VYPR
Get started
← All vendors
Vendor

Nokia

Sign in to watch

Nokia Corporation is a Finnish multinational telecommunications, information technology, and consumer electronics corporation, originally established as a pulp mill in 1865. Nokia's main headquarters are in Espoo, Finland, in the Helsinki metropolitan area, but the company's actual roots are in the Tampere region of Pirkanmaa. In 2020, Nokia employed approximately 92,000 people across over 100 countries, did business in more than 130 countries, and reported annual revenues of around €23 billion. Nokia is a public limited company listed on the Nasdaq Helsinki and New York Stock Exchange.

Founded 1865
Products
31
CVEs
37
Across products
81
Status
Private

Products

31

Recent CVEs

37
CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2025-24818Hig0.528.00.00Apr 7, 2026Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
CVE-2025-24817Hig0.528.00.00Apr 7, 2026Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
CVE-2025-24819Med0.375.70.00Apr 7, 2026Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
CVE-2012-24420.040.15Jul 25, 2012Buffer overflow in the Video Manager in Nokia PC Suite 7.1.180.64 and earlier allows remote attackers to cause a denial of service via a crafted mp4 file.
CVE-2006-07970.040.11Feb 19, 2006Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS).
CVE-2005-22770.040.09Jul 15, 2005Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.
CVE-2005-22500.040.09Jul 13, 2005Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.
CVE-2011-04980.030.05Jan 20, 2011Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
CVE-2009-07340.030.05Feb 25, 2009Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
CVE-2009-06490.030.03Feb 20, 2009The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method.
CVE-2006-44640.030.04Aug 31, 2006The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a denial of service (crash) via JavaScript that constructs a large Unicode string.
CVE-2005-12940.030.00Apr 24, 2005The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index.
CVE-2005-06810.030.05Mar 6, 2005Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.
CVE-2003-08030.030.02Oct 6, 2003Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.
CVE-2003-08020.030.02Oct 6, 2003Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).
CVE-2003-08010.030.00Oct 6, 2003Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.
CVE-2011-14720.000.00Mar 29, 2011The Nokia E75 phone with firmware before 211.12.01 allows physically proximate attackers to bypass the Device Lock code by entering an unspecified button sequence at boot time.
CVE-2010-33740.000.00Oct 4, 2010Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2009-49750.000.00Aug 2, 2010Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536.
CVE-2009-25380.000.01Jul 20, 2009The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.