Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

194 matches found

securityvulns
securityvulnsadded 2011/08/12 12:0 a.m.63 views

[security bulletin] HPSBGN02694 SSRT100586 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02937744 Version: 1 HPSBGN02694 SSRT100586 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon...

4.3CVSS0.7AI score0.01728EPSS
Exploits0
NVD
NVDadded 2011/08/11 10:55 p.m.18 views

CVE-2011-2408

Cross-site scripting XSS vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01463EPSS
Exploits0References2
NVD
NVDadded 2011/08/11 10:55 p.m.17 views

CVE-2011-2409

Cross-site scripting XSS vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01463EPSS
Exploits0References2
Prion
Prionadded 2011/08/11 10:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01463EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2011/08/11 10:55 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01463EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2011/08/11 10:0 p.m.46 views

CVE-2011-2408

CVE-2011-2408 affects HP webOS 3.x, specifically the Contacts application, where an XSS vulnerability exists in the Contacts UI before version 3.0.2. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. HP security bulletin HPSBGN02694 rev.1 notes affec...

4.3CVSS5.8AI score0.01463EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2011/08/11 10:0 p.m.22 views

CVE-2011-2408

Cross-site scripting XSS vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01463EPSS
Exploits0References2
Cvelist
Cvelistadded 2011/08/11 10:0 p.m.27 views

CVE-2011-2409

Cross-site scripting XSS vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01463EPSS
Exploits0References2
CVE
CVEadded 2011/08/11 10:0 p.m.47 views

CVE-2011-2409

The CVE-2011-2409 issue affects HP webOS Calendar on HP Palm webOS 3.x prior to 3.0.2. The vulnerability is a Cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Reported impact indicates potential for arbitrary HTML/JavaScr...

4.3CVSS5.8AI score0.01463EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2011/05/13 5:5 p.m.17 views

CVE-2011-1737

Multiple cross-site scripting XSS vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.01728EPSS
Exploits0References3
NVD
NVDadded 2011/05/13 5:5 p.m.15 views

CVE-2011-1738

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit PDK applications, which allows local users to gain privileges by leveraging unintended filesystem write access...

7.2CVSS6.6AI score0.00488EPSS
Exploits0References3
Prion
Prionadded 2011/05/13 5:5 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01728EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2011/05/13 5:5 p.m.10 views

Design/Logic Flaw

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit PDK applications, which allows local users to gain privileges by leveraging unintended filesystem write access...

7.2CVSS7.1AI score0.00488EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2011/05/13 5:0 p.m.41 views

CVE-2011-1737

CVE-2011-1737 involves the HP/Palm webOS Email application (versions 1.4.5 and 1.4.5.1). The vulnerability is described as multiple XSS flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affects the HP Palm webOS Email component; CVSS 2.0 base score ...

4.3CVSS5.8AI score0.01728EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2011/05/13 5:0 p.m.42 views

CVE-2011-1738

HP Palm webOS 1.4.5 and 1.4.5.1 are affected by CVE-2011-1738 due to improper restriction of Plug-in Development Kit (PDK) applications, enabling local privilege escalation via unintended filesystem write access. The root cause is insufficient access controls on PDK apps, allowing local users to ...

7.2CVSS6.8AI score0.00488EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2011/05/13 5:0 p.m.20 views

CVE-2011-1737

Multiple cross-site scripting XSS vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score0.01728EPSS
Exploits0References3
Cvelist
Cvelistadded 2011/05/13 5:0 p.m.19 views

CVE-2011-1738

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit PDK applications, which allows local users to gain privileges by leveraging unintended filesystem write access...

6.6AI score0.00488EPSS
Exploits0References3
securityvulns
securityvulnsadded 2011/05/13 12:0 a.m.27 views

HP Palm webOS security vulnerabilities

Crossite scripting, file system access...

7.2CVSS1AI score0.01728EPSS
Exploits0References1
securityvulns
securityvulnsadded 2011/05/13 12:0 a.m.50 views

[security bulletin] HPSBMI02632 SSRT100379 rev.1 - HP/Palm webOS, Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized File System Write Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02822174 Version: 1 HPSBMI02632 SSRT100379 rev.1 - HP/Palm webOS, Execution of Arbitrary Code, Denial of Service DoS, Unauthorized File System Write Access NOTICE: The information in this Securit...

7.2CVSS0.5AI score0.01728EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2011/04/19 7:55 p.m.1 views

CVE-2009-5071

Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file."...

10CVSS5.5AI score0.02352EPSS
Exploits0References2
Rows per page
Query Builder