VARIoT IoT vulnerabilities database

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. Moxa MXview Network Management The software has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. (DoS) It may be in a state

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. Moxa MXview Network Management An incorrect authentication vulnerability exists in the software.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues. HarmonyOS for, SQL There is an injection vulnerability.Information may be obtained

Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks. HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. HarmonyOS There is a vulnerability related to information leakage.Information may be obtained

Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class. HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed. HarmonyOS Exists in a past traversal vulnerability.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS. The vulnerability is due to a vulnerability in a component of HarmonyOS that is not strict enough for uri verification. Attackers can exploit this vulnerability to cause directory attack traversal, affecting confidentiality

Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected. HarmonyOS There is a vulnerability related to information leakage.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS. The vulnerability stems from the lack of input validation in a component of HarmonyOS. An attacker could exploit this vulnerability to compromise confidentiality

Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash. HarmonyOS Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed. HarmonyOS There is an input validation vulnerability in.Information is obtained and service operation is interrupted (DoS) It may be in a state

Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications. HarmonyOS Exists in a permission management vulnerability.Information may be obtained and information may be tampered with. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in a component of Huawei HarmonyOS. Attackers can exploit this vulnerability to cause abnormal system functions

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure. HarmonyOS There is a vulnerability related to information leakage.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in a component of Huawei HarmonyOS. An attacker could exploit this vulnerability to obtain the IMSI by bypassing the necessary permissions

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission. HarmonyOS Exists in a past traversal vulnerability.Information may be tampered with

HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file. HarmonyOS Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in a component of Huawei HarmonyOS

Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components. HarmonyOS There is a race condition vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in a component of Huawei HarmonyOS. An attacker could exploit this vulnerability to compromise confidentiality

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion. Huawei Smartphone products are vulnerable to resource allocation without limits or throttling.Service operation interruption (DoS) It may be in a state

Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. HarmonyOS Exists in a vulnerability in externally controllable references to resources in another region.Information may be obtained

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. plural Huawei Smartphone products have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in a component of Huawei HarmonyOS

HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity. HarmonyOS There is a code injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state