Vendor CVEs
Blackberry
All CVEs
97 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9367 | Cri | 0.64 | 9.8 | 0.02 | Oct 16, 2017 | A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request. | ||
| CVE-2017-3891 | Cri | 0.63 | 9.6 | 0.01 | Nov 14, 2017 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more QNet nodes could allow an attacker to access local and remote files or take… | ||
| CVE-2016-1914 | Hig | 0.61 | 8.8 | 0.04 | Apr 13, 2017 | Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2)… | ||
| CVE-2017-9370 | Hig | 0.57 | 8.8 | 0.01 | Aug 9, 2017 | An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server. | ||
| CVE-2016-2433 | Hig | 0.57 | 8.8 | 0.01 | Apr 21, 2017 | The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. | ||
| CVE-2016-3130 | Hig | 0.53 | 8.1 | 0.02 | Jan 13, 2017 | An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements… | ||
| CVE-2016-3128 | Hig | 0.53 | 8.2 | 0.02 | Jan 13, 2017 | A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific… | ||
| CVE-2026-7791 | Hig | 0.51 | 7.8 | 0.00 | May 4, 2026 | Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission… | ||
| CVE-2025-0501 | Hig | 0.49 | 7.5 | 0.00 | Jan 15, 2025 | An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle. | ||
| CVE-2017-9368 | Hig | 0.49 | 7.5 | 0.01 | Oct 16, 2017 | An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. | ||
| CVE-2016-3127 | Hig | 0.49 | 7.5 | 0.01 | Mar 3, 2017 | An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining… | ||
| CVE-2024-51721 | Hig | 0.47 | 7.3 | 0.00 | Nov 12, 2024 | A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege. | ||
| CVE-2024-35214 | Hig | 0.46 | — | 0.00 | Aug 20, 2024 | A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for Windows version 3.2 and 3.3 could allow an attacker to potentially uninstall CylanceOPTICS from a system thereby leaving it with only the protection of CylancePROTECT. | ||
| CVE-2016-1915 | Med | 0.43 | 6.1 | 0.04 | Apr 13, 2017 | Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp. | ||
| CVE-2016-3129 | Med | 0.43 | 6.6 | 0.03 | Dec 16, 2016 | A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands… | ||
| CVE-2024-51722 | Med | 0.42 | 6.4 | 0.00 | Nov 12, 2024 | A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to… | ||
| CVE-2017-17442 | Med | 0.40 | 6.1 | 0.01 | Mar 13, 2018 | In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading… | ||
| CVE-2017-3894 | Med | 0.40 | 6.1 | 0.01 | May 10, 2017 | A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions in the context of a Management Console administrator by uploading a malicious… | ||
| CVE-2017-3890 | Med | 0.40 | 6.1 | 0.01 | Jan 13, 2017 | A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user… | ||
| CVE-2016-3126 | Med | 0.40 | 6.1 | 0.01 | Apr 22, 2016 | Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||
| CVE-2016-1918 | Med | 0.40 | 6.1 | 0.01 | Apr 22, 2016 | Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917. | ||
| CVE-2016-1917 | Med | 0.40 | 6.1 | 0.01 | Apr 22, 2016 | Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918. | ||
| CVE-2002-0793 | Med | 0.39 | 5.5 | 0.01 | Aug 12, 2002 | Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample… | ||
| CVE-2016-1916 | Med | 0.35 | 5.4 | 0.01 | Apr 22, 2016 | Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to… | ||
| CVE-2024-51720 | Med | 0.31 | 4.8 | 0.00 | Nov 12, 2024 | An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially enroll an attacker-controlled device to the victim’s account and telephone number. | ||
| CVE-2018-8889 | Med | 0.31 | 4.7 | 0.00 | Sep 19, 2018 | A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account. | ||
| CVE-2017-9369 | Low | 0.25 | 3.8 | 0.01 | Nov 14, 2017 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by… | ||
| CVE-2017-3892 | Low | 0.25 | 3.8 | 0.01 | Nov 14, 2017 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands… | ||
| CVE-2017-9371 | Low | 0.17 | 2.6 | 0.01 | Nov 14, 2017 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical… | ||
| CVE-2017-3893 | Low | 0.12 | 1.9 | 0.01 | Nov 14, 2017 | In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks. | ||
| CVE-2014-2534 | 0.03 | — | 0.01 | Mar 18, 2014 | /sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow. | |||
| CVE-2014-2533 | 0.03 | — | 0.03 | Mar 18, 2014 | /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument. | |||
| CVE-2008-3024 | 0.03 | — | 0.06 | Jul 7, 2008 | Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/. | |||
| CVE-2019-8997 | 0.01 | — | 0.02 | Mar 21, 2019 | An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering… | |||
| CVE-2013-2688 | 0.01 | — | 0.07 | Jul 12, 2013 | Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage… | |||
| CVE-2013-2687 | 0.01 | — | 0.08 | Jul 12, 2013 | Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash)… | |||
| CVE-2012-0870 | 0.01 | — | 0.07 | Feb 23, 2012 | Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a… | |||
| CVE-2008-3246 | 0.01 | — | 0.07 | Jul 21, 2008 | Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary… | |||
| CVE-2025-66547 | 0.00 | — | 0.00 | Dec 5, 2025 | Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1. | |||
| CVE-2025-12766 | 0.00 | — | 0.00 | Nov 19, 2025 | An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker to potentially gain unauthorized knowledge about other organizations hosted on the same Interactive Warning System (IWS). | |||
| CVE-2025-2474 | 0.00 | — | 0.01 | Jun 10, 2025 | Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec. | |||
| CVE-2023-42404 | 0.00 | — | 0.00 | Apr 28, 2025 | OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution. | |||
| CVE-2024-48858 | 0.00 | — | 0.01 | Jan 14, 2025 | Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec. | |||
| CVE-2024-48857 | 0.00 | — | 0.00 | Jan 14, 2025 | NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec. | |||
| CVE-2024-48856 | 0.00 | — | 0.01 | Jan 14, 2025 | Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec. | |||
| CVE-2024-48855 | 0.00 | — | 0.00 | Jan 14, 2025 | Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec. | |||
| CVE-2024-48854 | 0.00 | — | 0.00 | Jan 14, 2025 | Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec. | |||
| CVE-2024-51723 | 0.00 | — | 0.00 | Nov 25, 2024 | A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session. | |||
| CVE-2024-35215 | 0.00 | — | 0.00 | Oct 8, 2024 | NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process. | |||
| CVE-2024-35213 | 0.00 | — | 0.01 | Jun 11, 2024 | An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process. |
- risk 0.64cvss 9.8epss 0.02
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
- risk 0.63cvss 9.6epss 0.01
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more QNet nodes could allow an attacker to access local and remote files or take…
- risk 0.61cvss 8.8epss 0.04
Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2)…
- risk 0.57cvss 8.8epss 0.01
An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server.
- risk 0.57cvss 8.8epss 0.01
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.
- risk 0.53cvss 8.1epss 0.02
An information disclosure vulnerability in the Core and Management Console in BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to obtain local or domain credentials of an administrator or user account by sniffing traffic between the two elements…
- risk 0.53cvss 8.2epss 0.02
A spoofing vulnerability in the Core of BlackBerry Enterprise Server (BES) 12 through 12.5.2 allows remote attackers to enroll an illegitimate device to the BES, gain access to device parameters for the BES, or send false information to the BES by gaining access to specific…
- risk 0.51cvss 7.8epss 0.00
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission…
- risk 0.49cvss 7.5epss 0.00
An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle.
- risk 0.49cvss 7.5epss 0.01
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.
- risk 0.49cvss 7.5epss 0.01
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys to access certain resources within a customer's Good deployment by gaining…
- risk 0.47cvss 7.3epss 0.00
A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege.
- risk 0.46cvss —epss 0.00
A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for Windows version 3.2 and 3.3 could allow an attacker to potentially uninstall CylanceOPTICS from a system thereby leaving it with only the protection of CylancePROTECT.
- risk 0.43cvss 6.1epss 0.04
Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.
- risk 0.43cvss 6.6epss 0.03
A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote attackers to obtain local administrator rights on the GEMS server via commands…
- risk 0.42cvss 6.4epss 0.00
A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to…
- risk 0.40cvss 6.1epss 0.01
In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading…
- risk 0.40cvss 6.1epss 0.01
A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions in the context of a Management Console administrator by uploading a malicious…
- risk 0.40cvss 6.1epss 0.01
A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user…
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918.
- risk 0.39cvss 5.5epss 0.01
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample…
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to…
- risk 0.31cvss 4.8epss 0.00
An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially enroll an attacker-controlled device to the victim’s account and telephone number.
- risk 0.31cvss 4.7epss 0.00
A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account.
- risk 0.25cvss 3.8epss 0.01
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by…
- risk 0.25cvss 3.8epss 0.01
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands…
- risk 0.17cvss 2.6epss 0.01
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical…
- risk 0.12cvss 1.9epss 0.01
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks.
- CVE-2014-2534Mar 18, 2014risk 0.03cvss —epss 0.01
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
- CVE-2014-2533Mar 18, 2014risk 0.03cvss —epss 0.03
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
- CVE-2008-3024Jul 7, 2008risk 0.03cvss —epss 0.06
Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.
- CVE-2019-8997Mar 21, 2019risk 0.01cvss —epss 0.02
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering…
- CVE-2013-2688Jul 12, 2013risk 0.01cvss —epss 0.07
Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage…
- CVE-2013-2687Jul 12, 2013risk 0.01cvss —epss 0.08
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash)…
- CVE-2012-0870Feb 23, 2012risk 0.01cvss —epss 0.07
Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a…
- CVE-2008-3246Jul 21, 2008risk 0.01cvss —epss 0.07
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary…
- CVE-2025-66547Dec 5, 2025risk 0.00cvss —epss 0.00
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1.
- CVE-2025-12766Nov 19, 2025risk 0.00cvss —epss 0.00
An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) version 7.21 could allow an attacker to potentially gain unauthorized knowledge about other organizations hosted on the same Interactive Warning System (IWS).
- CVE-2025-2474Jun 10, 2025risk 0.00cvss —epss 0.01
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
- CVE-2023-42404Apr 28, 2025risk 0.00cvss —epss 0.00
OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution.
- CVE-2024-48858Jan 14, 2025risk 0.00cvss —epss 0.01
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
- CVE-2024-48857Jan 14, 2025risk 0.00cvss —epss 0.00
NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
- CVE-2024-48856Jan 14, 2025risk 0.00cvss —epss 0.01
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
- CVE-2024-48855Jan 14, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
- CVE-2024-48854Jan 14, 2025risk 0.00cvss —epss 0.00
Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
- CVE-2024-51723Nov 25, 2024risk 0.00cvss —epss 0.00
A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session.
- CVE-2024-35215Oct 8, 2024risk 0.00cvss —epss 0.00
NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process.
- CVE-2024-35213Jun 11, 2024risk 0.00cvss —epss 0.01
An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process.
Page 1 of 2