VARIoT IoT vulnerabilities database

Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product is vulnerable to integer overflow.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have input validation error vulnerabilities, which are caused by integer multiplication overflow buffer size allocation and memory access out of bounds

Out of bound memory access while processing frames due to lack of check of invalid frames received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a vulnerability related to out-of-bounds writing.Denial of service (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have buffer error vulnerabilities, which are caused by not checking the received invalid frames when processing frames

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a vulnerability in accessing uninitialized pointers.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have buffer error vulnerabilities, which originate from uninitialized heap memory, and use incorrect bitstreams to access uninitialized pointers during music playback

Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains a vulnerability related to out-of-bounds writing.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have buffer error vulnerabilities. The vulnerabilities are caused by incorrect verification when playing music. ALAC modified the content, causing memory access out of bounds

Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. plural Qualcomm The product contains an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have buffer error vulnerabilities. The vulnerability stems from the fact that the buffer of the audio driver is overread when the malloc management function is used because the memory requirement of zero size does not return NULL

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile. plural Qualcomm The product contains a double release vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers

Out of bound memory access in camera driver due to improper validation on data coming from UMD which is used for offset manipulation of pointer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have a buffer error vulnerability. The vulnerability stems from incorrect verification of data from UMD (used for pointer offset operations), which causes memory access in the camera driver to go out of range

Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a buffer error vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers

Nanjing Xindison Software Technology Co., Ltd. is a high-tech enterprise specializing in the development and sales of industrial control general configuration and embedded software. Nanjing Xindi Eco-God Windows Network Web version has an out-of-bounds access vulnerability. Attackers can use the vulnerability to cause a denial of service attack.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. ForceControl Technology ForceControl draw.exe has a denial of service vulnerability, which can be exploited by attackers to cause application crashes.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. ForceControl Technology ForceControl Web service catalog has arbitrary file download vulnerabilities. Attackers can use this vulnerability to obtain sensitive information.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. ForceControl Technology ForceControl httpsvr.exe has a buffer overflow vulnerability, which can be exploited by an attacker to cause a remote denial of service attack.

Nanjing Xindison Software Technology Co., Ltd. is a high-tech enterprise specializing in the development and sales of industrial control general configuration and embedded software. Nanjing Xindi Eco-God Windows Network Web version has a buffer overflow vulnerability. Attackers can use this vulnerability to cause a denial of service attack.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. ForceControl Technology ForceControl has a code injection vulnerability, which can be exploited by attackers to gain control of the server.

Nanjing Xindison Software Technology Co., Ltd. is a high-tech enterprise specializing in the development and sales of industrial control general configuration and embedded software. Nanjing Xindi Eco-God Windows Network Web version has a buffer overflow vulnerability. Attackers can use this vulnerability to cause a denial of service attack.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. ForceControl Technology ForceControl has a denial of service vulnerability, attackers can use this vulnerability to cause the software to crash and restart.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. Forcecontrol Technology Forcecontrol has an information disclosure vulnerability, which can be exploited by attackers to obtain sensitive information.

Forcecontrol is a monitoring configuration software, mainly used for data acquisition and monitoring control. Forcecontrol Technology Forcecontrol Web directory has an arbitrary file download vulnerability, and attackers can use this vulnerability to obtain sensitive information.

Nanjing Xindison Software Technology Co., Ltd. is a high-tech enterprise specializing in the development and sales of industrial control general configuration and embedded software. Nanjing Xindi Eco-God Windows Network Web version has an information disclosure vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Nanjing Xindison Software Technology Co., Ltd. is a high-tech enterprise specializing in the development and sales of industrial control general configuration and embedded software. There is an arbitrary file deletion vulnerability in the Windows web version of Nanjing Xindi Eco-God. Attackers can use this vulnerability to delete files arbitrarily, which will affect the integrity of the application.