Latest Blackberry Vulnerabilities

CVE-2023-21523
A Stored Cross-site Scripting (XSS) vulnerability in the Management Console (User Management and Alerts) of BlackBerry AtHoc version 7.15 could allow an attacker to execute scri...
BlackBerry AtHoc=7.15
CVE-2023-21520
A PII Enumeration via Credential Recovery in the Self Service (Credential Recovery) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially associate a list of c...
BlackBerry AtHoc=7.15
CVE-2023-21522
A Reflected Cross-site Scripting (XSS) vulnerability in the Management Console (Reports) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially control a script that is executed in t...
BlackBerry AtHoc=7.15
CVE-2023-21521
An SQL Injection vulnerability in the Management Console? (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify ...
BlackBerry AtHoc=7.15
CVE-2021-32025
An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safet...
Blackberry Qnx Momentics=6.3.0
Blackberry Qnx Momentics=6.3.2
BlackBerry QNX Software Development Platform>=6.4.0<=7.0
Blackberry Qnx Os For Medical>=1.0<1.1.2
Blackberry Qnx Os For Medical=2.0.0
Blackberry Qnx Os For Safety>=1.0.0<1.0.3
and 1 more
CVE-2021-32024
A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.
BlackBerry QNX Software Development Platform>=6.4.0<=7.1
CVE-2021-32023
An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context ...
Blackberry Protect<=1574
CVE-2021-32021
A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of a B...
Blackberry Protect<=1574
CVE-2021-32022
A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and earlier could allow an attacker to potentially execute code in the context of ...
Blackberry Protect<=1574
CVE-2020-36486
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.
Swiftfiletransfer Swift File Transfer<=1.1.2
Apple iPhone OS
Blackberry Blackberry Os
Google Android
CVE-2021-22156
An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and earlier, QNX OS ...
BlackBerry QNX Software Development Platform<6.5.0
BlackBerry QNX Software Development Platform=6.5.0
BlackBerry QNX Software Development Platform=6.5.0-sp1
Blackberry Qnx Os For Medical<=1.1.1
Blackberry Qnx Os For Safety<=1.0.2
Multiple Amazon FreeRTOS, Version 10.4.1
and 28 more
CVE-2021-22154
An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially gai...
Blackberry Unified Endpoint Management<=12.12.0
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_1
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_2
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_3
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_4
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_5
and 5 more
CVE-2021-22153
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause...
Blackberry Unified Endpoint Management<=12.12.0
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_1
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_2
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_3
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_4
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_5
and 5 more
CVE-2021-22152
A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an ...
Blackberry Unified Endpoint Management<=12.12.0
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_1
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_2
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_3
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_4
Blackberry Unified Endpoint Management=12.12.1a-quick_fix_5
and 5 more
CVE-2021-22155
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to pote...
BlackBerry Workspaces Server<=9.1
BlackBerry Workspaces Server=10.1
CVE-2020-6933
An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause ...
BlackBerry Unified Endpoint Manager<=12.11.1
BlackBerry Unified Endpoint Manager=12.11.1-quick_fix1
BlackBerry Unified Endpoint Manager=12.11.1-quick_fix2
BlackBerry Unified Endpoint Manager=12.11.1-quick_fix3
BlackBerry Unified Endpoint Manager=12.12.1a
BlackBerry Unified Endpoint Manager=12.12.1a-quick_fix1
and 2 more
CVE-2020-6932
An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to poten...
BlackBerry QNX Software Development Platform>=6.4.0<=6.6.0
CVE-2020-11652
SaltStack Salt Path Traversal Vulnerability
SaltStack Salt<2019.2.4
SaltStack Salt>=3000<3000.2
openSUSE Leap=15.1
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 14 more
CVE-2020-1938
Apache Tomcat Improper Privilege Management Vulnerability
redhat/tomcat6<0:6.0.24-114.el6_10
redhat/tomcat<0:7.0.76-11.el7_7
redhat/tomcat<0:7.0.76-10.el7_6
redhat/jbossweb<0:7.5.30-2.Final_redhat_2.1.ep6.el5
redhat/glassfish-jsf12-eap6<0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5
redhat/hornetq<0:2.3.25-29.SP31_redhat_00001.1.ep6.el5
and 265 more
CVE-2019-8998
An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5...
BlackBerry QNX Software Development Platform<=6.5.0
CVE-2019-9506
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced.
redhat/kernel-rt<0:3.10.0-1062.4.1.rt56.1027.el7
redhat/kernel<0:3.10.0-1062.4.1.el7
redhat/kernel-alt<0:4.14.0-115.14.1.el7a
redhat/kernel<0:3.10.0-327.86.1.el7
redhat/kernel<0:3.10.0-514.70.1.el7
redhat/kernel<0:3.10.0-693.60.1.el7
and 729 more
CVE-2019-8999
An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attacker to potentially gain read access to files on any system reachable by the ...
Blackberry Unified Endpoint Management<=12.10.1a
CVE-2019-8997
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local...
BlackBerry AtHoc<7.6_hf-567
CVE-2018-8892
A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the cont...
BlackBerry Unified Endpoint Manager<12.9.1
CVE-2018-8888
A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be execute...
BlackBerry Unified Endpoint Manager<12.10.0
CVE-2018-8891
Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be...
BlackBerry Unified Endpoint Manager<12.9.1
CVE-2018-8890
An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in th...
BlackBerry Unified Endpoint Manager=12.8.0
BlackBerry Unified Endpoint Manager=12.8.1
CVE-2018-8889
A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context ...
BlackBerry Enterprise Mobility Server<=2.8.17.29

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203