Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202202-0509 CVE-2021-0177 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper Validation of Consistency within input in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0508 CVE-2021-0178 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0507 CVE-2021-0179 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper Use of Validation Framework in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0506 CVE-2021-0176 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 2.1
CVSS V3: 4.4
Severity: MEDIUM
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0504 CVE-2021-0183 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper Validation of Specified Index, Position, or Offset in Input in software for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0503 CVE-2021-0173 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper Validation of Consistency within input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0502 CVE-2021-0162 Intel(R) PROSet/Wireless Wi-Fi  and  Killer(TM) Wi-Fi  Vulnerability related to input validation in software for CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
Improper input validation in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. (DoS) It may be in a state
VAR-202202-0500 CVE-2021-0172 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0499 CVE-2021-0165 Intel(R) PROSet/Wireless Wi-Fi  and  Killer(TM) Wi-Fi  input validation vulnerability in firmware for CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi firmware contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0497 CVE-2021-0174 plural  Intel(R) PROSet/Wireless Wi-Fi  products and  Killer(TM) Wi-Fi  Product input verification vulnerabilities CVSS V2: 3.3
CVSS V3: 6.5
Severity: MEDIUM
Improper Use of Validation Framework in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access. plural Intel(R) PROSet/Wireless Wi-Fi products and Killer(TM) Wi-Fi The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202202-0496 CVE-2021-0072 Intel(R) PROSet/Wireless Wi-Fi  and  Killer(TM) Wi-Fi  input validation vulnerability in firmware for CVSS V2: 2.1
CVSS V3: 5.5
Severity: MEDIUM
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable information disclosure via local access. Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi firmware contains an input validation vulnerability.Information may be obtained
VAR-202202-0495 CVE-2021-0168 plural  Intel(R) PROSet/Wireless Wi-Fi  and  Killer(TM) Wi-Fi  for   Firmware Input Validation Vulnerability CVSS V2: 4.6
CVSS V3: 6.7
Severity: MEDIUM
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access. plural Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi for There is an input validation vulnerability in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202202-1377 CVE-2021-43926 Synology DiskStation Manager  In  SQL  Injection vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors. Synology DiskStation Manager (DSM) for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202202-0588 CVE-2021-43927 Synology DiskStation Manager  In  SQL  Injection vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Security Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors. Synology DiskStation Manager (DSM) for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202202-0587 CVE-2022-22679 Synology DiskStation Manager  Past traversal vulnerability in CVSS V2: 4.0
CVSS V3: 4.9
Severity: MEDIUM
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in support service management in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspecified vectors. Synology DiskStation Manager (DSM) Exists in a past traversal vulnerability.Information may be tampered with
VAR-202202-0590 CVE-2021-43925 Synology DiskStation Manager  In  SQL  Injection vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors. Synology DiskStation Manager (DSM) for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202202-1375 CVE-2021-43929 Synology DiskStation Manager  Injection vulnerability in CVSS V2: 4.0
CVSS V3: 5.4
Severity: MEDIUM
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in work flow management in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Synology DiskStation Manager (DSM) There is an injection vulnerability in.Information may be tampered with
VAR-202202-0589 CVE-2022-22680 Synology DiskStation Manager  Vulnerability in CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors. Synology DiskStation Manager (DSM) Exists in unspecified vulnerabilities.Information may be obtained
VAR-202202-1376 CVE-2021-43928 Synology Mail Station  In  OS  Command injection vulnerability CVSS V2: 6.5
CVSS V3: 8.8
Severity: HIGH
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in mail sending and receiving component in Synology Mail Station before 20211105-10315 allows remote authenticated users to execute arbitrary commands via unspecified vectors. (DoS) It may be in a state
VAR-202202-0164 CVE-2022-22931 Apache James  Past traversal vulnerability in CVSS V2: 4.0
CVSS V3: 4.3
Severity: MEDIUM
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the username being used). Apache James contains a path traversal vulnerability. This vulnerability is CVE-2021-40525 This is a vulnerability caused by an incomplete fix for.Information may be obtained