Tor Browser the Short Guide (aka com.wTorShortUserManual) application 0.1 for Android does not v...
CVE-2014-5752	The wTradersActivity (aka com.wTradersActivity) application 0.1 for Android does not verify X.509 ce...
CVE-2014-5753	The Twitter No Background (aka com.wTwitternobackground) application 0.85.13509.97828 for Android do...
CVE-2014-5754	The Verizon Instant Refills 24/7 (aka com.wVerizonInstantRefill247) application 0.1 for Android does...
CVE-2014-5755	The verizon (aka com.wverizonwirelessbill) application 0.1 for Android does not verify X.509 certifi...
CVE-2014-5756	The Buy 99 Cents Only Products (aka com.ww99CentsOnlyStores) application 0.1 for Android does not ve...
CVE-2014-5757	The Buy Tickets (aka com.xcr.android.buytickets) application 2.3 for Android does not verify X.509 c...
CVE-2014-5758	The Yellow Pages Local Search (aka com.yellowbook.android2) application 11.0.0 for Android does not ...
CVE-2014-5759	The Awesome Antivirus 2014 (aka com.yoursite.top5antivirus2014) application 1 for Android does not v...
CVE-2014-5760	The Pizza Hut (aka com.yum.pizzahut) application 2.0.5 for Android does not verify X.509 certificate...
CVE-2014-5761	The Zipcar (aka com.zc.android) application 3.4.2 for Android does not verify X.509 certificates fro...
CVE-2014-5762	The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application 1.3.4 for Androi...
CVE-2014-5763	The Kid Mode: Free Games + Lock (aka com.zoodles.kidmode) application 4.9.8 for Android does not ver...
CVE-2014-5764	The Antivirus Free (aka com.zrgiu.antivirus) application 7.2.16.02 for Android does not verify X.509...
CVE-2014-5765	The Paint for Friends (aka de.lotumlabs.buddypainting) application 1.5.1 for Android does not verify...
CVE-2014-5766	The Uber B2B (aka de.mobileeventguide.uberb2b) application 1.9 for Android does not verify X.509 cer...
CVE-2014-5767	The IM+ (aka de.shapeservices.impluslite) application 6.6.2 for Android does not verify X.509 certif...
CVE-2014-5768	The Food Planner (aka dk.boggie.madplan.android) application 4.8.4.3-google for Android does not ver...
CVE-2014-5769	The Mobiscope Local (aka ehs.mobiscope.kernel) application 1.05 for Android does not verify X.509 ce...
CVE-2014-5770	The Web Browser for Android (aka explore.web.browser) application 1.2 for Android does not verify X....
CVE-2014-5771	The Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application 1.1 for Android does not verify X....
CVE-2014-5772	The Government Bookstore (aka hksarg.isd.sop.govbookstore) application 1.01 for Android does not ver...
CVE-2014-5773	The RegisteredAssistant (aka Icr.RegisteredAssistant) application 0.2.3 for Android does not verify ...
CVE-2014-5774	The Web Browser & Explorer (aka internetexplorer.browser.webexplorer) application 4 for Android does...
CVE-2014-5775	The Super Fast Browser (aka iron.web.jalepano.browser) application 2.0.5.6 for Android does not veri...
CVE-2014-5776	The PlayMemories Online (aka jp.co.sony.tablet.PersonalSpace) application 4.2.0.05070 for Android do...
CVE-2014-5777	The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application 2.8.4 for Android does no...
CVE-2014-5778	The Pou (aka me.pou.app) application 1.4.53 for Android does not verify X.509 certificates from SSL ...
CVE-2014-5779	The Jack'd - Gay Chat & Dating (aka mobi.jackd.android) application 1.9.0a for Android does not veri...
CVE-2014-5780	The Bouncy Bill (aka mominis.Generic_Android.Bouncy_Bill) application 1.9.1 for Android does not ver...
CVE-2014-5781	The Bouncy Bill Easter Tales (aka mominis.Generic_Android.Bouncy_Bill_Easter_Tales) application 1.0....
CVE-2014-5782	The Bouncy Bill Halloween (aka mominis.Generic_Android.Bouncy_Bill_Halloween) application 1.0.3 for ...
CVE-2014-5783	The Bouncy Bill Monster Smasher ed (aka mominis.Generic_Android.Bouncy_Bill_Monster_Smasher_Edition)...
CVE-2014-5784	The Bouncy Bill Seasons (aka mominis.Generic_Android.Bouncy_Bill_Seasons) application 1.3.9 for Andr...
CVE-2014-5785	The Bouncy Bill World-Cup (aka mominis.Generic_Android.Bouncy_Bill_World_Cup) application 1.0.1 for ...
CVE-2014-5786	The Jewels & Diamonds (aka mominis.Generic_Android.Jewels_and_Diamonds) application 1.1.0 for Androi...
CVE-2014-5787	The Ninja Chicken (aka mominis.Generic_Android.Ninja_Chicken) application 1.7.6 for Android does not...
CVE-2014-5788	The Ninja Chicken Adventure Island (aka mominis.Generic_Android.Ninja_Chicken_Adventure_Island) appl...
CVE-2014-5789	The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicken_Ooga_Booga) application 1.4....
CVE-2014-5790	The Pets Fun House (aka mominis.Generic_Android.Pets_Fun_House) application 1.0.1 for Android does n...
CVE-2014-5791	The Daum Cloud (aka net.daum.android.cloud) application 1.6.18 for Android does not verify X.509 cer...
CVE-2014-5792	The Reign of Dragons: Build-Battle (aka net.gree.android.pf.greeapp57501) application 2.4.2 for Andr...
CVE-2014-5793	The Bilgi Yarisi (aka net.mobilecraft.bilgiyarisi) application 1.8 for Android does not verify X.509...
CVE-2014-5794	The 8 Minutes Abs Workout (aka net.p4p.absen) application 2.0.9 for Android does not verify X.509 ce...
CVE-2014-5795	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5795. Reason: This candidat...	R
CVE-2014-5796	The Chest Workout (aka net.p4p.chest) application 2.0.8 for Android does not verify X.509 certificat...
CVE-2014-5797	The smart (aka nh.smart) application 3.0.5 for Android does not verify X.509 certificates from SSL s...
CVE-2014-5798	The smart.calculator (aka nh.smart.calculator) application 2 for Android does not verify X.509 certi...
CVE-2014-5799	The smart.card (aka nh.smart.card) application 3.2 for Android does not verify X.509 certificates fr...
CVE-2014-5800	The smart.nhibzbanking (aka nh.smart.nhibzbanking) application 2.1 for Android does not verify X.509...
CVE-2014-5801	The DataGard VPN + AV (aka ocshield.com) application @7F050013 for Android does not verify X.509 cer...
CVE-2014-5802	The PlayScape (aka playscape.mominis.gameconsole.com) application 9.3.3 for Android does not verify ...
CVE-2014-5803	The Towers N' Trolls (aka project.android.ftdjni) application 1.6.4 for Android does not verify X.50...
CVE-2014-5804	The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does not verify X.509 certificates f...
CVE-2014-5805	The Dating for everyone - Mamba! (aka ru.mamba.client) application 3.5 for Android does not verify X...
CVE-2014-5806	The World of Tanks Assistant (aka ru.worldoftanks.mobile) application 1.7.5 for Android does not ver...
CVE-2014-5807	The Safari Browser (aka safari.safaribrowser.internetexplorer) application 1 for Android does not ve...
CVE-2014-5808	The Whisper (aka sh.whisper) application 4.0.6 for Android does not verify X.509 certificates from S...
CVE-2014-5809	The Smart Browser (aka smartbrowser.geniuscloud) application 2.0 for Android does not verify X.509 c...
CVE-2014-5810	The SGK Hizmet Dokumu 4a (aka tr.gov.sgk.hizmetDokumu4a) application 1.103 for Android does not veri...
CVE-2014-5811	The ZOOM Cloud Meetings (aka us.zoom.videomeetings) application @7F060008 for Android does not verif...
CVE-2014-5812	The VDM Officiel (aka vdm.activities) application 5 for Android does not verify X.509 certificates f...
CVE-2014-5813	The lostword (aka zozo.android.lostword) application 5.9 for Android does not verify X.509 certifica...
CVE-2014-5814	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5971, CVE-2014-5984. Reason...	R
CVE-2014-5815	The Solitaire Arena (aka com.mavenhut.solitaire) application 1.0.15 for Android does not verify X.50...
CVE-2014-5816	The MeiPai (aka com.meitu.meipaimv) application 1.2.0 for Android does not verify X.509 certificates...
CVE-2014-5817	The Mini Pets (aka com.miniclip.animalshelter) application 2.0.3 for Android does not verify X.509 c...
CVE-2014-5818	The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application 1.7.0.8 for Android does not v...
CVE-2014-5819	The PHONE for Google Voice & GTalk (aka com.moplus.gvphone) application 1.0 for Android does not ver...
CVE-2014-5820	The OkCupid Dating (com.okcupid.okcupid) application 3.4.6 for Android does not verify X.509 certifi...
CVE-2014-5821	The Guitar Tuner Free - GuitarTuna (aka com.ovelin.guitartuna) application 2.4.5 for Android does no...
CVE-2014-5822	The VK Kate Mobile (aka com.perm.kate) application 9.6.1 for Android does not verify X.509 certifica...
CVE-2014-5823	The The Cleaner - Speed up & Clean (aka com.liquidum.thecleaner) application 1.4.2 for Android does ...
CVE-2014-5824	The longjiang (aka com.longjiang.kr) application 2.0.6 for Android does not verify X.509 certificate...
CVE-2014-5825	The Guess The Movie (aka com.june.guessthemovie) application 2.982 for Android does not verify X.509...
CVE-2014-5826	The Rix GO Locker Theme (aka com.jiubang.goscreenlock.theme.rix.getjar) application 1.20.2 for Andro...
CVE-2014-5827	The Ibotta - Better than Coupons. (aka com.ibotta.android) application 2.5.1 for Android does not ve...
CVE-2014-5828	The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application 2 for Android does not verify ...
CVE-2014-5829	The Hobby Lobby Stores (aka com.hobbylobbystores.android) application 2.1.9 for Android does not ver...
CVE-2014-5830	The Farm Frenzy Gold (aka com.herocraft.game.farmfrenzy.gold) application 1.0.1 for Android does not...
CVE-2014-5831	The Hotel Story: Resort Simulation (aka com.happylabs.hotelstory) application 1.7.9B for Android doe...
CVE-2014-5832	The hananbank (aka com.hanabank.ebk.channel.android.hananbank) application 4.06 for Android does not...
CVE-2014-5833	The FriendCaster Chat (aka com.handmark.friendcaster.chat) application 2 for Android does not verify...
CVE-2014-5834	The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for Android does not verify X.509 ...
CVE-2014-5835	The Club Personal (aka com.globant.clubpersonal) application 2.6 for Android does not verify X.509 c...
CVE-2014-5836	The GittiGidiyor (aka com.gittigidiyormobil) application 1.4.1 for Android does not verify X.509 cer...
CVE-2014-5837	The My Railway (aka com.gameinsight.myrailway) application 1.1.33 for Android does not verify X.509 ...
CVE-2014-5838	The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) application 1.0.1 for Android does n...
CVE-2014-5839	The Acces Compte (aka com.fullsix.android.labanquepostale.accountaccess) application 3.2.6 for Andro...
CVE-2014-5840	The forfone: Free Calls & Messages (aka com.forfone.sip) forfone application 1.5.11 for Android does...
CVE-2014-5841	The Girls Calendar Period&Weight (aka jp.co.cybird.apps.lifestyle.cal) application 3.2.2 for Android...
CVE-2014-5842	The 2G Live Tv (aka com.ww2GLiveTv) application 0.9 for Android does not verify X.509 certificates f...
CVE-2014-5843	The ADP AGENCY Immobiliare (aka com.wAdpagencyAndroid) application 0.1 for Android does not verify X...
CVE-2014-5844	The Alsunna (aka com.wAlsunna) application 0.1 for Android does not verify X.509 certificates from S...
CVE-2014-5845	The Strike Fighters Israel (aka com.thirdwire.strikefighters.mideast.android) application 1.2.4 for ...
CVE-2014-5846	The Fairy Princess Makeover Salon (aka com.mobgams.dressup.fairy.princess.makeover) application 1.7 ...
CVE-2014-5847	The Big Win Slots - Slot Machines (aka com.gosub60.BigWinSlots) application 1.11.2 for Android does ...
CVE-2014-5848	The Dubstep Hero (aka com.electricpunch.dubstephero) application 1.9 for Android does not verify X.5...
CVE-2014-5849	The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1.2.0 for Android does not veri...
CVE-2014-5850	The Kaave Fali (aka com.didilabs.kaavefali) application 1.5.1 for Android does not verify X.509 cert...
CVE-2014-5851	The Dark Summoner (aka com.darksummoner) application 1.03.39 for Android does not verify X.509 certi...
CVE-2014-5852	The Kakao (aka com.com2us.tinypang.kakao.freefull2.google.global.android.common) application 2.11.1....
CVE-2014-5853	The Knights N Squires (aka com.com2us.imhero.normal.freefull.google.global.android.common) applicati...
CVE-2014-5854	The Windows Live Hotmail PUSH mail (aka com.clearhub.wl) application 1.00.97 for Android does not ve...
CVE-2014-5855	The CJmall (aka com.cjoshppingphone) application 4.1.8 for Android does not verify X.509 certificate...
CVE-2014-5856	The Selfie Camera -Facial Beauty- (aka com.cfinc.cunpic) application 1.2.7 for Android does not veri...
CVE-2014-5857	The White & Yellow Pages (aka com.avantar.wny) application 5.1.1 for Android does not verify X.509 c...
CVE-2014-5858	The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for Android does not verify X.509 ...
CVE-2014-5859	The Star Girl: Colors of Spring (aka com.animoca.google.starGirlSpring) application 3.4.1 for Androi...
CVE-2014-5860	The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificat...
CVE-2014-5861	The BoyAhoy - Gay Chat (aka com.boyahoy.android) application 4.3.6 for Android does not verify X.509...
CVE-2014-5862	The ecalendar2 (aka cn.etouch.ecalendar2) application 4.5.3 for Android does not verify X.509 certif...
CVE-2014-5863	The mpang.gp (aka air.com.cjenm.mpang.gp) application 4.0.0 for Android does not verify X.509 certif...
CVE-2014-5864	The Swish payments (aka se.bankgirot.swish) application 2 for Android does not verify X.509 certific...
CVE-2014-5865	The Ask.com (aka com.ask.android) application 2.2.5 for Android does not verify X.509 certificates f...
CVE-2014-5866	The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify X.509 certificates from SSL se...
CVE-2014-5867	The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not veri...
CVE-2014-5868	The Cisco Technical Support (aka com.cisco.swtg_android) application 3.7.1 for Android does not veri...
CVE-2014-5869	The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 cer...
CVE-2014-5870	The Kmart (aka com.kmart.android) application 6.2.8 for Android does not verify X.509 certificates f...
CVE-2014-5871	The Piwik Mobile 2 (aka org.piwik.mobile2) application 2.0.1 for Android does not verify X.509 certi...
CVE-2014-5872	The SafeNetMobile Pass (aka securecomputing.devices.android.controller) application 8.3.7.11 for And...
CVE-2014-5873	The Sears (aka com.sears.android) application 6.2.8 for Android does not verify X.509 certificates f...
CVE-2014-5874	The SplashID (aka com.splashidandroid) application 7.2.2 for Android does not verify X.509 certifica...
CVE-2014-5875	The Sylphone (aka com.sylpheo.prospectosyl) application 5.3.8 for Android does not verify X.509 cert...
CVE-2014-5876	The WD My Cloud (aka com.wdc.wd2go) application 4.0.0 for Android does not verify X.509 certificates...
CVE-2014-5877	The TV Guide (aka net.micene.minigroup.palimpsests.lite) application 5.4.3 for Android does not veri...
CVE-2014-5878	The ium (aka net.ium.mobile.android) application 3.3.4 for Android does not verify X.509 certificate...
CVE-2014-5879	The tvguide (aka kenneth.tvguide) application 1.9.14 for Android does not verify X.509 certificates ...
CVE-2014-5880	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5880. Reason: This candidat...	R
CVE-2014-5881	The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X....
CVE-2014-5882	The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates f...
CVE-2014-5883	The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does not verify X.509 certificates...
CVE-2014-5884	The 1&1 Online Storage (aka de.einsundeins.smartdrive) application 5.0.11 for Android does not verif...
CVE-2014-5885	The Disaster Alert (aka disasterAlert.PDC) application 3.2 for Android does not verify X.509 certifi...
CVE-2014-5886	The iVysilani ceske televize (aka cz.motion.ivysilani) application 1.6 for Android does not verify X...
CVE-2014-5887	The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509...
CVE-2014-5888	The SLOTS: Bible Slots Free (aka com.topfreegames.topbibleslots) application 1.122 for Android does ...
CVE-2014-5889	The Android Forums (aka com.tapatalk.androidforumscom) application 2.4.4.9 for Android does not veri...
CVE-2014-5890	The KBO sports2i 2014 (aka com.sports2i) application 5.1.00 for Android does not verify X.509 certif...
CVE-2014-5891	The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verif...
CVE-2014-5892	The greenbill (aka com.show.greenbill_G) application 2.0.3 for Android does not verify X.509 certifi...
CVE-2014-5893	The froyo (aka com.shinsegae.mobile.froyo) application 5.1.3 for Android does not verify X.509 certi...
CVE-2014-5894	The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not v...
CVE-2014-5895	The ShopYourWay (aka com.sears.shopyourway) application 1.9 for Android does not verify X.509 certif...
CVE-2014-5896	The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does...
CVE-2014-5897	The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not ver...
CVE-2014-5898	The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) applicati...
CVE-2014-5899	The Nespresso (aka com.nespresso.activities) application 2.4.1 for Android does not verify X.509 cer...
CVE-2014-5900	The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 for Android does not verify X...
CVE-2014-5901	The Beauty Bible - App for Girls (aka com.my.beauty.bible) application 5 for Android does not verify...
CVE-2014-5902	The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application 2.9 for Android does not v...
CVE-2014-5903	The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certi...
CVE-2014-5904	The MiniInTheBox Online Shopping (aka com.miniinthebox.android) application 2.0.0 for Android does n...
CVE-2014-5905	The Grocery List - Tomatoes (aka com.meucarrinho) application 5.1.4 for Android does not verify X.50...
CVE-2014-5906	The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application 1.138 for Android ...
CVE-2014-5907	The Pet Salon (aka com.libiitech.petsalon) application 1.0.1 for Android does not verify X.509 certi...
CVE-2014-5908	The Kmart (aka com.kmart.android) application @7F0C00EF for Android does not verify X.509 certificat...
CVE-2014-5909	The watcha (aka com.frograms.watcha) application 2.0.2 for Android does not verify X.509 certificate...
CVE-2014-5910	The Dog Whistle (aka com.dogwhistle.dogtrainingandroidapp) application 1.9 for Android does not veri...
CVE-2014-5911	The Free App Icons & Icon Packs (aka com.jellytap.cooliconfinder) application 1.4 for Android does n...
CVE-2014-5912	The InNote (aka com.intsig.notes) application 1.0.3.20131119 for Android does not verify X.509 certi...
CVE-2014-5913	The Allies in War (aka com.gamelion.aiw) application 1.3.2 for Android does not verify X.509 certifi...
CVE-2014-5914	The Finansbank Cep Subesi (aka com.finansbank.mobile.cepsube) application 1.1.5 for Android does not...
CVE-2014-5915	The Tigo Copa Mundial FIFA 2014 (aka com.fwc2014.millicom.and) application 3.1 for Android does not ...
CVE-2014-5916	The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for Android does not verify X.509 cert...
CVE-2014-5917	The Slideshow 365 (aka com.Slideshow) application 3.6 for Android does not verify X.509 certificates...
CVE-2014-5918	The Secret Circle - talk freely (aka com.easyxapp.secret) application 2.2.00.26 for Android does not...
CVE-2014-5919	The SurDoc - 100GB+ FREE storage (aka com.jd.surdoc) application 1.3.4.0 for Android does not verify...
CVE-2014-5920	The VK Amberfog (aka com.amberfog.vkfree) application 3.5.6 for Android does not verify X.509 certif...
CVE-2014-5921	The Need for Speed Network (aka com.ea.nfsautolog.bv) application 1.0.1 for Android does not verify ...
CVE-2014-5922	The ga6748 (aka com.g.ga6748) application 1 for Android does not verify X.509 certificates from SSL ...
CVE-2014-5923	The Facebook Status Via (aka com.StatusViaAdvanced) application 3.5 for Android does not verify X.50...
CVE-2014-5924	The Monster Makeup (aka com.bearhugmedia.android_monster) application 1.0.0.0 for Android does not v...
CVE-2014-5925	The 10000 Kindle Books Downloads (aka com.ww10000KindleBooksLatestnBestSellers) application 0.312 fo...
CVE-2014-5926	The DCU Mobile Banking (aka com.Vertifi.Mobile.P211391825) application 2 for Android does not verify...
CVE-2014-5927	The FastCustomer -- Fast Customer (aka www.fastcustomer.com) application 3 for Android does not veri...
CVE-2014-5928	The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does no...
CVE-2014-5929	The emartmall (aka kr.co.emart.emartmall) application 1.3.3 for Android does not verify X.509 certif...
CVE-2014-5930	The Store and Share (aka sg.com.singnet.mystorage.android) application 2.0.18 for Android does not v...
CVE-2014-5931	The Stop & Shop SCAN IT! Mobile (aka com.modivmedia.scanitss) application 7.21.00 for Android does n...
CVE-2014-5932	The Vodafone Mobile@Work (aka com.mobileiron.vodafone.MIClient) application 6.0.0.1.12R for Android ...
CVE-2014-5933	The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certi...
CVE-2014-5934	The Flurv Chat (aka com.flurv.android) application 4.3.3 for Android does not verify X.509 certifica...
CVE-2014-5935	The Daily Free App @ Amazon (aka com.kattanweb.android.dfaa) application 1.5.2 for Android does not ...
CVE-2014-5936	The INCOgnito Private Browser (aka com.SL.InCoBrowser) application 1.4.0 for Android does not verify...
CVE-2014-5937	The Social Networking (aka com.wSocialNetworkingSites) application 0.33.13320.99980 for Android does...
CVE-2014-5938	The AllDealsAsia All Deals ADA app (aka com.ada.deals) application 4.2.1 for Android does not verify...
CVE-2014-5939	The travelzadcomvb (aka com.tapatalk.travelzadcomvb) application 3.3.10 for Android does not verify ...
CVE-2014-5940	The PocketPC.ch (aka com.tapatalk.pocketpcch) application 3.9.51 for Android does not verify X.509 c...
CVE-2014-5941	The Armpit Spa & Girl Games (aka com.freegames.spamakeover) application 1.0.2 for Android does not v...
CVE-2014-5942	The Baby Stomach Surgery (aka com.harriskerioe.stomachsurgery) application 1.0.2 for Android does no...
CVE-2014-5943	The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X...
CVE-2014-5944	The Soccer Blitz (aka soccer.blitz) application 1.06 for Android does not verify X.509 certificates ...
CVE-2014-5945	The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 for Android does not verify X.5...
CVE-2014-5946	The forumhawaaworldcom (aka com.tapatalk.forumhawaaworldcom) application 3.4.12 for Android does not...
CVE-2014-5947	The psicofxp (aka com.tapatalk.psicofxpcom) application 2.4.12.15 for Android does not verify X.509 ...
CVE-2014-5948	The Obama for America (aka com.barackobama.ofa) application 1.02 for Android does not verify X.509 c...
CVE-2014-5949	The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application 3.0.1 for Android doe...
CVE-2014-5950	The NOW (aka com.smtown.smtownnow.androidapp) application 0.9.8 for Android does not verify X.509 ce...
CVE-2014-5951	The SinoPac (aka com.sionpac.app.SinoPac) application 2.4.2 for Android does not verify X.509 certif...
CVE-2014-5952	The E-Dziennik (aka com.librus.dziennik) application 0.5.2 for Android does not verify X.509 certifi...
CVE-2014-5953	The KASKUS (aka com.kaskus.android) application 2.13.0 for Android does not verify X.509 certificate...
CVE-2014-5954	The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X...
CVE-2014-5955	The Atomic Fusion (aka com.bytesized.fusion) application 1.7 for Android does not verify X.509 certi...
CVE-2014-5956	The VPlayer Video Player (aka me.abitno.vplayer.t) application 3.2.6 for Android does not verify X.5...
CVE-2014-5957	The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for Android does not verify X.509 cert...
CVE-2014-5958	The ChatBox - Chat Rooms (aka com.droidchatroom.messengerapp) application 2.5 for Android does not v...
CVE-2014-5959	The tx Smart (aka com.wooriwm.txsmart) application 7.05 for Android does not verify X.509 certificat...
CVE-2014-5960	The BundesArztsuche (aka de.kbv.bas) application 1.0.1 for Android does not verify X.509 certificate...
CVE-2014-5961	The russiananime (aka com.rareartifact.russiananime68A5CCFE) application 1 for Android does not veri...
CVE-2014-5962	The Guess The Actor (aka com.gamelikeinc.actors) application 1.1 for Android does not verify X.509 c...
CVE-2014-5963	The Halieutics (aka com.corn.Halieutics) application 21.40.5 for Android does not verify X.509 certi...
CVE-2014-5964	The MegaBank (aka com.megabank.mobilebank) application 2.0 for Android does not verify X.509 certifi...
CVE-2014-5965	The GrooveMusic (aka com.mobincube.android.sc_2HKFF) application 2.0.0 for Android does not verify X...
CVE-2014-5966	The Dreamland Super Theme GO Gold (aka com.gau.go.launcherex.viptheme.dreamland.gold) application 1 ...
CVE-2014-5967	The Designs Nail Arts (aka com.decoracionesnailart.flickr) application 3.6.1 for Android does not ve...
CVE-2014-5968	The iGolf - Golf GPS (aka com.igolf) application 20 for Android does not verify X.509 certificates f...
CVE-2014-5969	The healthylifestyle (aka com.alek.healthylifestyle) application 1.2.2 for Android does not verify X...
CVE-2014-5970	The BabyBus (aka com.sinyee.babybus.concert.ru) application 3.91 for Android does not verify X.509 c...
CVE-2014-5971	The Fiksu library for Android does not verify X.509 certificates from SSL servers, which allows man-...
CVE-2014-5972	The Loving - Couple Essential (aka com.xiaoenai.app) application 4.0.1 for Android does not verify X...
CVE-2014-5973	The Aquarium Advice (aka com.socialknowledge.aquariumadvice) application 3.7.6 for Android does not ...
CVE-2014-5974	The PSECU Mobile+ (aka com.Vertifi.Mobile.P231381116) application 2.2 for Android does not verify X....
CVE-2014-5975	The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certifi...
CVE-2014-5976	The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certifi...
CVE-2014-5977	The Mobile Face (aka com.wFacemobile) application 0.74.13432.91159 for Android does not verify X.509...
CVE-2014-5978	The memetan (aka memetan.android.com.activity) application 1.1.0 for Android does not verify X.509 c...
CVE-2014-5979	The TV Bengali Open Directory (aka com.TVBengali) application 1.4 for Android does not verify X.509 ...
CVE-2014-5980	The Genertel (aka com.genertel) application 2.6.0 for Android does not verify X.509 certificates fro...
CVE-2014-5981	The MoWeather (aka com.moji.moweather) application 1.40.05 for Android does not verify X.509 certifi...
CVE-2014-5982	The RunKeeper - GPS Track Run Walk (aka com.fitnesskeeper.runkeeper.pro) application 4.7 for Android...
CVE-2014-5983	The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application 1.1.11 for Android does ...
CVE-2014-5984	The Little Dragons (aka com.playcomo.dragongame) application 1.0.256 for Android does not verify X.5...
CVE-2014-5985	The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application 0.1 for Android does not veri...
CVE-2014-5986	The Educational Puzzles - Letters (aka com.EducationalPuzzlesLetters) application 2 for Android does...
CVE-2014-5987	The My3 - by 3HK (aka com.my3) application @7F0A0001 for Android does not verify X.509 certificates ...
CVE-2014-5988	The Azkend Gold (aka com.the10tons.azkend.gold) application 1.2.6 for Android does not verify X.509 ...
CVE-2014-5989	The baby days (aka jp.co.cyberagent.babydays) application 1.5.8 for Android does not verify X.509 ce...
CVE-2014-5990	The cookbible (aka net.bookjam.cookbible) application 1.0.0 for Android does not verify X.509 certif...
CVE-2014-5991	The Skin Conditions and Diseases (aka com.appsgeyser.wSkinConditions) application 2.1 for Android do...
CVE-2014-5992	The successsecrets (aka com.alek.successsecrets) application 1.2.3 for Android does not verify X.509...
CVE-2014-5993	The MLB Preplay (aka com.preplay.android.mlb) application 5.4.2 for Android does not verify X.509 ce...
CVE-2014-5994	The ding* ezetop. Top-up Any Phone (aka com.ezetop.world) application 1.3.4 for Android does not ver...
CVE-2014-5995	The eWUS mobile (aka pl.dreryk.ewustest) application 1.4.5 for Android does not verify X.509 certifi...
CVE-2014-5996	The DEKRA Used Car Report (aka com.dekra.maengelreport) application 3.0.0 for Android does not verif...
CVE-2014-5997	The Auto Trader (aka za.co.autotrader.android.app) application 2 for Android does not verify X.509 c...
CVE-2014-5998	The SkyDrive Assistant (aka com.dhh.sky) application 2.1 for Android does not verify X.509 certifica...
CVE-2014-5999	The autonavi (aka com.telenav.doudouyou.android.autonavi) application 4.6.1 for Android does not ver...