VARIoT IoT vulnerabilities database

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted file. Apple iOS, macOS Sierra, tvOS, and watchOS are all products of the US company Apple (Apple). Apple iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system; watchOS is a smart watch operating system. CoreText is one of the typesetting engine components. The following products and versions are affected: Apple iOS prior to 10.3.2; macOS Sierra prior to 10.12.5; tvOS prior to 10.2.1; watchOS prior to 3.2.2

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to bypass intended access restrictions (for iCloud user records) via a crafted app. Apple iOS is an operating system developed by Apple (Apple) for mobile devices

Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. plural Intel CPU The base platform contains access control vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. Intel 5th generation Intel Core Processors, etc. are different series of CPU (central processing unit) products of Intel Corporation of the United States. A local attacker could exploit this vulnerability to cause a denial of service. The following products are affected: Intel 5th, 6th, 7th, and 8th generation Intel Core Processors; Intel Pentium and Celeron Processor N3520, N2920, N28XX; Intel Atom Processor x7-Z8XXX and x5-8XXX Processor Family; Intel Pentium Processor J3710 and N37XX; Celeron Processor J3XXX; Intel Atom x5-E8000 Processor; Intel Pentium Processor J4205 and N4200; Intel Celeron Processor J3455, J3355, N3350 and N3450; Intel Atom Processor x7-E39XX Processor; Intel Xeon Scalable Processors; v4, v3, and v2 Family; Intel Xeon Phi Processor x200; Intel Xeon Processor D Family; Intel Atom Processor C Series

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that triggers prototype mishandling. in the United States. Apple Safari is a web browser that comes with the Mac OS X and iOS operating systems; iOS is an operating system developed for mobile devices; tvOS is a smart TV operating system. JavaScriptCore is one of the JavaScript core components. A security vulnerability exists in the JavaScriptCore component in Apple iOS versions prior to 10.3, Safari versions prior to 10.1, and tvOS versions prior to 10.2

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. AppleGraphicsControl is one of the integrated graphics drivers. A security vulnerability exists in the AppleGraphicsControl component in versions of Apple macOS Sierra prior to 10.12.6

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "DesktopServices" component. It allows local users to bypass intended access restrictions on home folder files. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. DesktopServices is one of the desktop service components. A security vulnerability exists in the DesktopServices component of Apple macOS High Sierra prior to 10.13

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Font Importer" component. It allows remote attackers to cause a denial of service (memory corruption) or obtain sensitive information from process memory via a crafted font. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. A security vulnerability exists in the Font Importer component of Apple macOS Sierra prior to 10.12.6

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Spotlight" component. It allows local users to see results for other users' files. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. Spotlight is one of the components used to search for files, programs, etc. in the system

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. Installer is one of the applications used to extract and install files from .pkg packages

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The following products and versions are affected: versions prior to macOS High Sierra 10.13; versions prior to watchOS 4; versions prior to tvOS 11; versions prior to iOS 11

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that performs kext loading. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. kext tools is one of the GUI tools for installing drivers. There is a security vulnerability in the kext tools component of Apple macOS High Sierra versions prior to 10.13. The vulnerability is caused by a logic error in the kext loading process

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. An attacker using a specially crafted application could exploit this vulnerability to learn what other applications are on the device

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "APNs" component. It allows man-in-the-middle attackers to track users by leveraging the transmission of client certificates. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. APNs is one of the push notification service components. APNs components in versions prior to Apple iOS 11 have security vulnerabilities

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The com.apple.packet-mangler of the Kernel component in the com.apple.Packetmangler file in several Apple products has a security vulnerability. The following products and versions are affected: Apple iOS prior to 11.4; macOS High Sierra prior to 10.13.5; tvOS prior to 11.4; watchOS prior to 4.3.1

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary apps via a crafted app. plural Apple A vulnerability exists in the kernel component of a product that can capture critical network activity information for an arbitrary application.An attacker could gain important network activity information for any application via a crafted application. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. An attacker using a specially crafted application could exploit this vulnerability to learn what other applications are on the device and how those applications are running. The following products and versions are affected: Apple macOS High Sierra versions prior to 10.13; watchOS versions prior to 4; versions prior to tvOS 11; versions prior to iOS 11

In OpenResty through 1.13.6.1, URI parameters are obtained using the ngx.req.get_uri_args and ngx.req.get_post_args functions that ignore parameters beyond the hundredth one, which might allow remote attackers to bypass intended access restrictions or interfere with certain Web Application Firewall (ngx_lua_waf or X-WAF) products. NOTE: the vendor has reported that 100 parameters is an intentional default setting, but is adjustable within the API. The vendor's position is that a security-relevant misuse of the API by a WAF product is a vulnerability in the WAF product, not a vulnerability in OpenResty. ** Unsettled ** This case has not been confirmed as a vulnerability. OpenResty Is SQL An injection vulnerability exists. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2018-9230Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (root) account with hard-coded credentials, giving attackers full control of affected devices. Moxa AWK-3131A Wireless Access Point is a wireless switch made by Moxa. An attacker could exploit this vulnerability to take complete control of the device

An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. A specially crafted packet can cause a device power cycle resulting in a fault state and deletion of ladder logic. An attacker can send one unauthenticated packet to trigger this vulnerability

An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality. ** Unsettled ** This case has not been confirmed as a vulnerability. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2018-9157Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The AXISM1033-W is a network camera product from Axis, Sweden

An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality. ** Unsettled ** This issue has not been confirmed as a vulnerability. Vendors are challenging this vulnerability. See below for details NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2018-9156Information is acquired, information is falsified, and denial of service (DoS) May be in a state. AXISP1354 is a network camera product from Axis, Sweden. A security vulnerability exists in AXISP1354 using firmware version 5.10.1.1, which stems from the unverified file type of the uploaded web page