Sign-up

VARIoT news about IoT security

Update Canonical Ubuntu Desktop: USN-7377-1: Smarty vulnerability

Trust: 4.25

Fetched: April 2, 2025, 9:21 a.m., Published: Jan. 2, 7377, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Update Canonical Ubuntu Server: USN-7377-1: Smarty vulnerability

Trust: 4.25

Fetched: April 2, 2025, 9:21 a.m., Published: Jan. 2, 7377, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

CVE-2025-24521 - Apache Device XML External Entity Injection File Download Vulnerability

Trust: 4.0

Fetched: April 2, 2025, 9:19 a.m., Published: March 5, 2025, 4:15 p.m.
 Vulnerabilities: entity injection, file download vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2025-24521

Critical Alert: OpenSSL Vulnerabilities in Hitachi Energy PCU400 Devices | Windows Forum

Related entries in the VARIoT vulnerabilities database: VAR-202302-0482, VAR-202302-0195

Trust: 3.75

Fetched: April 2, 2025, 9:18 a.m., Published: May 2, 2025, midnight
 Vulnerabilities: side channel attack
Affected productsExternal IDs
db: NVD ids: CVE-2023-0216, CVE-2023-0401, CVE-2022-4304, CVE-2022-4203, CVE-2023-0286, CVE-2023-0215, CVE-2023-0217, CVE-2022-4450

Microsoft Uncovers Several Vulnerabilities in GRUB2, U-Boot, Barebox Bootloaders Using Copilot

Trust: 4.0

Fetched: April 2, 2025, 9:17 a.m., Published: April 1, 2025, 8:41 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-0689, CVE-2025-26725, CVE-2025-0677, CVE-2025-0685, CVE-2025-26721, CVE-2024-56738, CVE-2024-56737, CVE-2025-1118, CVE-2025-26726, CVE-2025-0686, CVE-2025-0684, CVE-2025-1125, CVE-2025-26728, CVE-2025-26722, CVE-2025-26724, CVE-2025-26729, CVE-2025-26723, CVE-2025-0678, CVE-2025-26727, CVE-2025-0690

NSA Warning on Signal: Why It’s Not a Real Vulnerability! | Tech ARP

Trust: 3.0

Fetched: April 2, 2025, 9:17 a.m., Published: March 27, 2025, 1:58 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Vulnerability Assessment: Methodology, Benefits, and Types | Attaxion

Trust: 3.5

Fetched: April 2, 2025, 9:16 a.m., Published: March 11, 2025, 8 a.m.
 Vulnerabilities: cross-site scripting, information exposure, sql injection
Affected productsExternal IDs

Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks

Related entries in the VARIoT vulnerabilities database: VAR-202501-3666

Trust: 6.0

Fetched: April 2, 2025, 9:14 a.m., Published: April 1, 2025, 7:54 a.m.
 Vulnerabilities: authorization flaw
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: watchos
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: tvos
vendor: apple model: software update
db: NVD ids: CVE-2025-24200, CVE-2025-24201, CVE-2025-24085

Packet Sniffing Meaning, Methods, Examples and Best Practices

Trust: 3.5

Fetched: April 1, 2025, 9:42 a.m., Published: March 10, 2025, 9:26 a.m.
 Vulnerabilities: session hijacking
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: snort model: snort
vendor: google model: google chrome
vendor: google model: chrome
vendor: google model: wi-fi router
vendor: essential model: phone

ASUS AiProtection Pro adds security and convenience to home networking - Edge Up

Trust: 4.25

Fetched: April 1, 2025, 9:40 a.m., Published: March 19, 2025, 11:51 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: asus model: routers
vendor: asus model: router
vendor: asus model: asus

Update Canonical Ubuntu Desktop: USN-7374-1: containerd vulnerability

Trust: 3.25

Fetched: April 1, 2025, 9:40 a.m., Published: Jan. 1, 7374, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

System and kernel security | Android Open Source Project

Trust: 3.0

Fetched: April 1, 2025, 9:40 a.m., Published: April 1, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Update Canonical Ubuntu Server: USN-7373-1: Exim vulnerability

Trust: 4.0

Fetched: April 1, 2025, 9:38 a.m., Published: Jan. 1, 7373, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

20 Best Code Analysis Tools in 2025 - The CTO Club

Trust: 3.25

Fetched: April 1, 2025, 9:36 a.m., Published: March 21, 2025, 4:03 a.m.
 Vulnerabilities: sql injection, code execution, cross-site scripting
Affected productsExternal IDs
vendor: trend model: security
vendor: essential model: phone

Update Canonical Ubuntu Desktop: USN-7373-1: Exim vulnerability

Trust: 4.0

Fetched: April 1, 2025, 9:34 a.m., Published: Jan. 1, 7373, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

CVE-2025-24994 Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability - TheWindowsUpdate.com

Trust: 3.25

Fetched: April 1, 2025, 9:34 a.m., Published: March 11, 2025, midnight
 Vulnerabilities: improper access control
Affected productsExternal IDs
db: NVD ids: CVE-2025-24994

Top 14 Open Source Pen Testing Tools: Which are Best for You?

Trust: 3.5

Fetched: April 1, 2025, 9:27 a.m., Published: April 14, 2025, midnight
 Vulnerabilities: privilege escalation, weak password, sql injection
Affected productsExternal IDs
vendor: aircrack-ng model: aircrack-ng

What is Input Validation Attack? | GeeksforGeeks

Trust: 3.5

Fetched: April 1, 2025, 9:26 a.m., Published: July 20, 2022, midnight
 Vulnerabilities: buffer overflow, input validation attack, injection attack...
Affected productsExternal IDs

CVE-2025-27671 - Vasion Print (formerly PrinterLogic) Device Impersonation Vulnerability

Trust: 5.25

Fetched: April 1, 2025, 9:21 a.m., Published: March 5, 2025, 6:15 a.m.
 Vulnerabilities: device impersonation
Affected productsExternal IDs
db: NVD ids: CVE-2025-27671

Update Canonical Ubuntu Desktop: USN-7312-1: openNDS vulnerability

Trust: 3.25

Fetched: April 1, 2025, 9:21 a.m., Published: Jan. 1, 7312, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu