VARIoT IoT vulnerabilities database

In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231983References: N/A. Google of Android Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smart phone of Google (Google). Google Pixel has a buffer overflow vulnerability. An attacker can exploit this vulnerability to remotely execute arbitrary code

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone. Huawei of HarmonyOS There is an authentication vulnerability in.Service operation interruption (DoS) It may be in a state

In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222166527. Google of Android Exists in a vulnerability related to the use of freed memory.Information may be obtained. Google Pixel is a smartphone of Google (Google). A remote attacker could exploit this vulnerability to cause a denial of service (disk consumption and massive notifications) with a series of requests with malformed parameters

The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting. Huawei of HarmonyOS and EMUI Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. Huawei of HarmonyOS and EMUI Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. APQ8009 firmware, APQ8017 firmware, APQ8037 Unspecified vulnerabilities exist in multiple Qualcomm products, including firmware.Service operation interruption (DoS) It may be in a state

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A. Google of Android Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smart phone of Google (Google). Google Pixel has a buffer overflow vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code

Infinova is the world's leading manufacturer of electronic security products and provider of industry solutions. VH121-A2 of Shenzhen Infinitor Technology Co., Ltd. has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. Huawei of HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. Huawei of HarmonyOS and EMUI Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI). Microsoft's Windows Firewall Unspecified vulnerabilities exist in products from multiple vendors.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions. Huawei of HarmonyOS and EMUI Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of HarmonyOS and EMUI Exists in unspecified vulnerabilities.Information may be obtained

Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality

Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. Huawei of HarmonyOS and EMUI Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233605242. Google of Android Exists in observable mismatch vulnerabilities.Information may be obtained. Google Pixel is a smartphone made by the American company Google. Google Pixel has security flaw. An attacker can exploit this vulnerability to cause information leakage

Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message

Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of "fopen" system function with the mode "wb" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. APQ8009 firmware, APQ8017 firmware, AR8031 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state

In Wi-Fi, there is a possible memory access violation due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441637; Issue ID: ALPS07441637.