98 matches found
CVE-2022-35135
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
CVE-2020-26701
Cross-site scripting XSS vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter...
USN-7159-4: Linux kernel (IoT) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...
Command Execution Vulnerability in Intelligent IOT Integrated Management Platform of Zhejiang Dahua Technology Co.
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A command execution vulnerability exists in the Intelligent IOT Integrated Management Platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited b...
Information Leakage Vulnerability in Intelligent IOT Comprehensive Management Platform of Zhejiang Dahua Technology Co.(CNVD-2024-35748)
Zhejiang Dahua Technology Co., Ltd. is a leading supplier and solution provider of surveillance products. An information leakage vulnerability exists in the Intelligent IOT Integrated Management Platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...
CVE-2023-38372 IBM Watson IoT Platform information disclosure
An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...
CVE-2023-38372
CVE-2023-38372 affects IBM Watson IoT Platform 1.0. An unauthorized attacker with a valid security authentication token can impersonate an authorized platform user, per NVD/IBM advisories. Impact is high on confidentiality (token abuse) with no indicated impact on integrity or availability in the...
CVE-2024-27099 Azure IoT Platform Device SDK Double Free Vulnerability
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...
CVE-2024-25110 Azure IoT Platform Device SDK Remote Code Execution Vulnerability
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
Azure IoT Platform Device SDK Remote Code Execution Vulnerability
...
CVE-2024-21646 Azure IoT Platform Device SDK Remote Code Execution Vulnerability
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...
Weak Password Vulnerability in Intelligent IOT Comprehensive Management Platform of Zhejiang Dahua Technology Co.(CNVD-2022-87084)
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. A weak password vulnerability exists in the Intelligent IOT Integrated Management Platform of Zhejiang Dahua Technology Co. Ltd, which can be exploited by...
Zhejiang Dahua Technology Co., Ltd. icc Intelligent IOT Comprehensive Management Platform Exists Information Leakage Vulnerability
Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. There is an information leakage vulnerability in the icc Intelligent Internet of Things Integrated Management Platform of Zhejiang Dahua Technology Co. Ltd,...
CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...