Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xiaomi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26318
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.
Mi Xiaomi Router Ax3200 Firmware
NA
CVE-2023-26320
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
Mi Xiaomi Router Ax3200 Firmware
7.1
CVSSv2
CVE-2018-20787
The ft5x46 touchscreen driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the size argument in tpdbg_write in drivers/input/touchscreen/ft5x46/ft5x46_ts.c. This is exploitable f...
Micode Xiaomi Perseus-p-oss
4.3
CVSSv2
CVE-2018-20788
drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploite...
Micode Xiaomi Perseus-p-oss
NA
CVE-2023-26319
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
Mi Xiaomi Router Ax3200 Firmware
5.8
CVSSv2
CVE-2019-15843
A malicious file upload vulnerability exists in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.
Mi Xiaomi Millet Firmware 1-6.3.9.3
5.8
CVSSv2
CVE-2022-31277
Xiaomi Lamp 1 v2.0.4_0066 exists to be vulnerable to replay attacks. This allows malicious users to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request.
Mi Xiaomi Lamp 1 Firmware 2.0.4 0066
7.2
CVSSv2
CVE-2020-10262
An issue exists on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the mi_console command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can (i) read Wi-Fi SSID o...
Mi Xiaomi Xiaoai Speaker Pro Lx06 Firmware 1.58.10
7.2
CVSSv2
CVE-2020-10263
An issue exists on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech t...
Mi Xiaomi Xiaoai Speaker Pro Lx06 Firmware 1.52.4
5
CVSSv2
CVE-2018-20523
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser....
Mi Stock Browser 10.2.4g
Mi Redmi 7 Firmware -
Mi Redmi Note 7 Firmware -
Mi Redmi Note 6 Pro Firmware -
Mi Redmi 6 Firmware -
Mi Redmi 6a Firmware -
Mi Redmi S2 Firmware -
Mi Redmi Note 5 Pro Firmware -
Mi Redmi K20 Pro Firmware -
Mi Redmi K20 Firmware -
Mi Redmi 7a Firmware -
Mi Redmi Go Firmware -
Mi Redmi Note 5 Firmware -
Mi Redmi Y3 Firmware -
Mi Redmi Note 7s Firmware -
Mi Redmi 4a Firmware -
Mi Redmi Note 4 Firmware -
Mi Redmi 5 Plus Firmware -
Mi Redmi Note 5a Prime Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »