VARIoT IoT vulnerabilities database

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart. Huawei A vulnerability related to input validation exists in smartphone products.Service operation interruption (DoS) It may be in a state

In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability. Canon LBP223 A weak password requirement vulnerability exists in the printer.Service operation interruption (DoS) It may be in a state. Canon LBP223 is a printer of Canon (Canon) in Japan

TOTOLINK EX200 is a wireless extender. TOTOLINK EX200 has a command execution vulnerability, which can be exploited by an attacker to gain control of the server.

KingView is an industrial automation configuration software produced by Beijing Yakong Technology Development Co., Ltd. There is a binary vulnerability in KingView, which can be exploited by an attacker to cause the program to crash.

The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape the key parameter of the woocs_update_profiles_data AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected cross-Site Scripting issue. WordPress for WOOCS A cross-site scripting vulnerability exists in the plugin.Information may be obtained and information may be tampered with

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables. plural Snapdragon A reachable assertion vulnerability exists in the product.Service operation interruption (DoS) It may be in a state

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains an exceptional state handling vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT. plural Qualcomm A reachable assertion vulnerability exists in the product.Service operation interruption (DoS) It may be in a state

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a usage of freed memory vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music. plural Qualcomm The product contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

H3C GR1108-P is a new generation of high-performance enterprise-class router launched by H3C. H3C GR1108-P has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end. HarmonyOS Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS Wearables is an electronic watch made by Huawei from the Chinese company Huawei

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow. plural Huawei Smartphone products contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS Wearables is an electronic watch made by Huawei from the Chinese company Huawei

The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality. HarmonyOS There is a vulnerability in improper default permissions.Information may be obtained. Huawei HarmonyOS Wearables is an electronic watch made by Huawei from the Chinese company Huawei