This page aggregates publicly disclosed CVE and security risk information related to palm, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2007-4213 | Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of service (device reset or hang) via a flood of large ICMP echo requests. NOTE: this is probably a different vulnerability than CVE-2003-0293. | [email protected] | 7.1 | 2.34% | 2007-08-21 | 2026-04-23 |
| CVE-2007-0859 | The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys. | [email protected] | 2.1 | 0.11% | 2007-02-16 | 2026-04-23 |
| CVE-2006-6286 | Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 1.7 | 0.05% | 2006-12-04 | 2026-04-23 |
| CVE-2003-0293 | PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets. | [email protected] | 5.0 | 4.01% | 2003-06-16 | 2026-04-16 |
| CVE-2002-0120 | Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information. | [email protected] | 2.1 | 0.10% | 2002-03-25 | 2026-04-16 |
| CVE-2002-0116 | Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap. | [email protected] | 5.0 | 0.76% | 2002-03-25 | 2026-04-16 |
| CVE-2001-1438 | Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image. | [email protected] | 5.0 | 1.05% | 2001-10-22 | 2026-04-16 |
| CVE-2001-0157 | Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled. | [email protected] | 4.6 | 0.08% | 2001-06-02 | 2026-04-16 |
| CVE-2000-1008 | PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | [email protected] | 4.6 | 0.49% | 2000-12-11 | 2026-04-16 |