Sign-up

VARIoT news about IoT security

Critical SQL Injection Vulnerability Exposes 62,000 Users Of Catwatchful Spyware App

Trust: 5.0

Fetched: July 9, 2025, 9:38 a.m., Published: July 7, 2025, 1:02 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: google model: android

Windows Hyper-V DDA Flaw CVE-2025-48822: Critical Out-of-Bounds Read Enables Local Code Execution - ZeroPath Blog

Trust: 4.25

Fetched: July 9, 2025, 9:37 a.m., Published: July 7, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-48822

CVE-2025-25270: Critical Unauthenticated RCE via Dynamic Configuration Manipulation - ZeroPath Blog

Related entries in the VARIoT vulnerabilities database: VAR-202504-1178

Trust: 6.0

Fetched: July 9, 2025, 9:37 a.m., Published: July 5, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: snort model: snort
db: NVD ids: CVE-2025-32433, CVE-2025-25270

CVE-2025-5777: A New Memory Leak in Citrix Gateway Devices | Hadrian

Trust: 4.25

Fetched: July 9, 2025, 9:36 a.m., Published: July 8, 2025, midnight
 Vulnerabilities: memory leak, memory corruption
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
db: NVD ids: CVE-2023-4966, CVE-2025-5777

Windows UPnP Service Exposed: Privilege Escalation Risk in CVE-2025-48819 - ZeroPath Blog

Trust: 4.0

Fetched: July 9, 2025, 9:36 a.m., Published: July 8, 2025, midnight
 Vulnerabilities: code execution, improper memory handling, authorization vulnerability...
Affected productsExternal IDs
db: NVD ids: CVE-2022-21965, CVE-2025-47981, CVE-2019-1405, CVE-2020-1319, CVE-2025-48819, CVE-2025-49701, CVE-2025-49695

Windows UPnP Device Host Flaw (CVE-2025-48821): Privilege Escalation Risk on Adjacent Networks - ZeroPath Blog

Trust: 4.0

Fetched: July 9, 2025, 9:35 a.m., Published: July 6, 2025, midnight
 Vulnerabilities: code execution, privilege escalation, improper memory handling
Affected productsExternal IDs
db: NVD ids: CVE-2025-48821, CVE-2019-1405

2025 July KB5062553 KB5062552 Windows 11 Patch | 1 Zero Day Vulnerability And 137 Flaws HTMD Blog

Trust: 3.5

Fetched: July 9, 2025, 9:34 a.m., Published: July 8, 2025, 6:05 p.m.
 Vulnerabilities: information disclosure, script execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-49719

2025 July KB5062554 Windows 10 Patch | 1 Zero Day Vulnerability And 137 Flaws HTMD Blog

Trust: 4.0

Fetched: July 9, 2025, 9:33 a.m., Published: July 8, 2025, 6:18 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-49719

Windows CDPSvc Under Fire: Analyzing CVE-2025-48000's Privilege Escalation Risk - ZeroPath Blog

Trust: 4.0

Fetched: July 9, 2025, 9:32 a.m., Published: July 12, 2025, midnight
 Vulnerabilities: code execution, privilege escalation, memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2025-48000

Ivanti EPMM Security Update for July, 2025: Critical OS Command Injection Vulnerabilities - Peter Girnus

Trust: 4.75

Fetched: July 9, 2025, 9:32 a.m., Published: July 8, 2025, 6:12 p.m.
 Vulnerabilities: command injection, code execution, os command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2025-4427, CVE-2025-6771, CVE-2025-6770

Brother 製デバイス群に複数の脆弱性:4社 742機種のプリンター/複合機に影響 - IoT OT Security News

Trust: 3.0

Fetched: July 9, 2025, 9:31 a.m., Published: June 24, 2025, 8:49 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-51977, CVE-2024-51982, CVE-2024-51981, CVE-2024-51979, CVE-2024-51980, CVE-2024-51978, CVE-2024-51984, CVE-2024-51983

Find, secure, or erase a lost Android device - Google Account Help

Trust: 3.0

Fetched: July 9, 2025, 9:15 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Download apps & digital content - Google Play Help

Trust: 3.0

Fetched: July 9, 2025, 9:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Back up or restore data on your Android device - Android Help

Trust: 3.75

Fetched: July 9, 2025, 9:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Download and install Google Chrome - Computer - Google Chrome Help

Trust: 3.0

Fetched: July 9, 2025, 9:13 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

Manage your Google Settings - Google Account Help

Trust: 3.0

Fetched: July 9, 2025, 9:13 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

My 7 Easy Ways to Keep Hackers Out of Your Security Cameras - CNET

Trust: 3.5

Fetched: July 8, 2025, 12:18 p.m., Published: July 7, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone
vendor: huawei model: huawei

Update Canonical Ubuntu Desktop: USN-7605-2: Linux kernel (Low Latency) vulnerabilities

Trust: 3.75

Fetched: July 8, 2025, 12:15 p.m., Published: Feb. 8, 7605, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: alsa model: alsa
vendor: acrn model: acrn
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-2312

748 Printer Models Affected by Critical Flaw That Exposes Admin Passwords - Tech2Geek

Trust: 5.75

Fetched: July 8, 2025, 12:13 p.m., Published: July 6, 2025, 10:20 a.m.
 Vulnerabilities: buffer overflow, code execution, default password
Affected productsExternal IDs
db: NVD ids: CVE-2024-51978, CVE-2024-51984, CVE-2024-51979

CVE-2025-27460 - Dell Device Physical Storage Unencrypted Vulnerability

Trust: 3.0

Fetched: July 8, 2025, 12:12 p.m., Published: July 3, 2025, 12:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-27460