VARIoT IoT vulnerabilities database

Meizu 16s pro is a smart phone produced by Zhuhai Meizu Technology Co., Ltd. Meizu 16s pro has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications. MagicMotion Flamingo is a wearable vibrator produced by MagicMotion company in China. Attackers can use this vulnerability to make it read by other applications

OnePlus 8T is a smart phone. OnePlus8T has an information disclosure vulnerability. Attackers can use to obtain sensitive user information.

MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. MagicMotion Flamingo 2 There is a vulnerability in the lack of encryption of critical data.Information may be obtained. MagicMotion Flamingo is a wearable vibrator produced by MagicMotion company in China. Attackers can use this vulnerability to sniff data and forge data packets

5MP Network Camera is a camera product. Finetree 5MP Network Camera has a logic flaw vulnerability, which can be exploited by attackers to obtain sensitive information.

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors. MagicMotion Flamingo 2 There is a vulnerability related to information leakage.Information may be obtained. MagicMotion Flamingo is a wearable vibrator produced by MagicMotion company in China

RG-UAC 6000-ISG series video surveillance security gateway is a video surveillance network security reinforcement product independently developed by Ruijie Networks. The RG-UAC 6000-ISG video access security gateway has a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Finetree-5MP-Network-Camera is a network camera. Unauthorized access vulnerability exists in Finetree-5MP-Network-Camera. Attackers can use this vulnerability to obtain sensitive information.

Dell is known for its production, design, and sales of home and office computers, but it is also involved in the high-end computer market, producing and selling servers, data storage equipment, and network equipment. Many Dell printers have unauthorized access vulnerabilities. Attackers can use vulnerabilities to obtain sensitive information and perform unauthorized operations.

Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of files and folders. The offering includes Wyse endpoint centralized management, asset tracking and automatic device discovery

Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, and storage. Ruijie Networks Co., Ltd. EG Easy Gateway has a file upload vulnerability. Attackers can use this vulnerability to gain control of the server.

Guangzhou Tongjucheng Electronic Technology Co., Ltd. is a "TGS-AGW" series of security gateway products with independent intellectual property rights. It has stable performance and powerful functions. It has passed the authority certification of public information network security; products also include WIFI wireless products and switching networks Products, network security products, etc. The TGS-AGW gateway of Guangzhou Tongjucheng Electronic Technology Co., Ltd. has a weak password vulnerability. Attackers can use the vulnerability to obtain sensitive information.

Bihaiwei L7 Cloud Road Wireless Operation Edition is a dedicated network equipment customized for commercial wireless managers such as hotels, resorts, shopping malls and stations. The device has multiple functions such as routing, firewall, flow control, wireless AC controller, and WeChat authentication. Bihaiwei L7 cloud router wireless operation version has command execution vulnerabilities. Attackers can use this vulnerability to execute arbitrary system commands on the device and obtain device permissions.

Ruijie Networks Co., Ltd. is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, and storage. Ruijie Networks Co., Ltd. EG Easy Gateway has a logic flaw vulnerability. Attackers can use this vulnerability to delete arbitrary files on the server.

Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). MikroTik RouterOS is a Linux-based router operating system developed by Latvian MikroTik Company. The system can be deployed in a PC so that it provides router functionality

The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path

A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The DL180CoolType.dll library in affected applications lacks proper validation of user-supplied data when parsing PDF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13380). JT2Go and Teamcenter Visualization There is an input verification vulnerability and an out-of-bounds write vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-13380 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PDF files

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Gif_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13024). JT2Go and Teamcenter Visualization There is an input verification vulnerability and an out-of-bounds write vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-13024 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of GIF files