Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mi vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-9531
An issue exists on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can...
Mi Miui Firmware 11.0.5.0.qfaeuxm
641
VMScore
CVE-2020-8994
An issue exists on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialogue text files between users and XIAOMI AI speaker, use Text-To-Speech tools pretend XIAO...
Mi Mdz-25-dt Firmware 1.34.36
Mi Mdz-25-dt Firmware 1.40.14
481
VMScore
CVE-2019-13321
This vulnerability allows network adjacent malicious users to execute arbitrary code on affected installations of Xiaomi Browser before 10.4.0. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific fla...
Mi Mi Browser
605
VMScore
CVE-2019-13322
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Xiaomi Browser before 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Mi Mi Browser
445
VMScore
CVE-2019-15914
An issue exists on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.
Mi Dgnwg03lm Firmware -
Mi Zncz03lm Firmware -
Mi Mccgq01lm Firmware -
Mi Wsdcgq01lm Firmware -
Mi Rtcgq01lm Firmware -
445
VMScore
CVE-2019-15915
An issue exists on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devices. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.
Mi Dgnwg03lm Firmware -
Mi Zncz03lm Firmware -
Mi Mccgq01lm Firmware -
Mi Rtcgq01lm Firmware -
668
VMScore
CVE-2019-15913
An issue exists on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing malicious users to gain sensitive information and denial of service attack, take over smart home devices, and tamper with me...
Mi Dgnwg03lm Firmware -
Mi Zncz03lm Firmware -
Mi Mccgq01lm Firmware -
Mi Wsdcgq01lm Firmware -
Mi Rtcgq01lm Firmware -
445
VMScore
CVE-2019-19463
The Anhui Huami Mi Fit application prior to 4.0.11 for Android has an Unencrypted Update Check.
Huami Mi Fit
187
VMScore
CVE-2019-15427
The Xiaomi Mi Mix Android device with a build fingerprint of Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings...
Mi Mix Firmware -
187
VMScore
CVE-2019-15468
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812071953) that allows...
Mi A2 Lite Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »