Sign-up

VARIoT news about IoT security

CVE-2023-50739 : Buffer Overflow Vulnerability in Lexmark Devices Using Internet Printing Protocol | SecurityVulnerability.io

Trust: 5.25

Fetched: Jan. 19, 2025, 9:32 a.m., Published: Jan. 18, 2025, 12:15 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: lexmark model: lexmark
db: NVD ids: CVE-2023-50739

15K Fortinet Device Configs Leaked to the Dark Web

Related entries in the VARIoT vulnerabilities database: VAR-201906-0815, VAR-202210-0198

Trust: 5.5

Fetched: Jan. 19, 2025, 9:32 a.m., Published: Jan. 2, 2025, midnight
 Vulnerabilities: authentication bypass, path traversal
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2024-55591, CVE-2018-13379, CVE-2022-40684

Update Canonical Ubuntu Server: USN-7204-1: NeoMutt vulnerabilities

Trust: 6.0

Fetched: Jan. 19, 2025, 9:31 a.m., Published: Jan. 19, 7204, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2018-14357, CVE-2018-14351, CVE-2018-14355, CVE-2018-14361, CVE-2021-32055, CVE-2018-14359, CVE-2018-14363, CVE-2018-14352, CVE-2018-14354, CVE-2018-14349, CVE-2022-1328, CVE-2024-49393, CVE-2018-14356, CVE-2024-49394, CVE-2018-14362, CVE-2018-14353, CVE-2020-28896, CVE-2018-14350, CVE-2020-14954, CVE-2018-14358, CVE-2018-14360

Major new online tunneling vulnerability could put millions of devices at risk | TechRadar

Trust: 3.25

Fetched: Jan. 19, 2025, 9:31 a.m., Published: Jan. 17, 2025, 1:57 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-7595, CVE-2024-7596, CVE-2025-23018, CVE-2025-23019

10 Best Network Security Auditing Tools for 2025 - with Free Trials!

Trust: 3.25

Fetched: Jan. 19, 2025, 9:29 a.m., Published: March 30, 2021, 9:52 p.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs
vendor: manageengine model: network configuration manager
vendor: nagios model: nagios xi

CVE-2024-49736: Settings App Vulnerability Leading to Unauthorized Factory Reset

Trust: 3.0

Fetched: Jan. 19, 2025, 9:28 a.m., Published: Jan. 1, 2025, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-49736

CVE-2024-43077 - Apache Device Manager Out-of-Bounds Write Vulnerability

Trust: 5.0

Fetched: Jan. 19, 2025, 9:27 a.m., Published: Jan. 3, 2025, 1:15 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2024-43077

Old Vulnerability (CVE-2022-40684) Leads to Massive FortiGate Data Breach, Exposing 15,000+ Devices - OP INNOVATE

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 4.0

Fetched: Jan. 19, 2025, 9:27 a.m., Published: Jan. 17, 2025, 9:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-40684

Update Canonical Ubuntu Desktop: USN-7213-1: poppler vulnerability

Trust: 3.0

Fetched: Jan. 19, 2025, 9:26 a.m., Published: Jan. 19, 7213, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Hackers Released 15,000+ Unique Fortigate Firewall Configs

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 5.75

Fetched: Jan. 19, 2025, 9:26 a.m., Published: Jan. 16, 2025, 3:53 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-40684

Update Canonical Ubuntu Desktop: USN-7205-1: Django vulnerability

Trust: 4.25

Fetched: Jan. 19, 2025, 9:25 a.m., Published: Jan. 19, 7205, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Update Canonical Ubuntu Desktop: USN-7216-1: tqdm vulnerability

Trust: 6.25

Fetched: Jan. 19, 2025, 9:25 a.m., Published: Jan. 19, 7216, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-34062

Update Canonical Ubuntu Server: USN-7216-1: tqdm vulnerability

Trust: 6.25

Fetched: Jan. 19, 2025, 9:25 a.m., Published: Jan. 19, 7216, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-34062

Update Canonical Ubuntu Desktop: USN-7207-1: Git vulnerabilities

Trust: 4.25

Fetched: Jan. 19, 2025, 9:24 a.m., Published: Jan. 19, 7207, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-52006, CVE-2024-50349

Security Weekly News | SC Media

Trust: 3.0

Fetched: Jan. 19, 2025, 9:24 a.m., Published: Dec. 17, 2024, noon
 Vulnerabilities: -
Affected productsExternal IDs
vendor: motorola model: motorola

CVE-2025-0103 : SQL Injection Vulnerability in Palo Alto Networks Expedition | SecurityVulnerability.io

Trust: 5.75

Fetched: Jan. 19, 2025, 9:24 a.m., Published: Jan. 11, 2025, 3:15 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-0103

CVE-2024-12987 : Web Management Interface Command Injection Vulnerability in DrayTek Vigor Devices | SecurityVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202412-2441

Trust: 5.25

Fetched: Jan. 19, 2025, 9:23 a.m., Published: Dec. 27, 2024, 4 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: draytek model: vigor
db: NVD ids: CVE-2024-12987

Smart Yet Flawed: IoT Device Vulnerabilities Explained | 趨勢科技 (TW)

Related entries in the VARIoT vulnerabilities database: VAR-202003-1707

Trust: 4.25

Fetched: Jan. 19, 2025, 9:21 a.m., Published: -
 Vulnerabilities: denial of service, default credentials
Affected productsExternal IDs
vendor: trend model: internet security
vendor: trend model: home network security
vendor: trend model: security
vendor: sonos model: sonos
vendor: trend micro model: internet security
vendor: trend micro model: home network security
vendor: trend micro model: security
db: NVD ids: CVE-2020-9054

Top 10 Hardware Vulnerabilities MSPs Should Watch Out For

Trust: 3.75

Fetched: Jan. 19, 2025, 9:20 a.m., Published: Dec. 13, 2022, 5:34 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

New Protocol Vulnerabilities: CVE-2024-7595/7596 & CVE-2025-23018/23019

Trust: 4.5

Fetched: Jan. 19, 2025, 9:19 a.m., Published: Jan. 4, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2024-7595, CVE-2025-23018