Total
1268 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9583 | 1 Meafinancial | 1 Charlevoix State Bank | 2025-04-20 | N/A |
| The "Charlevoix State Bank" by Charlevoix State Bank app 3.0.1 -- aka charlevoix-state-bank/id1128963717 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-5887 | 1 Starscream Project | 1 Starscream | 2025-04-20 | N/A |
| WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function (this is too late; pinning should occur in the initStreamsWithData function). | ||||
| CVE-2017-8059 | 1 Foxitsoftware | 1 Foxit Pdf | 2025-04-20 | N/A |
| Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in. | ||||
| CVE-2017-9582 | 1 Bradynationalbank | 1 Bnb Mobile Banking | 2025-04-20 | N/A |
| The "BNB Mobile Banking" by Brady National Bank app 3.0.0 -- aka bnb-mobile-banking/id674215747 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9581 | 1 Meafinancial | 1 Algonquin State Bank Mobile Banking | 2025-04-20 | N/A |
| The "Algonquin State Bank Mobile Banking" by Algonquin State Bank app 3.0.0 -- aka algonquin-state-bank-mobile-banking/id1089657735 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9579 | 1 Meafinancial | 1 Jmcu Mobile Banking | 2025-04-20 | N/A |
| The "JMCU Mobile Banking" by Joplin Metro Credit Union app 3.0.0 -- aka jmcu-mobile-banking/id716065893 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9578 | 1 Rivervalleycommunitybank | 1 Rvcb Mobile | 2025-04-20 | N/A |
| The "RVCB Mobile" by RVCB Mobile Banking app 3.0.0 -- aka rvcb-mobile/id757928895 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-8058 | 1 Atlassian | 1 Hipchat | 2025-04-20 | N/A |
| Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call. | ||||
| CVE-2016-1210 | 1 The Hyakugo Bank | 1 105 Bank | 2025-04-20 | N/A |
| The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9577 | 1 Fcbl | 1 First Citizens Bank-mobile | 2025-04-20 | N/A |
| The "First Citizens Bank-Mobile Banking" by First Citizens Bank (AL) app 3.0.0 -- aka first-citizens-bank-mobile-banking/id566037101 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9563 | 1 Meafinancial | 1 Fccb | 2025-04-20 | N/A |
| The First Citizens Community Bank fccb/id809930960 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-7971 | 1 Schneider-electric | 3 Citect Anywhere, Powerscada Anywhere, Powerscada Expert | 2025-04-20 | N/A |
| A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate. | ||||
| CVE-2017-9562 | 1 Meafinancial | 1 Freedom 1st Credit Union Mobile Banking | 2025-04-20 | N/A |
| The Freedom First freedom-1st-credit-union-mobile-banking/id1085229458 app 3.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9561 | 1 Lbtc | 1 Lee Bank \& Trust | 2025-04-20 | N/A |
| The Lee Bank & Trust lbtc-mobile/id1068984753 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-1148 | 1 Photosynth | 1 Akerun | 2025-04-20 | 8.1 High |
| Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates. | ||||
| CVE-2017-9560 | 1 Cayugalakenationalbank | 1 Cayuga Lake National Bank | 2025-04-20 | N/A |
| The cayuga-lake-national-bank/id1151601539 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-9558 | 1 Wawacu | 1 Wawa Employees Credit Union Mobile | 2025-04-20 | N/A |
| The wawa-employees-credit-union-mobile/id1158082793 app 4.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-8943 | 1 Puma | 1 Pumatrac | 2025-04-20 | 5.9 Medium |
| The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-8942 | 1 Yottamark Inc. | 1 Shopwell - Healthy Diet \& Grocery Food Scanner | 2025-04-20 | N/A |
| The YottaMark ShopWell - Healthy Diet & Grocery Food Scanner app 5.3.7 through 5.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2017-8940 | 1 Zipongo Inc. | 1 Healthy Recipes And Grocery Deals | 2025-04-20 | N/A |
| The Zipongo - Healthy Recipes and Grocery Deals app before 6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||