Vulnerabilities > Blackberry
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-12 | CVE-2020-6932 | Unspecified vulnerability in Blackberry QNX Software Development Platform An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server. | 9.8 |
| 2020-04-30 | CVE-2020-11652 | Path Traversal vulnerability in multiple products An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. | 6.5 |
| 2020-02-24 | CVE-2020-1938 | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. | 9.8 |
| 2020-02-10 | CVE-2012-5828 | Information Exposure vulnerability in Blackberry Playbook Firmware BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error | 6.5 |
| 2019-07-12 | CVE-2019-8998 | Unspecified vulnerability in Blackberry QNX Software Development Platform 6.4.0/6.4.1 An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5.0 SP1 and earlier could allow an attacker to potentially gain unauthorized access to a chosen process address space. | 7.8 |
| 2019-04-18 | CVE-2019-8999 | XXE vulnerability in Blackberry Unified Endpoint Management An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the UEM service account. | 7.5 |
| 2019-03-21 | CVE-2019-8997 | XXE vulnerability in Blackberry Athoc An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field. | 5.9 |
| 2018-12-20 | CVE-2018-8892 | Cross-Site Request Forgery (CSRF) vulnerability in Blackberry Unified Endpoint Manager A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator. | 6.5 |
| 2018-12-20 | CVE-2018-8891 | Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | 4.8 |
| 2018-12-20 | CVE-2018-8888 | Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | 4.8 |