VARIoT IoT vulnerabilities database

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Safari" component, which allows remote web servers to cause a denial of service via a crafted URL. Apple iOS is prone to an information-disclosure vulnerability and a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service condition or gain access to unauthorized information. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Safari is one of the web browser components

An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the IntelHD5000 kext. The issue lies in the failure to properly validate the existence of an object prior to performing operations on it. An attacker can leverage this vulnerability to escalate privileges under the context of the kernel. Apple macOS is prone to an arbitrary code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Versions prior to macOS 10.12 are vulnerable. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers

An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Mail" component, which allows remote web servers to cause a denial of service via a crafted URL. Apple OS X Emails that interfere with service operations (DoS) There are vulnerabilities that are put into a state.Remote Web Crafted by the server URL Through service disruption (DoS) There is a possibility of being put into a state. Apple macOS is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. Mail is one of the mail modules. A denial of service vulnerability exists in the Mail component of Apple macOS Sierra prior to 10.12

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "iTunes Backup" component, which improperly hashes passwords, making it easier to decrypt files. Apple iOS is prone to an information-disclosure vulnerability and a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service condition or gain access to unauthorized information. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. iTunes Backup is one of the components used to back up iTunes. An attacker could exploit this vulnerability to determine the backup password

Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. Samsung Note Device SystemUI Contains an integer overflow vulnerability. Vendors have confirmed this vulnerability SVE-2016-6906 It is released as. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. SamsungNote is a smartphone released by South Korea's Samsung. KK is a reactivation lock module that runs in it. Samsung Mobile Phones are prone to a denial-of-service vulnerability

ActiontecWCB3000N is a network card product of Actiontec Corporation of the United States, providing related network services. The ActiontecWCB3000N0.16.2.5 version has a privilege escalation vulnerability that an attacker can use to gain administrator privileges and execute arbitrary code.

"Shunwang Wireless" is a platform, hardware and software developed independently by Hangzhou Shunwang Technology Co., Ltd. It provides a complete WIFI solution product for WIFI hotspots such as Internet cafes, hotels, small and medium businesses. There is a remote arbitrary command execution vulnerability in the Shun network wireless intelligent controller. Allowing an attacker to execute arbitrary system commands without gaining access to the controller, posing a risk of information leakage.

I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors. Multiple network camera products provided by I-O DATA DEVICE, INC. contain an information disclosure vulnerability (CWE-200). Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Information such as authentication credentials may be disclosed by an attacker who can access the product. This may aid in further attacks

Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Multiple Corega wireless LAN routers contain a cross-site scripting vulnerability (CWE-79). Yutaka Kokubu and Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. and Shuya Ueki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary script may be executed on the user's web browser. CoregaCG-WLBARGMH and CG-WLBARGNL are wireless router products from Japan's Corega. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets. Multiple Huawei Product has a service disruption (DoS) There are vulnerabilities that are put into a state.An attacker could create a malformed MPLS Service interruption due to packet transmission (DoS) There is a possibility of being put into a state. Huawei S9700 is the S series switch of China Huawei. A denial of service vulnerability exists in several Huawei products due to the failure of the program to properly verify MultiprotocolLabelSwitching (MPLS) messages. Multiple Huawei products are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. The following products and versions are affected: Huawei S9700 V200R009C00 , V200R008C00 , V200R007C00 ; Huawei S9300 V200R009C00 , V200R008C00 , V200R007C00 ; Huawei S7700 V200R009C00 , V200R008C00 , V200R007C00 ; Huawei S6700 V200R009C00 , V200R008C00 , V200R005C00 , V200R003C00 , V200R002C00 , V200R001C01 , V200R001C00 ; Huawei S6300 V200R009C00 , V200R008C00 , V200R005C00 , V200R003C00 ; Huawei S5700 V200R009C00 , V200R008C00 , V200R007C00 , V200R005C00 , V200R003C00 , V200R002C00 , V200R001C00 ; Huawei S5300 V200R009C00 , V200R008C00 , V200R007C00 , V200R003C00 ; Huawei S12700 V200R009C00 , V200R008C00 , V200R007C01 , V200R007C00

Beijing Yuanwei Software Co., Ltd. Security Isolation Gateway is a multi-network security isolation system based on terminal virtualization technology and network virtualization technology. There are several command execution vulnerabilities in the security isolation gateway of Beijing Yuanwei Software Co., Ltd. An attacker exploits a vulnerability executable system command to obtain sensitive information, which in turn provides administrator privileges.

IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference#: 213457065. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

Unrestricted file upload vulnerability in the Blog appearance in the "Install or upgrade manually" module in Dotclear through 2.10.4 allows remote authenticated super-administrators to execute arbitrary code by uploading a theme file with an zip extension, and then accessing it via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-434: Unrestricted Upload of File with Dangerous Type ( Unlimited upload of dangerous types of files ) Has been identified. Dotclear is a set of free PHP and MySQL-based blog publishing software developed by software developer Olivier Meunier. Dotclear is prone to an arbitrary file-upload vulnerability. Dotclear version 2.10.4 and prior are vulnerable

A Remote Command Execution Vulnerability was found in JP1/IT Desktop Management 2 - Manager and JP1/NETM/DM. Remote attackers might exploit this vulnerability to execute arbitrary commands.

Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended operations via unspecified vectors. CG-WLR300NX provided by Corega Inc is a wireless LAN router. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user views a malicious page while logged in, unintended operations may be performed. Corega CG-WLR300NX is prone to following security vulnerabilities: 1. A security bypass vulnerability 2. A cross-site request forgery vulnerability An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions or perform unauthorized actions. Other attacks may also be possible. Corega CG-WLR300NX 1.20 and prior are vulnerable. A remote attacker could exploit this vulnerability to perform unauthorized operations

Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors. CG-WLR300NX provided by Corega Inc is a wireless LAN router. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary script may be executed on the user's web browser. Corega CG-WLR300NX is prone to following security vulnerabilities: 1. A security bypass vulnerability 2. A cross-site request forgery vulnerability An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions or perform unauthorized actions. Other attacks may also be possible. Corega CG-WLR300NX 1.20 and prior are vulnerable

Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors. CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX fails to restrict access permissions. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. Corega CG-WLR300NX is prone to following security vulnerabilities: 1. A security bypass vulnerability 2. A cross-site scripting vulnerability 3. A cross-site request forgery vulnerability An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions or perform unauthorized actions. Other attacks may also be possible. Corega CG-WLR300NX 1.20 and prior are vulnerable. A security vulnerability exists in the Corega CG-WLR300NX with firmware version 1.20 and earlier

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers may cause a denial of service (DoS) by way of a crafted TCP packet. plural F5 BIG-IP Product Traffic Management Microkernel (TMM) Contains an input validation vulnerability.Denial of service (DoS) May be in a state. Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. F5 BIG-IP LTM, etc. are all products of F5 Company in the United States. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. The following products and versions are affected: F5 BIG-IP LTM version 11.6.0 to version 11.6.0 HF6, version 11.5.0 to version 11.5.3 HF2, version 11.3.0 to version 11.4.1 HF10; AAM version 11.6.0 to 11.6.0 HF6, 11.5.0 to 11.5.3 HF2, 11.3.0 to 11.4.1 HF10; AFM 11.6.0 to 11.6.0 HF6, 11.5.0 to 11.5.3 HF2 Versions, 11.3.0 to 11.4.1 HF10; APM11.6.0 to 11.6.0 HF6, 11.5.0 to 11.5.3 HF2, 11.3.0 to 11.4.1 HF10; ASM 11.6.0 Version to 11.6.0 HF6, 11.5.0 to 11.5.3 HF2, 11.3.0 to 11.4.1 HF10; GTM 11.6.0 to 11.6.0 HF6, 11.5.0 to 11.5.3 HF2 version, 11.3.0 to 11.4.1 HF10 version; Link Controller 11.6.0 to 11.6.0 HF6 version, 11.5.0 to 11.5.3 HF2 version, 11.3.0 to 11.4.1 HF10 version; PEM 11.6.0 to 11.6.0 HF6, 11.5.0 to 11.5.3 HF2, 11.3.0 to 11.4.1 HF10; PSM 11.3.0 to 11.4.1 HF10; WebSafe 11.6.0 to version 11.6.0 HF6

Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853. Samsung MobilePhone is a smartphone released by South Korea's Samsung. An information disclosure vulnerability and a denial of service vulnerability exist in Samsung MobilePhone. An attacker could exploit these vulnerabilities to gain denial of service or access to unauthorized information

The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736. Samsung MobilePhone is a smartphone released by South Korea's Samsung. An information disclosure vulnerability and a denial of service vulnerability exist in Samsung MobilePhone. An attacker could exploit these vulnerabilities to gain denial of service or access to unauthorized information