Vulnerabilities > Nokia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-05 | CVE-2019-3920 | Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/. | 8.8 |
| 2019-03-05 | CVE-2019-3919 | Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/. | 8.8 |
| 2011-03-29 | CVE-2011-1472 | Improper Authentication vulnerability in Nokia E75 and E75 Firmware The Nokia E75 phone with firmware before 211.12.01 allows physically proximate attackers to bypass the Device Lock code by entering an unspecified button sequence at boot time. | 7.2 |
| 2009-07-20 | CVE-2009-2538 | Resource Management Errors vulnerability in Nokia N810 Internet Tablet, N82 and Symbian The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | 7.1 |
| 2009-02-20 | CVE-2009-0649 | Denial of Service vulnerability in Nokia N95 'setAttributeNode()' The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method. | 7.8 |
| 2009-01-02 | CVE-2008-5827 | Configuration vulnerability in Nokia 6131 NFC 05.12 The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag. | 7.5 |
| 2009-01-02 | CVE-2008-5826 | Improper Input Validation vulnerability in Nokia 6131 NFC 05.12 The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to cause a denial of service (device crash) via (1) a large value in the payload length field in an NDEF record, or a certain length for a (2) tel: or (3) sms: NDEF URI. | 7.8 |
| 2008-09-19 | CVE-2008-4135 | Resource Management Errors vulnerability in S60 Symbian OS Unknown Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service (device crash) via multiple deauthentication (DeAuth) frames. | 7.8 |
| 2007-12-15 | CVE-2007-6371 | Improper Input Validation vulnerability in Nokia N95 12.0.013 Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote attackers to cause a denial of service (device inoperability) via a SIP INVITE message accompanied by an immediately subsequent SIP CANCEL message, followed by a second SIP INVITE message in a different session. | 7.1 |
| 2007-05-11 | CVE-2007-2591 | Denial-Of-Service vulnerability in Nokia products usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action. | 7.5 |