Vulnerabilities > Nokia > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-03 | CVE-2023-41351 | Missing Authentication for Critical Function vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated remote attacker to bypass the authentication mechanism to log in to the device by an alternative URL. | 9.8 |
2023-11-03 | CVE-2023-41355 | Improper Verification of Source of a Communication Channel vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. | 9.8 |
2023-11-03 | CVE-2023-41350 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nokia G-040W-Q Firmware G040Wqr201207 Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authentication attempts. | 9.8 |
2022-09-13 | CVE-2022-39815 | OS Command Injection vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. | 9.8 |
2019-03-05 | CVE-2019-3918 | Use of Hard-coded Credentials vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces. | 9.8 |
2011-01-20 | CVE-2011-0498 | Buffer Errors vulnerability in Nokia Multimedia Player 1.00.55.5010 Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file. | 9.3 |
2009-02-25 | CVE-2009-0734 | Buffer Errors vulnerability in Nokia PC Suite 6.86.9.3 Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file. | 9.3 |
2008-08-08 | CVE-2008-3553 | Permissions, Privileges, and Access Controls vulnerability in SUN J2Me Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. | 10.0 |
2008-08-08 | CVE-2008-3552 | Security-Bypass vulnerability in Sun Java Micro Edition (ME) Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices, allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 11-15." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. | 10.0 |