ReportizFlow
Filtered by vendor Blackberry
Subscriptions
Total
78 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22153 | 1 Blackberry | 1 Unified Endpoint Management | 2024-11-21 | 7.3 High |
| A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with the authority of the user. | ||||
| CVE-2021-22152 | 1 Blackberry | 1 Unified Endpoint Management | 2024-11-21 | 5.5 Medium |
| A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections. | ||||
| CVE-2020-6933 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | 5.5 Medium |
| An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause a Denial of Service (DoS) of the UEM Core service. | ||||
| CVE-2020-6932 | 1 Blackberry | 1 Qnx Software Development Platform | 2024-11-21 | 9.8 Critical |
| An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server. | ||||
| CVE-2020-36486 | 4 Apple, Blackberry, Google and 1 more | 4 Iphone Os, Blackberry Os, Android and 1 more | 2024-11-21 | 6.1 Medium |
| Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling. | ||||
| CVE-2019-9506 | 8 Apple, Blackberry, Canonical and 5 more | 280 Iphone Os, Mac Os X, Tvos and 277 more | 2024-11-21 | 8.1 High |
| The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. | ||||
| CVE-2019-8999 | 1 Blackberry | 1 Unified Endpoint Management | 2024-11-21 | N/A |
| An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account. | ||||
| CVE-2019-8998 | 1 Blackberry | 1 Qnx Software Development Platform | 2024-11-21 | N/A |
| An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5.0 SP1 and earlier could allow an attacker to potentially gain unauthorized access to a chosen process address space. | ||||
| CVE-2019-8997 | 1 Blackberry | 1 Athoc | 2024-11-21 | N/A |
| An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field. | ||||
| CVE-2018-8892 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator. | ||||
| CVE-2018-8891 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | ||||
| CVE-2018-8890 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in the context of the user. | ||||
| CVE-2018-8889 | 1 Blackberry | 1 Enterprise Mobility Server | 2024-11-21 | N/A |
| A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account. | ||||
| CVE-2018-8888 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | ||||
| CVE-2017-17442 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link. | ||||
| CVE-2012-5828 | 1 Blackberry | 2 Playbook, Playbook Firmware | 2024-11-21 | 6.5 Medium |
| BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error | ||||
| CVE-2024-51721 | 1 Blackberry | 1 Secusuite | 2024-11-13 | 7.3 High |
| A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege. | ||||
| CVE-2024-51722 | 1 Blackberry | 1 Secusuite | 2024-11-13 | 6.4 Medium |
| A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to potentially issue privileged script commands. | ||||