Known Vulnerabilities for products from Blackberry
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Blackberry".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Blackberry can be found at device.report : Blackberry
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-32025 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-03-10 | 2022-07-12 |
| CVE-2021-32024 | A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attac... | 9.8 - CRITICAL | 2021-12-13 | 2022-02-08 |
| CVE-2021-32023 | An elevation of privilege vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and ... | 7.8 - HIGH | 2021-11-10 | 2022-07-12 |
| CVE-2021-32022 | A low privileged delete vulnerability using CEF RPC server of BlackBerry Protect for Windows version(s) versions 1574 and ear... | 5.5 - MEDIUM | 2021-11-10 | 2021-11-16 |
| CVE-2021-32021 | A denial of service vulnerability in the message broker of BlackBerry Protect for Windows version(s) versions 1574 and earlie... | 7.8 - HIGH | 2021-11-10 | 2021-11-16 |
| CVE-2021-22156 | An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX ... | 9.8 - CRITICAL | 2021-08-17 | 2021-08-30 |
| CVE-2021-22155 | An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Ap... | 8.8 - HIGH | 2021-05-13 | 2022-06-28 |
| CVE-2021-22154 | An Information Disclosure vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earl... | 5.3 - MEDIUM | 2021-05-13 | 2022-07-12 |
| CVE-2021-22153 | A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlie... | 7.3 - HIGH | 2021-05-13 | 2021-05-21 |
| CVE-2021-22152 | A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM vers... | 5.5 - MEDIUM | 2021-05-13 | 2021-05-21 |
| CVE-2020-36486 | Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'pat... | 6.1 - MEDIUM | 2021-10-22 | 2021-10-26 |
| CVE-2020-11652 | An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class al... | 6.5 - MEDIUM | 2020-04-30 | 2022-05-03 |
| CVE-2020-6933 | An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), ... | 5.5 - MEDIUM | 2020-10-14 | 2020-10-29 |
| CVE-2020-6932 | An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software De... | 9.8 - CRITICAL | 2020-08-12 | 2021-07-21 |
| CVE-2020-1938 | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat tr... | 9.8 - CRITICAL | 2020-02-24 | 2023-11-07 |
| CVE-2019-9506 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does no... | 8.1 - HIGH | 2019-08-14 | 2021-11-04 |
| CVE-2019-8999 | An XML External Entity vulnerability in the UEM Core of BlackBerry UEM version(s) earlier than 12.10.1a could allow an attack... | 7.5 - HIGH | 2019-04-18 | 2019-04-19 |
| CVE-2019-8998 | An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc... | 7.8 - HIGH | 2019-07-12 | 2021-07-21 |
| CVE-2019-8997 | An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier ... | 5.9 - MEDIUM | 2019-03-21 | 2019-04-02 |
| CVE-2018-8892 | A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 co... | 6.5 - MEDIUM | 2018-12-20 | 2019-01-03 |
Known software with vulnerabilities from Blackberry
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Blackberry | Athoc | 7.6_hf-567 |
| Application | Blackberry | Blackberry Enterprise Service | 10.0 |
| Application | Blackberry | Blackberry Link | 1.0.1.12 |
| Operating System | Blackberry | Blackberry Os | 10.0 |
| Operating System | Blackberry | Blackberry Playbook Os | 2.1 |
| Application | Blackberry | Blackberry Universal Device Service | 6.0 |
| Application | Blackberry | Blackberry World | 5.0.0.261 |
| Application | Blackberry | Enterprise Mobility Server | - |
| Application | Blackberry | Enterprise Server | 4.1.7 |
| Application | Blackberry | Enterprise Server Express | 5.0.4 |
| Application | Blackberry | Good Control Server | 2.2.511.26 |
| Application | Blackberry | Mobile Device Manager | - |
| Application | Blackberry | Qnx Momentics | 6.2.0 |
| Application | Blackberry | Qnx Momentics Tool Suite | 4.5 |
| Operating System | Blackberry | Qnx Neutrino Rtos | 6.4.1 |
| Application | Blackberry | Qnx Software Development Platform | - |
| Application | Blackberry | Unified Endpoint Manager | 12.5 |
| Hardware | Blackberry | Z10 | - |