Lucene search
K

60 matches found

CVE
CVE
added 2023/09/12 6:18 p.m.63 views

CVE-2023-21521

CVE-2023-21521 describes an SQL Injection in the BlackBerry AtHoc 7.15 Management Console (Operator Audit Trail). The affected component is the Management Console’s operator audit trail feature, where user-supplied input can be interpreted as SQL, enabling an attacker to read data from the databa...

7.2CVSS7.4AI score0.0049EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.6 views

BlackBerry AtHoc Security Vulnerability

BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15 that stems from a vulnerability that allows an attacker t...

5.3CVSS6.9AI score0.00406EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/12 12:0 a.m.4 views

PT-2023-18277 · Blackberry · Blackberry Athoc

Name of the Vulnerable Software and Affected Versions: BlackBerry AtHoc version 7.15 Description: An SQL Injection issue in the Management Console Operator Audit Trail could allow an attacker to read sensitive data from the database, modify database data, execute administration operations on the...

7.2CVSS7.5AI score0.0049EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.6 views

BlackBerry AtHoc SQL Injection Vulnerability

BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a SQL injection vulnerability in the...

7.2CVSS7.8AI score0.0049EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/12 12:0 a.m.4 views

PT-2023-18278 · Blackberry · Blackberry Athoc

Name of the Vulnerable Software and Affected Versions: BlackBerry AtHoc version 7.15 Description: A Reflected Cross-site Scripting XSS vulnerability in the Management Console Reports could allow an attacker to control a script executed in the victim's browser, enabling them to execute script...

6.1CVSS6.2AI score0.00313EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.6 views

BlackBerry AtHoc Cross-Site Scripting Vulnerability

BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a stored cross-site scripting XSS...

5.4CVSS6AI score0.003EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.6 views

BlackBerry AtHoc Cross-Site Scripting Vulnerability

BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a Reflective Cross-Site Scripting XSS...

6.1CVSS6.1AI score0.00313EPSS
Exploits0References3
OSV
OSV
added 2019/03/21 6:29 p.m.5 views

CVE-2019-8997

An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...

5.9CVSS6.3AI score0.02317EPSS
Exploits0References1
NVD
NVD
added 2019/03/21 6:29 p.m.14 views

CVE-2019-8997

An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...

5.9CVSS5.8AI score0.02317EPSS
Exploits0References1
Prion
Prion
added 2019/03/21 6:29 p.m.12 views

Xxe

An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...

4.3CVSS5.9AI score0.02317EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/21 5:12 p.m.18 views

CVE-2019-8997

An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...

5.8AI score0.02317EPSS
Exploits0References1
CVE
CVE
added 2019/03/21 5:12 p.m.55 views

CVE-2019-8997

CVE-2019-8997 describes an XML External Entity (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567. An attacker could craft XML in an existing field to read arbitrary local files on the application server or cause outbound requests on the ne...

5.9CVSS5.8AI score0.02317EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-0187

Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name...

7.5CVSS8AI score0.0317EPSS
Exploits0References5
CVE
CVE
added 2005/02/06 5:0 a.m.41 views

CVE-2005-0187

CVE-2005-0187 describes a stack-based buffer overflow in the SetSkin function of the AtHoc toolbar. The vulnerability allows remote attackers to execute arbitrary code by supplying a long skin name, indicating a remote code execution risk via the affected component. The documents identify the aff...

7.5CVSS8.4AI score0.0317EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/02/06 5:0 a.m.45 views

CVE-2005-0188

CVE-2005-0188 concerns a format-string vulnerability in the SetBaseURL function of the AtHoc toolbar. The issue allows remote attackers to execute arbitrary code by supplying an invalid URL that is recorded in the debug log, leveraging format specifiers. Public references in NVD/CVE records indic...

7.5CVSS8AI score0.02688EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.20 views

CVE-2005-0188

Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...

7.7AI score0.02688EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/01/20 12:0 a.m.33 views

Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c)

NGSSoftware Insight Security Research Advisory Name: Multiple Vulnerabilities in the AtHoc Toolbar For MSIE Systems Affected: AtHoc Toolbar for MSIE Severity: High Vendor URL: http://www.athoc.com/site/products/toolbar.asp Author: Mark Litchfield [email protected] John Heasman...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/01/20 12:0 a.m.43 views

Multiple AtHoc toolbar bugs

Buffer overflows, format string bugs in ActiveX components...

3.1AI score
Exploits0References2
securityvulns
securityvulns
added 2004/10/07 12:0 a.m.36 views

Patch available for high risk flaws in the AtHoc Toolbar

Mark Litchfield and John Heasman of NGSSoftware have discovered two high risk vulnerabilities in the AtHoc Toolbar. The AtHoc toolbar is a plugin for Microsoft's Internet Explorer. The toolbar is redistributed to users of eBay Accenture ThomasRegister ThomasRegional Juniper Networks WiredNews...

7.8AI score
Exploits0
NVD
NVD
added 2004/10/06 4:0 a.m.11 views

CVE-2005-0188

Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...

7.5CVSS7.7AI score0.02688EPSS
Exploits0References5
Rows per page
Query Builder