Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4027 | 1 Hp | 1 Palm Webos | 2024-02-04 | 5.6 MEDIUM | N/A |
Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to overwrite arbitrary files via unknown vectors. | |||||
CVE-2010-4026 | 1 Hp | 1 Palm Webos | 2024-02-04 | 6.2 MEDIUM | N/A |
Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls. | |||||
CVE-2010-4109 | 1 Hp | 1 Palm Webos | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file. | |||||
CVE-2011-2409 | 1 Hp | 1 Palm Webos | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2010-4025 | 1 Hp | 1 Palm Webos | 2024-02-04 | 9.3 HIGH | N/A |
Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document. | |||||
CVE-2011-1737 | 1 Hp | 1 Palm Webos | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2011-1738 | 1 Hp | 1 Palm Webos | 2024-02-04 | 7.2 HIGH | N/A |
HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access. | |||||
CVE-2011-2408 | 1 Hp | 1 Palm Webos | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |