VARIoT IoT vulnerabilities database

BL-X-PRO is a six-line six-signal high-power Gigabit wireless router. BL-X-PRO of Shenzhen Bilian Electronics Co., Ltd. has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Wuxi Xinjie Electric Co., Ltd. is a listed company that focuses on the research and development and application of industrial automation products. Wuxi Xinjie Electric Co., Ltd.'s Xinjie XSF5-A32 PLC has an industrial control equipment vulnerability that attackers can exploit to cause a denial of service.

Beijing Xingwang Ruijie Network Technology Co., Ltd. is a provider of ICT infrastructure and industry solutions. Its main business is the research, design and sales of network equipment, network security products and cloud desktop solutions. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR2100G-E has an information leakage vulnerability, which can be exploited by attackers to obtain sensitive information.

Jiong Electronics (Shenzhen) Co., Ltd. is a high-tech foreign-invested enterprise specializing in the research and development, design, manufacturing and sales of various network products. Jiong Electronics (Shenzhen) Co., Ltd.'s TOTOLINK N200RE router has a command execution vulnerability, which can be exploited by attackers to execute arbitrary commands.

Aficio SP 3500SF is a multi-function commercial all-in-one printer with printing, copying, scanning and faxing functions. Ricoh (China) Investment Co., Ltd. Aficio SP 3500SF has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module and Linkdiscovery module. Project Floodlight of Floodlight Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module, Topologylnstance module, Routing module. Project Floodlight of Floodlight Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue. Apache Software Foundation of Apache James Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals. Apache Software Foundation of Apache James contains input validation vulnerabilities and allocation of resources without limiting or throttling.Service operation interruption (DoS) It may be in a state

The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability in the Telnet interface. An authenticated and remote attacker can execute arbitrary OS commands as root over Telnet by sending crafted "util backup_configuration" commands. NETGEAR FVS336G is a VPN (virtual private network) firewall router from NETGEAR. The vulnerability is caused by the application's failure to properly filter special characters and commands in constructing commands

Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.

AltaLink® C8245 Color Multifunction Printer is a printer product. Fujifilm Business Innovation (China) Co., Ltd. AltaLink® C8245 Color Multifunction Printer has an unauthorized access vulnerability, which can be exploited by attackers to obtain sensitive information.

C405DN MFP is a printer product. Fujifilm Business Innovation (China) Co., Ltd. C405DN MFP has a command execution vulnerability, which can be exploited by attackers to execute printer commands.

Information disclosure during audio playback. AR8035 firmware, c-v2x 9150 firmware, fastconnect 6800 Multiple Qualcomm products, such as firmware, contain an out-of-bounds read vulnerability.Information may be obtained

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436. media tech's nr16 , NR17 , NR17R Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

TOTOLINK N210RE is a wireless router. Jiong Electronics (Shenzhen) Co., Ltd. TOTOLINK N210RE command execution vulnerability, attackers can exploit this vulnerability to execute arbitrary commands.

ApeosPort C3060 is a color A3 format digital multifunction copier. Fujifilm Business Innovation (China) Co., Ltd. ApeosPort C3060 has a command execution vulnerability, which can be exploited by attackers to execute printer commands.

D-Link Electronics (Shanghai) Co., Ltd. is a company that provides high-quality network solutions for enterprises. D-Link Electronics (Shanghai) Co., Ltd. Dlink dap-1522-reva has a binary vulnerability that can be exploited by attackers to cause a denial of service.

LBP621C is a color laser printer. Canon (China) Co., Ltd. LBP621C has a command execution vulnerability, which can be exploited by attackers to execute printer commands.

DCP-T500W is a printer. Brother (China) Commercial Co., Ltd. DCP-T500W has a command execution vulnerability, which can be exploited by attackers to execute printer commands.