Sign-up

VARIoT news about IoT security

Addressing CVE-2025-24870: A Medium-Severity Vulnerability in SAP GUI for Windows

Trust: 4.25

Fetched: Feb. 26, 2025, 9:36 a.m., Published: Feb. 8, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-24870

Brocade SANnav Management Software Vulnerabilities Enable Device Compromise - Advisories

Trust: 3.25

Fetched: Feb. 26, 2025, 9:36 a.m., Published: Sept. 30, 2024, 12:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-2859, CVE-2024-29961, CVE-2024-29963, CVE-2024-29960, CVE-2024-29966

Chrome Buffer Overflow Vulnerabilities Allow Arbitrary Code Execution

Trust: 5.5

Fetched: Feb. 26, 2025, 9:30 a.m., Published: Feb. 19, 2025, 2:43 a.m.
 Vulnerabilities: buffer overflow, improper memory management, heap corruption...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-0999, CVE-2022-4135, CVE-2025-1426, CVE-2025-1006

2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks

Trust: 5.0

Fetched: Feb. 26, 2025, 9:30 a.m., Published: Feb. 26, 2025, 6:01 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2025-22467

Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack

Trust: 3.75

Fetched: Feb. 26, 2025, 9:30 a.m., Published: Feb. 24, 2025, 8:57 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wireshark model: wireshark
db: NVD ids: CVE-2018-16058, CVE-2018-16057, CVE-2025-1492, CVE-2018-16056

Enhancing Smart Home Security: Blockchain-Enabled Federated Learning with Knowledge Distillation for Intrusion Detection

Trust: 3.25

Fetched: Feb. 26, 2025, 9:27 a.m., Published: Feb. 17, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google home
vendor: google model: home
vendor: ecobee model: smart thermostat
vendor: axis model: axis
vendor: axis model: communications
vendor: snort model: snort
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung

Responding to Chrome's Latest Security Vulnerabilities: Update to Chrome 132 ...

Trust: 4.25

Fetched: Feb. 26, 2025, 9:26 a.m., Published: -
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2025-0762, CVE-2025-0612, CVE-2025-0611

Citrix NetScaler Vulnerability Allows Unauthorized Command Execution

Trust: 5.75

Fetched: Feb. 26, 2025, 9:24 a.m., Published: Feb. 20, 2025, 2:18 a.m.
 Vulnerabilities: privilege escalation, command execution, service disruption
Affected productsExternal IDs
vendor: citrix model: netscaler
db: NVD ids: CVE-2024-20341, CVE-2024-6387, CVE-2024-12284

Update Canonical Ubuntu Server: USN-7280-1: Python vulnerability

Trust: 4.0

Fetched: Feb. 26, 2025, 9:21 a.m., Published: Jan. 26, 7280, midnight
 Vulnerabilities: request forgery
Affected productsExternal IDs
vendor: canonical model: ubuntu

CVE-2025-0858 : Path Traversal Vulnerability in Poly Edge E Devices | SecurityVulnerability.io

Trust: 4.25

Fetched: Feb. 26, 2025, 9:20 a.m., Published: Feb. 5, 2025, 2:28 p.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-0858

Flaws in Zettler 130.8005 Industrial Gateway Expose Systems to Remote Exploitation and DoS

Trust: 5.5

Fetched: Feb. 26, 2025, 9:19 a.m., Published: Feb. 12, 2025, midnight
 Vulnerabilities: default credentials, memory leak, authentication bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2024-12011, CVE-2024-12012, CVE-2024-12013

2850+ Ivanti Connect Secure Devices Vulnerable to Remote Code Execution Attacks

Trust: 4.75

Fetched: Feb. 26, 2025, 9:18 a.m., Published: Feb. 26, 2025, 7:59 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-0282, CVE-2025-22467

CVE-2025-0626 : Remote Access Vulnerability in Medical Device by a Leading Vendor | SecurityVulnerability.io

Trust: 3.0

Fetched: Feb. 26, 2025, 9:17 a.m., Published: Jan. 30, 2025, 6:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-0626

CVE-2025-25896 - Buffer Overflow - SecAlerts

Related entries in the VARIoT vulnerabilities database: VAR-202502-3667

Trust: 3.25

Fetched: Feb. 25, 2025, 9:30 a.m., Published: Feb. 5, 2025, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-25896

Apple Patches Critical Zero-Day Vulnerabilities | Perigon

Trust: 3.0

Fetched: Feb. 25, 2025, 9:30 a.m., Published: Jan. 27, 2025, 7:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: tvos

Update Canonical Ubuntu Server: USN-7279-1: WebKitGTK vulnerabilities

Trust: 4.0

Fetched: Feb. 25, 2025, 9:29 a.m., Published: Jan. 25, 7279, midnight
 Vulnerabilities: cross-site scripting, denial of service, code execution
Affected productsExternal IDs
vendor: canonical model: ubuntu

System BIOS komputerów Dell OptiPlex 7070 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:29 a.m., Published: Feb. 25, 7070, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex

System BIOS komputerów Dell Latitude 5300 i 5300 2 w 1 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:29 a.m., Published: Feb. 25, 5300, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: latitude
vendor: dell model: bios

TODAY'S TOP 5

Trust: 3.5

Fetched: Feb. 25, 2025, 9:27 a.m., Published: Feb. 5, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: palo model: networks
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: sonicwall model: remote access
vendor: sonicwall model: sonicos
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
db: NVD ids: CVE-2024-9474, CVE-2025-0366, CVE-2025-0108

System BIOS komputera Dell Precision 5530 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 25, 2025, 9:27 a.m., Published: Feb. 25, 5530, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: precision 5530