Vulnerabilities (CVE)

Filtered by vendor Blackberry Subscribe
Filtered by product Blackberry Os
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-6611 1 Blackberry 2 Blackberry Os, Blackberry World 2024-11-21 4.3 MEDIUM N/A
The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, before 5.0.0.263 on BlackBerry 10 OS 10.2.1, and before 5.1.0.53 on BlackBerry 10 OS 10.3.0 does not properly validate download/update requests, which allows user-assisted man-in-the-middle attackers to spoof servers and trigger the download of a crafted app by modifying the client-server data stream.
CVE-2014-2389 1 Blackberry 2 Blackberry Os, Blackberry Z10 2024-11-21 9.3 HIGH N/A
Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network.
CVE-2014-2388 1 Blackberry 5 Blackberry Os, Q10, Q5 and 2 more 2024-11-21 6.1 MEDIUM N/A
The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via (1) a session over a Wi-Fi network or (2) a session over a USB connection in Development Mode.
CVE-2013-3692 1 Blackberry 2 Blackberry Os, Z10 2024-11-21 6.2 MEDIUM N/A
BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application.
CVE-2020-36486 4 Apple, Blackberry, Google and 1 more 4 Iphone Os, Blackberry Os, Android and 1 more 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.