Sign-up

VARIoT news about IoT security

Understanding and Mitigating CVE-2025-20644: Memory Corruption Vulnerability in MediaTek Modems

Related entries in the VARIoT vulnerabilities database: VAR-202503-1450

Trust: 5.0

Fetched: March 4, 2025, 9:34 a.m., Published: -
 Vulnerabilities: memory corruption, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-20644

Understanding and Mitigating CVE-2025-20651: MediaTek Device Vulnerability

Trust: 4.0

Fetched: March 4, 2025, 9:26 a.m., Published: -
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-20651

Samsung Galaxy S25 Security Concerns: The Zero-Day Vulnerability and What It Means for Users (US) - MobilityArena

Trust: 4.5

Fetched: March 4, 2025, 9:25 a.m., Published: March 3, 2025, 8:56 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: samsung model: knox
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-53104

Security Misconfiguration: Impact, Examples, and Prevention

Trust: 4.5

Fetched: March 4, 2025, 9:19 a.m., Published: May 29, 2022, 12:08 p.m.
 Vulnerabilities: code injection, traversal attack, directory traversal...
Affected productsExternal IDs

Cybersecurity Basics, Threats, Tools, and Examples

Trust: 4.25

Fetched: March 2, 2025, 9:46 a.m., Published: June 29, 2024, 1:19 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: avira model: antivirus
vendor: mesh model: mesh
vendor: avast model: antivirus
vendor: comodo model: antivirus
vendor: pfsense model: pfsense
vendor: barracuda model: barracuda
vendor: barracuda model: running
vendor: google model: home
vendor: essential model: phone
vendor: sophos model: mobile
vendor: snort model: snort

Analysing Cyber Attacks and Cyber Security Vulnerabilities in the University Sector

Trust: 3.5

Fetched: March 2, 2025, 9:32 a.m., Published: Feb. 2, 2025, midnight
 Vulnerabilities: injection attack, sql injection
Affected productsExternal IDs
vendor: essential model: phone

System BIOS komputera Dell XPS 17 9710 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: March 2, 2025, 9:31 a.m., Published: March 24, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Kandji Announces Vulnerability Management, a new security product for Apple devices - MacTech.com

Trust: 3.0

Fetched: March 2, 2025, 9:31 a.m., Published: Feb. 12, 2025, 3:56 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Trust: 4.5

Fetched: March 2, 2025, 9:31 a.m., Published: Feb. 25, 2025, 10:41 a.m.
 Vulnerabilities: access control flaw, code execution, improper access control
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: networks
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2025-24989, CVE-2024-20953, CVE-2017-3066

Find my hacker: How Apple's network can be a potential tracking tool | College of Engineering and Computing

Trust: 4.75

Fetched: March 2, 2025, 9:29 a.m., Published: Feb. 2, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: essential model: phone

CVE-2025-20161 - Cisco NX-OS Software Command Injection Vulnerability - SecAlerts

Trust: 4.75

Fetched: March 2, 2025, 9:29 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os
db: NVD ids: CVE-2025-20161

Multiple Vulnerabilities Discovered in NVIDIA CUDA Toolkit - Cyber Security Review

Trust: 4.5

Fetched: March 2, 2025, 9:28 a.m., Published: Feb. 19, 2025, 7 a.m.
 Vulnerabilities: path traversal, command execution
Affected productsExternal IDs
vendor: mitel model: micollab
vendor: palo model: networks
vendor: palo model: ssl vpn
db: NVD ids: CVE-2024-53872, CVE-2024-53870, CVE-2024-53873, CVE-2024-41713, CVE-2024-53871, CVE-2024-55550

Linux Grub Read Command Buffer Overflow Vulnerability Enabling Potential Secure Boot Bypass

Trust: 4.75

Fetched: March 2, 2025, 9:27 a.m., Published: Feb. 25, 2025, 12:07 p.m.
 Vulnerabilities: buffer overflow, memory corruption, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2025-0690

Update Canonical Ubuntu Desktop: USN-7287-1: libcap2 vulnerability

Trust: 3.25

Fetched: March 2, 2025, 9:22 a.m., Published: Jan. 2, 7287, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Securing Smart Homes: Protecting Multi-Device Architectures from Cyber Threats - IBTimes India

Trust: 3.5

Fetched: March 2, 2025, 9:21 a.m., Published: March 2, 2025, 7:18 a.m.
 Vulnerabilities: authentication bypass, cross-site scripting
Affected productsExternal IDs

Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability - Cisco

Trust: 5.0

Fetched: March 2, 2025, 9:21 a.m., Published: Feb. 19, 2025, 10:18 a.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: series

VU#726882 - Paragon Partition Manager contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks

Trust: 3.75

Fetched: March 2, 2025, 9:20 a.m., Published: Feb. 28, 2025, midnight
 Vulnerabilities: resource access vulnerability, improper validation, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2025-0285, CVE-2025-0289, CVE-2025-0286, CVE-2025-0287, CVE-2025-0288

Google quietly fixed USB flaw that left over a billion Android devices exposed | Digital Trends

Trust: 3.75

Fetched: March 2, 2025, 9:19 a.m., Published: Feb. 28, 2025, 11:20 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: note
vendor: samsung model: samsung
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
db: NVD ids: CVE-2024-50302, CVE-2024-53104, CVE-2024-53197

Android 11 Security Release Notes | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202010-1328

Trust: 4.75

Fetched: March 2, 2025, 9:13 a.m., Published: March 11, 2025, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2020-0300, CVE-2020-0323, CVE-2020-0307, CVE-2020-0289, CVE-2020-0288, CVE-2020-0332, CVE-2020-0337, CVE-2019-5094, CVE-2020-0348, CVE-2020-0349, CVE-2020-0326, CVE-2020-0330, CVE-2020-0360, CVE-2020-0290, CVE-2020-0366, CVE-2020-0405, CVE-2020-0357, CVE-2019-13752, CVE-2020-0277, CVE-2020-0365, CVE-2020-0270, CVE-2020-0340, CVE-2020-0425, CVE-2020-0303, CVE-2020-0356, CVE-2020-0298, CVE-2020-0353, CVE-2020-0262, CVE-2020-0274, CVE-2020-0271, CVE-2020-0130, CVE-2019-13753, CVE-2020-0350, CVE-2020-0426, CVE-2020-0343, CVE-2019-13751, CVE-2020-0275, CVE-2020-0304, CVE-2020-0369, CVE-2020-0372, CVE-2020-0308, CVE-2020-0333, CVE-2020-0272, CVE-2020-0286, CVE-2020-0334, CVE-2020-0292, CVE-2020-0370, CVE-2020-0306, CVE-2020-0276, CVE-2020-0352, CVE-2020-0355, CVE-2020-0268, CVE-2020-0346, CVE-2020-0329, CVE-2020-0320, CVE-2020-0317, CVE-2020-0089, CVE-2020-0354, CVE-2020-0311, CVE-2019-8842, CVE-2020-0314, CVE-2020-0373, CVE-2020-0266, CVE-2020-0282, CVE-2020-0359, CVE-2020-0322, CVE-2020-0295, CVE-2020-0309, CVE-2020-0263, CVE-2020-0287, CVE-2020-0313, CVE-2020-0281, CVE-2020-0285, CVE-2020-0336, CVE-2020-0297, CVE-2020-0310, CVE-2020-0331, CVE-2020-0324, CVE-2020-0358, CVE-2020-0316, CVE-2020-0335, CVE-2020-0312, CVE-2020-0318, CVE-2020-3898, CVE-2020-0299, CVE-2020-27098, CVE-2020-0296, CVE-2020-0362, CVE-2020-0264, CVE-2020-27097, CVE-2020-0361, CVE-2020-0319, CVE-2020-0406, CVE-2020-0364, CVE-2020-0321, CVE-2020-0328, CVE-2020-0341, CVE-2020-0284, CVE-2020-0265, CVE-2021-0846, CVE-2020-0291, CVE-2020-0125, CVE-2020-0345, CVE-2020-0315, CVE-2020-0374, CVE-2020-0325, CVE-2020-0375, CVE-2020-0351, CVE-2020-0302, CVE-2020-0273, CVE-2020-0279, CVE-2020-0363, CVE-2020-0301, CVE-2019-13734, CVE-2020-0269, CVE-2020-0267, CVE-2020-0293, CVE-2020-0347, CVE-2020-0344, CVE-2020-0327

Apple's Find My Vulnerability Allows Hackers To Monitor Any Bluetooth Device - CloudBrain

Trust: 4.0

Fetched: Feb. 28, 2025, 9:33 a.m., Published: Feb. 27, 2025, 10:14 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: software update