VYPR

Blackberry OS

by Blackberry

CVEs (8)

  • CVE-2008-3246Jul 21, 2008
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary…

  • CVE-2018-8892Dec 20, 2018
    risk 0.00cvss epss 0.00

    A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.

  • CVE-2018-8891Dec 20, 2018
    risk 0.00cvss epss 0.01

    Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

  • CVE-2018-8888Dec 20, 2018
    risk 0.00cvss epss 0.01

    A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

  • CVE-2014-6611Oct 25, 2014
    risk 0.00cvss epss 0.01

    The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, before 5.0.0.263 on BlackBerry 10 OS 10.2.1, and before 5.1.0.53 on BlackBerry 10 OS 10.3.0 does not properly validate download/update requests, which allows user-assisted man-in-the-middle attackers to spoof…

  • CVE-2014-2388Aug 18, 2014
    risk 0.00cvss epss 0.01

    The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via (1) a session over a Wi-Fi network…

  • CVE-2014-2389Apr 12, 2014
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless…

  • CVE-2013-3692Jul 13, 2013
    risk 0.00cvss epss 0.00

    BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a…