VARIoT IoT vulnerabilities database

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read. Huawei A vulnerability related to input validation exists in smartphone products.Information is obtained and service operation is interrupted (DoS) It may be in a state

There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. Huawei Smartphone products have unspecified vulnerabilities.Information may be obtained

There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of Service Attacks. Huawei Smartphones have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion. Huawei A vulnerability related to lack of freeing memory after expiration exists in smartphone products.Service operation interruption (DoS) It may be in a state

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart. Huawei A vulnerability related to input validation exists in smartphone products.Service operation interruption (DoS) It may be in a state

KingView is an industrial automation configuration software produced by Beijing Yakong Technology Development Co., Ltd. There is a binary vulnerability in KingView, which can be exploited by an attacker to cause the program to crash.

TOTOLINK EX200 is a wireless extender. TOTOLINK EX200 has a command execution vulnerability, which can be exploited by an attacker to gain control of the server.

In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability. Canon LBP223 A weak password requirement vulnerability exists in the printer.Service operation interruption (DoS) It may be in a state. Canon LBP223 is a printer of Canon (Canon) in Japan

The WOOCS WordPress plugin before 1.3.7.1 does not sanitise and escape the key parameter of the woocs_update_profiles_data AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected cross-Site Scripting issue. WordPress for WOOCS A cross-site scripting vulnerability exists in the plugin.Information may be obtained and information may be tampered with

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables. plural Snapdragon A reachable assertion vulnerability exists in the product.Service operation interruption (DoS) It may be in a state

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains an exceptional state handling vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT. plural Qualcomm A reachable assertion vulnerability exists in the product.Service operation interruption (DoS) It may be in a state

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a usage of freed memory vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music. plural Qualcomm The product contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state