VYPR

Enterprise Server

by Blackberry

Source repositories

CVEs (18)

  • CVE-2016-3130HigJan 13, 2017
    risk 0.53cvss 8.1epss 0.02

    An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements…

  • CVE-2016-3128HigJan 13, 2017
    risk 0.53cvss 8.2epss 0.02

    A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific…

  • CVE-2016-3126MedApr 22, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

  • CVE-2016-1918MedApr 22, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917.

  • CVE-2016-1917MedApr 22, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918.

  • CVE-2016-1916MedApr 22, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to…

  • CVE-2008-3246Jul 21, 2008
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary…

  • CVE-2025-66547Dec 5, 2025
    risk 0.00cvss epss 0.00

    Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1.

  • CVE-2015-4112Nov 19, 2015
    risk 0.00cvss epss 0.01

    The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.

  • CVE-2014-1469Aug 18, 2014
    risk 0.00cvss epss 0.00

    BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Service 10.x before 10.2.2 log cleartext credentials during exception handling, which allows local users to obtain sensitive information by reading the exception log file.

  • CVE-2014-1467Feb 14, 2014
    risk 0.00cvss epss 0.01

    BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino through 5.0.4, Enterprise Server Express for Exchange through 5.0.4, Enterprise Server for Domino through 5.0.4 MR6, Enterprise Server for Exchange through 5.0.4 MR6,…

  • CVE-2011-0290Oct 21, 2011
    risk 0.00cvss epss 0.02

    The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send…

  • CVE-2011-0287Jul 14, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 5.0.1 through 5.0.3, and BlackBerry Enterprise Server Express software 5.0.1 through 5.0.3, allows remote attackers to read text files or cause…

  • CVE-2010-2602Dec 17, 2010
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF…

  • CVE-2010-2601Oct 14, 2010
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.7 and earlier and 5.0.0 through 5.0.2, and BlackBerry Professional Software 4.1.4 and earlier, allow user-assisted…

  • CVE-2009-4778Apr 21, 2010
    risk 0.00cvss epss 0.04

    Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow user-assisted remote attackers…

  • CVE-2007-3483Jun 28, 2007
    risk 0.00cvss epss 0.01

    Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.

  • CVE-2006-5489Oct 25, 2006
    risk 0.00cvss epss 0.01

    Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's…