Filtered by vendor Blackberry
Subscriptions
Total
89 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-8891 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | ||||
| CVE-2018-8890 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in the context of the user. | ||||
| CVE-2018-8889 | 1 Blackberry | 1 Enterprise Mobility Server | 2024-11-21 | N/A |
| A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account. | ||||
| CVE-2018-8888 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | ||||
| CVE-2017-17442 | 1 Blackberry | 1 Unified Endpoint Manager | 2024-11-21 | N/A |
| In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link. | ||||
| CVE-2012-5828 | 1 Blackberry | 2 Playbook, Playbook Firmware | 2024-11-21 | 6.5 Medium |
| BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error | ||||
| CVE-2024-51720 | 1 Blackberry | 1 Secusuite | 2024-11-13 | 4.8 Medium |
| An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially enroll an attacker-controlled device to the victim’s account and telephone number. | ||||
| CVE-2024-51721 | 1 Blackberry | 1 Secusuite | 2024-11-13 | 7.3 High |
| A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege. | ||||
| CVE-2024-51722 | 1 Blackberry | 1 Secusuite | 2024-11-13 | 6.4 Medium |
| A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to potentially issue privileged script commands. | ||||