Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xiaomi vulnerabilities and exploits
(subscribe to this query)
632
VMScore
CVE-2018-20787
The ft5x46 touchscreen driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the size argument in tpdbg_write in drivers/input/touchscreen/ft5x46/ft5x46_ts.c. This is exploitable f...
Micode Xiaomi Perseus-p-oss
632
VMScore
CVE-2019-9111
The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sde_evtlog_filter_write in drivers/gpu/drm/msm/sde_dbg.c. This is exploitable for a device c...
Micode Xiaomi Perseus-p-oss
516
VMScore
CVE-2019-15843
A malicious file upload vulnerability exists in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.
Mi Xiaomi Millet Firmware 1-6.3.9.3
445
VMScore
CVE-2018-20523
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser....
Mi Stock Browser 10.2.4g
Mi Redmi 7 Firmware -
Mi Redmi Note 7 Firmware -
Mi Redmi Note 6 Pro Firmware -
Mi Redmi 6 Firmware -
Mi Redmi 6a Firmware -
Mi Redmi S2 Firmware -
Mi Redmi Note 5 Pro Firmware -
Mi Redmi K20 Pro Firmware -
Mi Redmi K20 Firmware -
Mi Redmi 7a Firmware -
Mi Redmi Go Firmware -
Mi Redmi Note 5 Firmware -
Mi Redmi Y3 Firmware -
Mi Redmi Note 7s Firmware -
Mi Redmi 4a Firmware -
Mi Redmi Note 4 Firmware -
Mi Redmi 5 Plus Firmware -
Mi Redmi Note 5a Prime Firmware -
801
VMScore
CVE-2018-16130
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows malicious users to execute arbitrary system commands via the "payload" URL parameter.
Mi Miwifi Os 2.22.15
384
VMScore
CVE-2019-10875
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown ...
Mi Mi Browser 10.5.6-g
Mi Mint Browser 1.5.3
801
VMScore
CVE-2018-13023
System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows malicious users to execute system commands via the "timeout" URL parameter.
Mi Miwifi Os 2.22.15
NA
CVE-2023-26322
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...
NA
CVE-2024-4405
Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerab...
NA
CVE-2024-4406
Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vul...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »