Sign-up

VARIoT news about IoT security

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities

Trust: 5.0

Fetched: Aug. 25, 2024, 9:52 a.m., Published: Aug. 7, 2024, 3:55 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

Android Vulnerability Impacting Millions of Pixel Devices Worldwide

Trust: 4.25

Fetched: Aug. 25, 2024, 9:47 a.m., Published: Aug. 16, 2024, 9:45 a.m.
 Vulnerabilities: code execution, code injection
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: essential model: phone

Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability - Cisco

Trust: 5.0

Fetched: Aug. 25, 2024, 9:46 a.m., Published: Aug. 21, 2024, 11:55 a.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

Electronics | Free Full-Text | The Vulnerability Relationship Prediction Research for Network Risk Assessment

Related entries in the VARIoT vulnerabilities database: VAR-202202-0325, VAR-202202-0322, VAR-201605-0077

Trust: 4.5

Fetched: Aug. 25, 2024, 9:44 a.m., Published: Jan. 25, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: accesspath
vendor: cisco model: rv340
vendor: cisco model: series
db: NVD ids: CVE-2022-20705, CVE-2019-2729, CVE-2022-20707, CVE-2019-2887, CVE-2016-2107, CVE-2020-1745

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549

Related entries in the VARIoT vulnerabilities database: VAR-202401-2573, VAR-202401-1629

Trust: 6.0

Fetched: Aug. 25, 2024, 9:42 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: citrix model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler adc
db: NVD ids: CVE-2023-6548, CVE-2023-6549

Vulnerabilities Affecting the AiLux RTU62351B

Trust: 3.75

Fetched: Aug. 25, 2024, 9:42 a.m., Published: June 11, 2024, midnight
 Vulnerabilities: cross-site scripting, request forgery, buffer overflow...
Affected productsExternal IDs
db: NVD ids: CVE-2023-45600, CVE-2023-45597, CVE-2023-5457, CVE-2023-45598, CVE-2023-45595, CVE-2023-45599, CVE-2023-45596, CVE-2023-45591, CVE-2023-5456, CVE-2023-45592, CVE-2023-45594, CVE-2023-45593

China-Nexus Threat Group ‘Velvet Ant’ Exploits Zero-Day on Cisco Nexus Switches

Trust: 4.5

Fetched: Aug. 25, 2024, 9:34 a.m., Published: Aug. 22, 2024, 3:02 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: nexus
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: nx-os software
db: NVD ids: CVE-2024-20399

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Aug. 25, 2024, 9:33 a.m., Published: Aug. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Aug. 25, 2024, 9:31 a.m., Published: Aug. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: Aug. 25, 2024, 9:30 a.m., Published: Aug. 11, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

Google Warns of Critical Pixel Firmware Security Flaw Exploited as Zero-Day

Trust: 3.5

Fetched: Aug. 25, 2024, 9:29 a.m., Published: Aug. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: essential model: phone
db: NVD ids: CVE-2024-32896, CVE-2024-29748, CVE-2024-29745, CVE-2024-4610

Your internet-connected home devices could be compromising your security. BYU computer engineers have a solution - BYU News

Trust: 4.75

Fetched: Aug. 25, 2024, 9:28 a.m., Published: May 29, 2024, 2 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security

High-Severity UEFI Vulnerability Affects Hundreds of Intel CPUs

Trust: 5.5

Fetched: Aug. 25, 2024, 9:27 a.m., Published: Aug. 30, 2024, midnight
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: bios
vendor: lenovo model: system
db: NVD ids: CVE-2024-0762

The latest on vulnerability research - The GitHub Blog

Trust: 4.0

Fetched: Aug. 25, 2024, 9:26 a.m., Published: July 22, 2024, 10 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-6241

[BRLY-DVA-2023-025] SMM memory corruption vulnerability in combined DXE/SMM driver on Fujitsu device (SMRAM write)

Trust: 3.0

Fetched: Aug. 25, 2024, 9:25 a.m., Published: July 2, 2024, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs

D-Link Technical Support

Trust: 3.75

Fetched: Aug. 25, 2024, 9:24 a.m., Published: April 25, 2024, midnight
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2024-6045, CVE-2024-6044

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Aug. 25, 2024, 9:24 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: ipod touch
vendor: apple model: watch
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: software update
vendor: apple model: apple tv
vendor: apple model: ipad

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now! | Malwarebytes

Trust: 3.75

Fetched: Aug. 25, 2024, 9:23 a.m., Published: July 31, 2024, 1:04 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: ipod touch
vendor: apple model: watch
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: software update
vendor: apple model: apple tv
vendor: apple model: ipad

CVE-2024-32912 - Cisco Device Debug Code Denial of Service Vulnerability

Trust: 5.75

Fetched: Aug. 25, 2024, 9:17 a.m., Published: June 13, 2024, 9:15 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32912

Cisco Unified Communications Manager Denial of Service Vulnerability - Cisco

Trust: 4.0

Fetched: Aug. 25, 2024, 9:15 a.m., Published: Aug. 21, 2024, 11:55 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco unified communications manager
vendor: cisco model: unified communications
vendor: cisco model: unified communications manager