Sign-up

VARIoT news about IoT security

QualPwn Vulnerability Overview: It Affects Snapdragon 835, 845, and more - UMA Technology

Trust: 3.25

Fetched: Jan. 3, 2025, 9:15 a.m., Published: Jan. 3, 2025, 7:22 a.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: mobile devices

Critical DoS Vulnerability Found in Palo Alto Networks PAN-OS (CVE-2024-3393)

Trust: 3.75

Fetched: Jan. 3, 2025, 9:15 a.m., Published: Dec. 27, 2024, 6:02 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2024-3393

Update Canonical Ubuntu Desktop: USN-7140-1: Tinyproxy vulnerability

Trust: 3.25

Fetched: Jan. 3, 2025, 9:13 a.m., Published: Jan. 3, 7140, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Microsoft Windows Critical Vulnerability with CVE-2024-49112 - Obrela

Trust: 3.25

Fetched: Jan. 3, 2025, 9:12 a.m., Published: Jan. 2, 2025, 11:58 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-49112

CEH Module4 - Vulnerability Analysis - CY - Technical Memory extension

Trust: 3.25

Fetched: Jan. 3, 2025, 9:11 a.m., Published: Jan. 1, 2025, 9:29 a.m.
 Vulnerabilities: resource exhaustion, integer overflow
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security

5 Most Significant Mobile Data Breaches of 2021 - Cybersecurity ASEE

Trust: 3.5

Fetched: Jan. 3, 2025, 9:11 a.m., Published: July 25, 2022, 8 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watch
vendor: apple model: macos

Addressing Vulnerability CVE-2024-51188 in TRENDnet Devices: Risks and Mitigation Strategies

Related entries in the VARIoT vulnerabilities database: VAR-202411-3144

Trust: 4.75

Fetched: Jan. 1, 2025, 9:21 a.m., Published: Nov. 1, 2024, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: trendnet model: tew-652bru
vendor: trendnet model: tew-651br
vendor: trendnet model: tew-652brp
db: NVD ids: CVE-2024-51188

H-ISAC TLP White Fortinet Patches Critical FortiWLM Vulnerability CVE-2023-34990 - December 27, 2024 | AHA

Related entries in the VARIoT vulnerabilities database: VAR-202412-2453

Trust: 5.25

Fetched: Jan. 1, 2025, 9:16 a.m., Published: Dec. 27, 2024, midnight
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2023-34990

(Solved) - The following are examples of mobile device vulnerabilities and... (1 Answer) | Transtutors

Trust: 4.25

Fetched: Jan. 1, 2025, 9:15 a.m., Published: Jan. 1, 2025, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities

Trust: 5.5

Fetched: Jan. 1, 2025, 9:14 a.m., Published: Dec. 10, 2024, 8:52 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: snort.org model: snort
vendor: snort model: snort
db: NVD ids: CVE-2024-49116, CVE-2024-49119, CVE-2024-49124, CVE-2024-49132, CVE-2024-49126, CVE-2024-49118, CVE-2024-49070, CVE-2024-49115, CVE-2024-49114, CVE-2024-49106, CVE-2024-49117, CVE-2024-49138, CVE-2024-49090, CVE-2024-49105, CVE-2024-49123, CVE-2024-49108, CVE-2024-49088, CVE-2024-49120, CVE-2024-49112, CVE-2024-49128, CVE-2024-49093, CVE-2024-49127, CVE-2024-49122

Four-Faith Industrial Router CVE-2024-12856 Exploited in the Wild - Blog - VulnCheck

Related entries in the VARIoT vulnerabilities database: VAR-201905-1300

Trust: 4.5

Fetched: Jan. 1, 2025, 9:14 a.m., Published: Dec. 27, 2024, midnight
 Vulnerabilities: command injection, default credentials, code execution...
Affected productsExternal IDs
vendor: four-faith model: f3x24
vendor: four-faith model: four-faith
db: NVD ids: CVE-2024-11680, CVE-2024-12856, CVE-2019-12168

Palo Alto PAN-OS Severe Vulnerability (CVE-2024-3393) Exploited - SecPod Blog

Trust: 4.75

Fetched: Jan. 1, 2025, 9:11 a.m., Published: Dec. 31, 2024, 10:35 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-3393

Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commands

Trust: 4.0

Fetched: Jan. 1, 2025, 9:11 a.m., Published: Dec. 25, 2024, 9:18 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-45387

Darktrace’s view on Operation Lunar Peek: Exploitation of Palo Alto firewall devices (CVE 2024-2012 and 2024-9474) | Darktrace Blog

Trust: 5.25

Fetched: Jan. 1, 2025, 9:09 a.m., Published: Dec. 9, 2024, midnight
 Vulnerabilities: authentication bypass, command execution, privilege escalation
Affected productsExternal IDs
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: trend model: security
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
db: NVD ids: CVE-2024-0012, CVE-2024-9474

Protect Four-Faith Routers from CVE-2024-12856 Exploit

Trust: 5.25

Fetched: Jan. 1, 2025, 9:07 a.m., Published: Dec. 30, 2024, midnight
 Vulnerabilities: command injection, command execution, remote command injection...
Affected productsExternal IDs
vendor: snort model: snort
vendor: four-faith model: f3x24
vendor: four-faith model: four-faith
db: NVD ids: CVE-2024-12856

Securing Cloud-Based Internet of Things: Challenges and Mitigations

Trust: 4.5

Fetched: Dec. 31, 2024, 9:43 a.m., Published: Dec. 26, 2024, midnight
 Vulnerabilities: sql injection, authentication attack, information leak...
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: flow
vendor: samsung model: samsung

Ai Vulnerabilities In Smart Audio Devices | Restackio

Trust: 3.75

Fetched: Dec. 31, 2024, 9:43 a.m., Published: Dec. 25, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Analyzing the vulnerability landscape in Q3 2024 | Securelist

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.25

Fetched: Dec. 31, 2024, 9:42 a.m., Published: March 31, 2024, midnight
 Vulnerabilities: buffer overflow, os command injection, injection attack...
Affected productsExternal IDs
vendor: freeipa model: freeipa
vendor: trend model: security
vendor: cups model: cups
db: NVD ids: CVE-2024-3183, CVE-2023-51385, CVE-2023-36874, CVE-2021-40444, CVE-2023-2640, CVE-2023-22809, CVE-2023-36802, CVE-2024-5290, CVE-2023-23397, CVE-2024-6387, CVE-2024-45519, CVE-2024-47177, CVE-2017-11882, CVE-2023-32233, CVE-2018-0802, CVE-2023-3269, CVE-2023-31248, CVE-2017-0199, CVE-2023-4911, CVE-2024-38112, CVE-2023-38831

Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393) - Qualys ThreatPROTECT

Trust: 5.75

Fetched: Dec. 31, 2024, 9:41 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: networks
db: NVD ids: CVE-2024-3393

8 Best Network Vulnerability Scanner

Trust: 3.5

Fetched: Dec. 31, 2024, 9:39 a.m., Published: April 1, 2018, 4:16 a.m.
 Vulnerabilities: sql injection, cross-site scripting, weak password
Affected productsExternal IDs
vendor: sophos model: firewall
vendor: cisco model: routers
vendor: cisco model: umbrella
vendor: cisco model: guard