VARIoT IoT vulnerabilities database
| VAR-202111-1583 | CVE-2021-37035 | Huawei Vulnerabilities in smartphones |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. Huawei Smartphones have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Huawei Emui is a mobile operating system developed based on Android. Magic Ui is a mobile operating system developed based on Android. There are remote DoS vulnerabilities in Huawei Emui and Magic UI
| VAR-202111-1458 | CVE-2021-21561 | Dell PowerScale OneFS Vulnerability regarding information leakage from log files in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files
| VAR-202111-1455 | CVE-2021-36314 | Dell EMC CloudLink Vulnerability in |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. A remote unauthenticated attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary files on the end user system. Dell EMC CloudLink Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202111-1454 | CVE-2021-36332 | Dell EMC CloudLink Open redirect vulnerability in |
CVSS V2: 4.9 CVSS V3: 5.4 Severity: MEDIUM |
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, directing end user to arbitrary and potentially malicious websites. Dell EMC CloudLink Exists in an open redirect vulnerability.Information may be obtained and information may be tampered with
| VAR-202111-1453 | CVE-2021-36333 | Dell EMC CloudLink Classic buffer overflow vulnerability in |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerability, leading to an application crash
| VAR-202111-1452 | CVE-2021-36334 | Dell EMC CloudLink In CSV Vulnerability in neutralizing math elements in files |
CVSS V2: 6.0 CVSS V3: 6.8 Severity: MEDIUM |
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to arbitrary code execution on end user machine. Dell EMC CloudLink for, CSV A vulnerability exists regarding the neutralization of formula elements in files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Dell Emc CloudLink is a flexible data encryption and key management solution from Dell. For data encryption in public, private, and hybrid cloud environments
| VAR-202111-1451 | CVE-2021-36335 | Dell EMC CloudLink Input verification vulnerability in |
CVSS V2: 6.5 CVSS V3: 8.8 Severity: HIGH |
Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, leading to execution of arbitrary files on the server. (DoS) It may be in a state
| VAR-202111-1434 | CVE-2021-36312 | Dell EMC CloudLink Vulnerability related to the use of hard-coded passwords in |
CVSS V2: 8.5 CVSS V3: 9.1 Severity: CRITICAL |
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system. Dell EMC CloudLink contains a vulnerability related to the use of hardcoded passwords.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202111-1433 | CVE-2021-36313 | Dell EMC CloudLink In OS Command injection vulnerability |
CVSS V2: 9.0 CVSS V3: 7.2 Severity: HIGH |
Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity. (DoS) It may be in a state
| VAR-202111-0948 | CVE-2021-37026 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202111-0884 | CVE-2021-37003 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202111-0883 | CVE-2021-37004 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202111-0882 | CVE-2021-37005 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202111-0877 | CVE-2021-37006 | Huawei Improper Retention of Permissions Vulnerability in Smartphones |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the confidentiality of users is affected. Huawei Smartphones contain a permission impropriety retention vulnerability.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a permission configuration vulnerability in Huawei HarmonyOS. Attackers can exploit this vulnerability to affect user privacy
| VAR-202111-0876 | CVE-2021-37017 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202111-0875 | CVE-2021-37018 | Huawei Vulnerabilities in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Data Processing Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Huawei Emui is a mobile operating system developed based on Android. Magic Ui is a mobile operating system developed based on Android
| VAR-202111-0874 | CVE-2021-37019 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state
| VAR-202111-0873 | CVE-2021-37022 | Huawei Out-of-Bounds Write Vulnerability in Smartphones |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root permission which can be escalated. Huawei Smartphones have an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system
| VAR-202111-0872 | CVE-2021-37023 | Huawei Path Traversal Vulnerability in Smartphones |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network.. Huawei Smartphones have a path traversal vulnerability.Information may be obtained and information may be tampered with
| VAR-202111-0871 | CVE-2021-37024 | Huawei Input validation vulnerability in smartphones |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash. Huawei Smartphones contain a vulnerability related to input validation.Service operation interruption (DoS) It may be in a state