Filtered by vendor Nokia
Subscriptions
Total
113 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5826 | 1 Nokia | 1 6131 Nfc | 2024-08-07 | N/A |
| The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to cause a denial of service (device crash) via (1) a large value in the payload length field in an NDEF record, or a certain length for a (2) tel: or (3) sms: NDEF URI. | ||||
| CVE-2008-5825 | 1 Nokia | 1 6131 Nfc | 2024-08-07 | N/A |
| The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers purchase of a ringtone. | ||||
| CVE-2008-5827 | 1 Nokia | 1 6131 Nfc | 2024-08-07 | N/A |
| The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag. | ||||
| CVE-2008-4135 | 2 Nokia, S60 | 3 E90 Communicator, N82, Symbian Os | 2024-08-07 | N/A |
| Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service (device crash) via multiple deauthentication (DeAuth) frames. | ||||
| CVE-2008-3553 | 2 Nokia, Sun | 2 Series 40, J2me | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2008-3552 | 1 Nokia | 1 Series 40 | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition FP1, and possibly later devices, allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 11-15." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2009-4975 | 1 Nokia | 1 Qtdemobrowser | 2024-08-07 | N/A |
| Cross-site scripting (XSS) vulnerability in webview.cpp in QtDemoBrowser allows remote attackers to inject arbitrary web script or HTML via a URL associated with a nonexistent domain name, related to a "universal XSS" issue, a similar vulnerability to CVE-2010-2536. | ||||
| CVE-2009-2538 | 1 Nokia | 4 N810 Internet Tablet, N82, N95 and 1 more | 2024-08-07 | N/A |
| The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
| CVE-2009-0734 | 1 Nokia | 1 Nokia Pc Suite | 2024-08-07 | N/A |
| Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file. | ||||
| CVE-2009-0649 | 1 Nokia | 2 N95, Symbian S60 Browser | 2024-08-07 | N/A |
| The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method. | ||||
| CVE-2011-1472 | 1 Nokia | 2 E75, E75 Firmware | 2024-08-06 | N/A |
| The Nokia E75 phone with firmware before 211.12.01 allows physically proximate attackers to bypass the Device Lock code by entering an unspecified button sequence at boot time. | ||||
| CVE-2012-2442 | 1 Nokia | 1 Pc Suite | 2024-08-06 | N/A |
| Buffer overflow in the Video Manager in Nokia PC Suite 7.1.180.64 and earlier allows remote attackers to cause a denial of service via a crafted mp4 file. | ||||
| CVE-2014-3809 | 1 Nokia | 6 1830 Photonic Service Switch-16, 1830 Photonic Service Switch-16 Firmware, 1830 Photonic Service Switch-32 and 3 more | 2024-08-06 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html. | ||||
| CVE-2015-6929 | 1 Nokia | 1 \@vantage Commander | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote attackers to inject arbitrary web script or HTML via the (1) idFilter or (2) nameFilter parameter to cftraces/filter/fl_copy.jsp; the (3) flName parameter to cftraces/filter/fl_crea1.jsp; the (4) serchStatus, (5) refreshTime, or (6) serchNode parameter to cftraces/process/pr_show_process.jsp; the (7) MaxActivationTime, (8) NumberOfBytes, (9) NumberOfTracefiles, (10) SessionName, or (11) serchSessionkind parameter to cftraces/session/se_crea.jsp; the (12) serchSessionDescription parameter to cftraces/session/se_show.jsp; the (13) serchApplication or (14) serchApplicationkind parameter to cftraces/session/tr_crea_filter.jsp; the (15) columKeyUnique, (16) columParameter, (17) componentName, (18) criteria1, (19) criteria2, (20) criteria3, (21) description, (22) filter, (23) id, (24) pathName, (25) tableName, or (26) component parameter to cftraces/session/tr_create_tagg_para.jsp; or the (27) userid parameter to home/certificate_association.jsp. | ||||
| CVE-2019-17404 | 1 Nokia | 1 Impact | 2024-08-05 | 4.3 Medium |
| Nokia IMPACT < 18A: allows full path disclosure | ||||
| CVE-2019-17403 | 1 Nokia | 1 Impact | 2024-08-05 | 8.8 High |
| Nokia IMPACT < 18A: An unrestricted File Upload vulnerability was found that may lead to Remote Code Execution. | ||||
| CVE-2019-17405 | 1 Nokia | 1 Impact | 2024-08-05 | 6.1 Medium |
| Nokia IMPACT < 18A: has Reflected self XSS | ||||
| CVE-2019-17406 | 1 Nokia | 1 Impact | 2024-08-05 | 5.3 Medium |
| Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743 | ||||
| CVE-2019-7386 | 2 Kaiostech, Nokia | 3 Kaios, 8810 4g, 8810 4g Firmware | 2024-08-04 | N/A |
| A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device. | ||||
| CVE-2021-45896 | 1 Nokia | 2 Fastmile, Fastmile Firmware | 2024-08-04 | 8.8 High |
| Nokia FastMile 3TG00118ABAD52 devices allow privilege escalation by an authenticated user via is_ctc_admin=1 to login_web_app.cgi and use of Import Config File. | ||||