Sign-up

VARIoT news about IoT security

Latest news

The news are found with our scripts for filtering search results.
Additional information about vulnerabilities, affected products and external identifiers are obtained with NLP and custom filters from found news.

Invisible UI Trick: The Latest TapTrap Exploit on Android Devices

Trust: 3.0

Fetched: July 9, 2025, 9:58 a.m., Published: July 9, 2025, 5:14 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CVE-2025-6881: Critical Buffer Overflow Vulnerability in D-Link DI-8100 - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.0

Fetched: July 9, 2025, 9:56 a.m., Published: July 5, 2025, 3:29 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-6881

Update Canonical Ubuntu Desktop: USN-7612-1: Flask-CORS vulnerabilities

Trust: 4.0

Fetched: July 9, 2025, 9:55 a.m., Published: Jan. 9, 7612, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-6866, CVE-2024-6844, CVE-2024-6839, CVE-2024-6221, CVE-2024-1681

CVE-2025-41224 : Access Control Vulnerability in RUGGEDCOM Network Devices by Siemens

Trust: 5.0

Fetched: July 9, 2025, 9:55 a.m., Published: July 8, 2025, 10:35 a.m.
 Vulnerabilities: access control vulnerability
Affected productsExternal IDs
vendor: siemens model: ruggedcom
db: NVD ids: CVE-2025-41224

Update Canonical Ubuntu Desktop: USN-7615-1: ClamAV vulnerabilities

Trust: 5.75

Fetched: July 9, 2025, 9:54 a.m., Published: Jan. 9, 7615, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: clamav model: clamav
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-20234, CVE-2025-20260

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh Finland

Trust: 3.25

Fetched: July 9, 2025, 9:51 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51977, CVE-2024-51982, CVE-2024-2169, CVE-2024-51981, CVE-2024-51979, CVE-2017-9765, CVE-2024-51980, CVE-2024-51984, CVE-2024-51983

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh Sverige

Trust: 3.25

Fetched: July 9, 2025, 9:50 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51977, CVE-2024-51982, CVE-2024-2169, CVE-2024-51981, CVE-2024-51979, CVE-2017-9765, CVE-2024-51980, CVE-2024-51984, CVE-2024-51983

Understanding and Addressing Linux Vulnerabilities | LinuxVox.com

Trust: 3.75

Fetched: July 9, 2025, 9:49 a.m., Published: July 9, 2025, midnight
 Vulnerabilities: privilege escalation, sql injection, buffer overflow
Affected productsExternal IDs

CVE-2025-5484: Widespread Vulnerability in SinoTrack Device Management Interface - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.0

Fetched: July 9, 2025, 9:48 a.m., Published: June 22, 2025, 1:12 a.m.
 Vulnerabilities: default password
Affected productsExternal IDs
db: NVD ids: CVE-2025-5484

Navigating Danger: Qualcomm GPS Vulnerability CVE-2025-21450 Exposes Devices to Critical MitM Attacks - ZeroPath Blog

Trust: 4.75

Fetched: July 9, 2025, 9:48 a.m., Published: July 9, 2025, midnight
 Vulnerabilities: memory corruption, denial of service, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2016-5341, CVE-2025-21450

Update Canonical Ubuntu Desktop: USN-7620-1: File::Find::Rule vulnerability

Trust: 3.0

Fetched: July 9, 2025, 9:47 a.m., Published: Jan. 9, 7620, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

July 2025 Patch Tuesday: 130 Vulnerabilities Addressed

Trust: 4.0

Fetched: July 9, 2025, 9:40 a.m., Published: July 9, 2025, 9:05 a.m.
 Vulnerabilities: code execution, privilege escalation, information leak
Affected productsExternal IDs
db: NVD ids: CVE-2025-47981, CVE-2025-49696, CVE-2025-48001, CVE-2025-49735, CVE-2025-49697, CVE-2025-49719, CVE-2025-48822, CVE-2025-49695

Update Canonical Ubuntu Desktop: USN-7617-1: libtpms vulnerability

Trust: 4.25

Fetched: July 9, 2025, 9:39 a.m., Published: Jan. 9, 7617, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

MediaTek July 2025 Security Patch Addresses Multiple Vulnerabilities Across Range of Chipsets

Trust: 4.75

Fetched: July 9, 2025, 9:38 a.m., Published: July 8, 2025, 2:51 p.m.
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-20684, CVE-2025-20695, CVE-2025-20688, CVE-2025-20694, CVE-2025-20681, CVE-2025-20686, CVE-2025-20680, CVE-2025-20685, CVE-2025-20692, CVE-2025-20687

Critical SQL Injection Vulnerability Exposes 62,000 Users Of Catwatchful Spyware App

Trust: 5.0

Fetched: July 9, 2025, 9:38 a.m., Published: July 7, 2025, 1:02 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: google model: android

Windows Hyper-V DDA Flaw CVE-2025-48822: Critical Out-of-Bounds Read Enables Local Code Execution - ZeroPath Blog

Trust: 4.25

Fetched: July 9, 2025, 9:37 a.m., Published: July 7, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-48822

CVE-2025-25270: Critical Unauthenticated RCE via Dynamic Configuration Manipulation - ZeroPath Blog

Related entries in the VARIoT vulnerabilities database: VAR-202504-1178

Trust: 6.0

Fetched: July 9, 2025, 9:37 a.m., Published: July 5, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: snort model: snort
db: NVD ids: CVE-2025-32433, CVE-2025-25270

CVE-2025-5777: A New Memory Leak in Citrix Gateway Devices | Hadrian

Trust: 4.25

Fetched: July 9, 2025, 9:36 a.m., Published: July 8, 2025, midnight
 Vulnerabilities: memory leak, memory corruption
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
db: NVD ids: CVE-2023-4966, CVE-2025-5777

Windows UPnP Service Exposed: Privilege Escalation Risk in CVE-2025-48819 - ZeroPath Blog

Trust: 4.0

Fetched: July 9, 2025, 9:36 a.m., Published: July 8, 2025, midnight
 Vulnerabilities: code execution, improper memory handling, authorization vulnerability...
Affected productsExternal IDs
db: NVD ids: CVE-2022-21965, CVE-2025-47981, CVE-2019-1405, CVE-2020-1319, CVE-2025-48819, CVE-2025-49701, CVE-2025-49695

Windows UPnP Device Host Flaw (CVE-2025-48821): Privilege Escalation Risk on Adjacent Networks - ZeroPath Blog

Trust: 4.0

Fetched: July 9, 2025, 9:35 a.m., Published: July 6, 2025, midnight
 Vulnerabilities: code execution, privilege escalation, improper memory handling
Affected productsExternal IDs
db: NVD ids: CVE-2025-48821, CVE-2019-1405