Sign-up

VARIoT news about IoT security

About the security content of macOS Sequoia 15.1.1 - Apple Support

Trust: 5.75

Fetched: Dec. 17, 2024, 10:16 a.m., Published: Jan. 15, 2001, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2024-44309, CVE-2024-44308

Update now! Apple releases new security patches for vulnerabilities in iPhones, Macs, and more - Cyber Security Review

Trust: 4.75

Fetched: Dec. 17, 2024, 10:16 a.m., Published: Dec. 12, 2024, 7:03 a.m.
 Vulnerabilities: certificate validation vulnerability
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: safari
vendor: sonicwall model: netextender
vendor: sonicwall model: sma100
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2024-45490, CVE-2024-48865, CVE-2024-29014

Update Canonical Ubuntu Server: USN-7162-1: curl vulnerability

Trust: 3.25

Fetched: Dec. 17, 2024, 10:14 a.m., Published: Jan. 17, 7162, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Ivanti Releases Security Updates for Multiple Products - Cyber Security Review

Trust: 4.75

Fetched: Dec. 17, 2024, 10:13 a.m., Published: Dec. 11, 2024, 7 a.m.
 Vulnerabilities: certificate validation vulnerability
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: safari
vendor: sonicwall model: netextender
vendor: sonicwall model: sma100
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2024-48865, CVE-2024-29014

The most common vulnerabilities in your external attack surface - Outpost24

Trust: 3.75

Fetched: Dec. 17, 2024, 10:11 a.m., Published: Sept. 12, 2023, 7:26 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2022-47986

Apple Vulnerabilities Could Endanger Your Crypto

Trust: 3.5

Fetched: Dec. 17, 2024, 10:06 a.m., Published: Nov. 22, 2024, 12:30 p.m.
 Vulnerabilities: cross-site scripting, code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macbook

Exploring CISA’s 2023 Top Routinely Exploited Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.5

Fetched: Dec. 17, 2024, 10:02 a.m., Published: Dec. 17, 2023, midnight
 Vulnerabilities: memory leak, information disclosure, authentication bypass...
Affected productsExternal IDs
vendor: barracuda model: barracuda
vendor: citrix model: netscaler
vendor: citrix model: gateway
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: ubiquiti model: unifi
vendor: ubiquiti model: unifi controller
db: NVD ids: CVE-2021-44228, CVE-2023-34362, CVE-2023-3519, CVE-2023-49103, CVE-2023-20273, CVE-2023-27997, CVE-2022-47966, CVE-2023-22515, CVE-2023-27350, CVE-2023-20198, CVE-2023-4966, CVE-2023-42793

CERT-In Alert: Multiple Vulnerabilities in Android Impacting Millions of Devices - Source:cyble.com - CISO2CISO.COM & CYBER SECURITY GROUP

Trust: 5.5

Fetched: Dec. 17, 2024, 10:01 a.m., Published: Nov. 26, 2024, 11:03 p.m.
 Vulnerabilities: privilege escalation, code execution, denial of service
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-35659, CVE-2024-43093, CVE-2024-21455, CVE-2024-38402, CVE-2024-20104

Update Canonical Ubuntu Desktop: USN-7157-1: PHP vulnerabilities

Trust: 4.0

Fetched: Dec. 17, 2024, 10 a.m., Published: Jan. 17, 7157, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-8932, CVE-2024-11234, CVE-2024-11233, CVE-2024-8929, CVE-2024-11236

CISA Vulnerability Bulletin Dec 2024 : Over 270 Critical Vulnerabilities Listed

Related entries in the VARIoT vulnerabilities database: VAR-202412-0289

Trust: 5.5

Fetched: Dec. 17, 2024, 9:59 a.m., Published: Dec. 10, 2024, 6:07 a.m.
 Vulnerabilities: file inclusion, sql injection, privilege escalation...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: google model: nexus
vendor: google model: wifi
vendor: google model: android
db: NVD ids: CVE-2024-53940, CVE-2024-51550, CVE-2024-37861, CVE-2024-38920, CVE-2024-53908, CVE-2024-52547, CVE-2024-11317, CVE-2024-12053, CVE-2024-53981, CVE-2024-10516, CVE-2024-11391, CVE-2024-52335, CVE-2024-9200, CVE-2024-47547, CVE-2018-9380, CVE-2024-54221, CVE-2024-48839, CVE-2018-9430, CVE-2024-51541, CVE-2024-54209

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated) - Cyber Security Review

Trust: 4.5

Fetched: Dec. 17, 2024, 9:58 a.m., Published: Nov. 20, 2024, 7:05 a.m.
 Vulnerabilities: authentication bypass, privilege escalation, command execution...
Affected productsExternal IDs
vendor: trend micro model: security
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: ssl vpn
vendor: palo alto networks model: networks
vendor: palo model: pan-os
vendor: palo model: ssl vpn
vendor: palo model: networks
vendor: trend model: security
vendor: mitel model: micollab
db: NVD ids: CVE-2024-9474, CVE-2024-55550, CVE-2024-0012, CVE-2024-41713

Multiple Critical Vulnerabilities Affected Dell Wyse Management Suite

Trust: 4.5

Fetched: Dec. 17, 2024, 9:58 a.m., Published: Nov. 26, 2024, 7:20 a.m.
 Vulnerabilities: authentication bypass, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-49596, CVE-2024-49597, CVE-2024-7553, CVE-2024-49595

Update Canonical Ubuntu Server: USN-7151-1: oFono vulnerabilities

Trust: 5.25

Fetched: Dec. 17, 2024, 9:58 a.m., Published: Dec. 17, 2070, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2023-4235, CVE-2023-4232

SSA-354569

Trust: 5.5

Fetched: Dec. 17, 2024, 9:57 a.m., Published: Dec. 1, 2024, midnight
 Vulnerabilities: authentication bypass, privilege escalation, command injection...
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
db: NVD ids: CVE-2024-2552, CVE-2024-9474, CVE-2024-2550, CVE-2024-0012

Vulnerability (CVE-2024-54143 ) Discovered in OpenWrt's Firmware Upgrade System

Trust: 4.25

Fetched: Dec. 17, 2024, 9:57 a.m., Published: Dec. 13, 2024, 12:19 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-54143

Update Barco ClickShare C-10: Fix vulnerability CVE-2024-53919

Trust: 3.75

Fetched: Dec. 17, 2024, 9:56 a.m., Published: Dec. 10, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: pixel
vendor: barco model: clickshare
db: NVD ids: CVE-2024-53919

QNAP Fixes Several Vulnerabilities Affecting High-End NAS Devices - Cyber Security Review

Trust: 4.75

Fetched: Dec. 17, 2024, 9:56 a.m., Published: Dec. 10, 2024, 7:12 a.m.
 Vulnerabilities: certificate validation vulnerability
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: safari
vendor: sonicwall model: netextender
vendor: sonicwall model: sma100
vendor: sonicwall model: ssl vpn
db: NVD ids: CVE-2024-48865, CVE-2024-29014

Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer: Software Vulnerability Information: Software: Hitachi

Trust: 4.0

Fetched: Dec. 17, 2024, 9:49 a.m., Published: Dec. 9, 2024, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: hitachi model: hitachi infrastructure analytics advisor

Project Zero: The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202409-0013

Trust: 4.25

Fetched: Dec. 17, 2024, 9:46 a.m., Published: Dec. 15, 2024, midnight
 Vulnerabilities: kernel panic, privilege escalation, code execution...
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: google model: android
db: NVD ids: CVE-2024-43047, CVE-2024-21455, CVE-2024-33060, CVE-2024-49848

16th December - Threat Intelligence Report - Check Point Research

Trust: 4.5

Fetched: Dec. 17, 2024, 9:45 a.m., Published: Dec. 16, 2024, 7:36 a.m.
 Vulnerabilities: privilege escalation, use after free
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: check point model: check point
db: NVD ids: CVE-2024-49138, CVE-2024-54526, CVE-2024-12381, CVE-2024-12382