CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1CVE-2020-36486
https://notcve.org/view.php?id=CVE-2020-36486
22 Oct 2021 — Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling. Se ha detectado que Swift File Transfer Mobile versión v1.1.2 y por debajo, contienen una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro "path" del manejo de excepciones "list" y "download" • https://www.vulnerability-lab.com/get_content.php?id=2205 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 3%CPEs: 371EXPL: 1CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
https://notcve.org/view.php?id=CVE-2019-9506
14 Aug 2019 — The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación d... • https://github.com/francozappa/knob • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 0CVE-2014-6611
https://notcve.org/view.php?id=CVE-2014-6611
25 Oct 2014 — The BlackBerry World app before 5.0.0.262 on BlackBerry 10 OS 10.2.0, before 5.0.0.263 on BlackBerry 10 OS 10.2.1, and before 5.1.0.53 on BlackBerry 10 OS 10.3.0 does not properly validate download/update requests, which allows user-assisted man-in-the-middle attackers to spoof servers and trigger the download of a crafted app by modifying the client-server data stream. La aplicación BlackBerry World anterior a 5.0.0.262 en BlackBerry 10 OS 10.2.0, anterior a 5.0.0.263 en BlackBerry 10 OS 10.2.1, y anterior... • http://secunia.com/advisories/61013 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 3CVE-2014-2388 – BlackBerry Z10 Authentication Bypass
https://notcve.org/view.php?id=CVE-2014-2388
13 Aug 2014 — The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via (1) a session over a Wi-Fi network or (2) a session over a USB connection in Development Mode. El servicio de almacenamiento y acceso en BlackBerry OS 10.x anterior a 10.2.1.1925 en los dispositivos Q5, Q10, Z10, y Z30 no aplica el requisito de contraseñas para el acce... • https://packetstorm.news/files/id/127850 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 14%CPEs: 2EXPL: 2CVE-2014-2389 – BlackBerry Z 10 Buffer Overflow
https://notcve.org/view.php?id=CVE-2014-2389
08 Apr 2014 — Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network. Desbordamiento de búfer basado en pila en una cierta función de descifrado en qconnDoor en dispositivos BlackBerry Z10 con software 10.1.0.2312, cuando el modo desarrollador ha sido habilitado previamente, permite a atacantes... • https://packetstorm.news/files/id/126061 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-6798
https://notcve.org/view.php?id=CVE-2013-6798
16 Nov 2013 — BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not properly determine the user account for execution of Peer Manager in certain situations involving successive logins with different accounts, which allows context-dependent attackers to bypass intended restrictions on remote file-access folders via IPv6 WebDAV requests, a different vulnerability than CVE-2013-3694. BlackBerry Link anterior a la versión 1.2.1.31 en Windows y anteriores a 1.1.1 build 39 en Mac OS X no det... • http://www.blackberry.com/btsc/KB35315 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 0%CPEs: 9EXPL: 1CVE-2013-3694
https://notcve.org/view.php?id=CVE-2013-3694
16 Nov 2013 — BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require authentication for remote file-access folders, which allows remote attackers to read or create arbitrary files via IPv6 WebDAV requests, as demonstrated by a CSRF attack involving DNS rebinding. BlackBerry Link anterior a la versión 1.2.1.31 en Windows y anterior a 1.1.1 build 39 en Mac OS X no requiere autenticación para carpetas file-access remotas, lo que permite a atacantes remotos leer o crear archivos arb... • http://blog.cmpxchg8b.com/2013/11/qnx.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2013-3692
https://notcve.org/view.php?id=CVE-2013-3692
13 Jul 2013 — BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrictions by leveraging a user's BlackBerry Protect password-reset request and a user's installation of a crafted application. BlackBerry 10 OS anteriores a v10.0.10.648 en smartphones BlackBerry Z10 usa permisos débiles para los objetos BlackBerry Protect, lo que permite a atacantes locales cercanos evitar las restr... • http://www.blackberry.com/btsc/KB34458 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-0291
https://notcve.org/view.php?id=CVE-2011-0291
08 Dec 2011 — The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a backup archive. El servicio BlackBerry PlayBook en la tableta Research In Motion (RIM) BlackBerry PlayBook con software anterior a v1.0.8.6067, permite a a usuarios locales ganar privilegios a través de un archivo de configuración modificado en un archivo de copia de seguridad. • http://blackberry.com/btsc/KB29191 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •