VARIoT IoT vulnerabilities database

Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests to the server. Dell EMC SourceOne is an application software of Dell (Dell)

Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to out-of-bounds reading and a vulnerability related to array index validation.Information may be obtained

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to array index validation and a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile. plural Qualcomm The product contains an out-of-bounds read vulnerability.Information is obtained and denial of service (DoS) It may be put into a state

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a vulnerability related to information leakage.Information may be obtained

Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. plural Qualcomm The product contains a reachable assertion vulnerability.Denial of service (DoS) It may be put into a state

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a vulnerability related to information leakage.Information may be obtained

Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to out-of-bounds writing.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains an out-of-bounds read vulnerability.Information is obtained and denial of service (DoS) It may be put into a state

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains an out-of-bounds read vulnerability.Information is obtained and denial of service (DoS) It may be put into a state

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains an out-of-bounds read vulnerability.Information is obtained and denial of service (DoS) It may be put into a state

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains an out-of-bounds read vulnerability.Information is obtained and denial of service (DoS) It may be put into a state

SIMATIC S7-PLCSM is a PLC simulation software developed by Siemens. SIMATIC S7-PLCSM has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

SIMATIC S7-PLCSM is a PLC simulation software developed by Siemens. SIMATIC S7-PLCSM has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

EasyBuilder Pro is a configuration software developed by Weilun. EasyBuilder Pro has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.

SIMATIC S7-PLCSM is a PLC simulation software developed by Siemens. A binary vulnerability exists in SIMATIC S7-PLCSM, which can be exploited by an attacker to cause a denial of service.

SIMATIC S7-PLCSM is a PLC simulation software developed by Siemens. SIMATIC S7-PLCSM has a denial of service vulnerability, which can be exploited by an attacker to cause a denial of service.