Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hp Subscribe
Filtered by product Palm Webos
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-2409 1 Hp 1 Palm Webos 2019-10-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2408 1 Hp 1 Palm Webos 2019-10-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4109 1 Hp 1 Palm Webos 2013-09-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
CVE-2011-1737 1 Hp 1 Palm Webos 2011-09-06 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-1738 1 Hp 1 Palm Webos 2011-09-06 7.2 HIGH N/A
HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.
CVE-2010-4026 1 Hp 1 Palm Webos 2010-11-10 6.2 MEDIUM N/A
Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls.
CVE-2010-4027 1 Hp 1 Palm Webos 2010-11-10 5.6 MEDIUM N/A
Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to overwrite arbitrary files via unknown vectors.
CVE-2010-4025 1 Hp 1 Palm Webos 2010-11-10 9.3 HIGH N/A
Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document.