Sign-up

VARIoT news about IoT security

Google just fixed a zero-day kernel flaw used by hackers and 47 other vulnerabilities - update your Android phone right now | Tom's Guide

Trust: 5.5

Fetched: Feb. 26, 2025, 9:41 a.m., Published: Feb. 4, 2025, 12:02 a.m.
 Vulnerabilities: privilege escalation, memory corruption
Affected productsExternal IDs
vendor: oneplus model: one
vendor: oneplus model: oneplus
vendor: samsung model: android phone
vendor: samsung model: samsung
vendor: google model: android
vendor: google model: chrome
vendor: google model: pixel
vendor: motorola model: android
vendor: motorola model: motorola
db: NVD ids: CVE-2024-45569, CVE-2024-53104

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers | TechCrunch

Trust: 3.0

Fetched: Feb. 26, 2025, 9:40 a.m., Published: Feb. 5, 2025, 10:08 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-40890, CVE-2024-40891

System BIOS komputerów Dell OptiPlex 3070 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: Feb. 26, 2025, 9:39 a.m., Published: Feb. 26, 3070, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: optiplex

Types of Cyber Security: Protect Your Business from Cybersecurity Threats

Trust: 4.75

Fetched: Feb. 26, 2025, 9:39 a.m., Published: Jan. 29, 2025, 5:40 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: essential model: phone

Apple Patches iOS Zero-Day Vulnerabilities

Trust: 4.75

Fetched: Feb. 26, 2025, 9:38 a.m., Published: Jan. 29, 2025, 3:41 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: macos
vendor: apple model: watchos

Addressing CVE-2025-24870: A Medium-Severity Vulnerability in SAP GUI for Windows

Trust: 4.25

Fetched: Feb. 26, 2025, 9:36 a.m., Published: Feb. 8, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2025-24870

Brocade SANnav Management Software Vulnerabilities Enable Device Compromise - Advisories

Trust: 3.25

Fetched: Feb. 26, 2025, 9:36 a.m., Published: Sept. 30, 2024, 12:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-2859, CVE-2024-29961, CVE-2024-29963, CVE-2024-29960, CVE-2024-29966

Chrome Buffer Overflow Vulnerabilities Allow Arbitrary Code Execution

Trust: 5.5

Fetched: Feb. 26, 2025, 9:30 a.m., Published: Feb. 19, 2025, 2:43 a.m.
 Vulnerabilities: buffer overflow, improper memory management, heap corruption...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2025-0999, CVE-2022-4135, CVE-2025-1426, CVE-2025-1006

2,850+ Ivanti Connect Secure Devices Exposed to Potential Cyberattacks

Trust: 5.0

Fetched: Feb. 26, 2025, 9:30 a.m., Published: Feb. 26, 2025, 6:01 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2025-22467

Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack

Trust: 3.75

Fetched: Feb. 26, 2025, 9:30 a.m., Published: Feb. 24, 2025, 8:57 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wireshark model: wireshark
db: NVD ids: CVE-2018-16058, CVE-2018-16057, CVE-2025-1492, CVE-2018-16056

Enhancing Smart Home Security: Blockchain-Enabled Federated Learning with Knowledge Distillation for Intrusion Detection

Trust: 3.25

Fetched: Feb. 26, 2025, 9:27 a.m., Published: Feb. 17, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google home
vendor: google model: home
vendor: ecobee model: smart thermostat
vendor: axis model: axis
vendor: axis model: communications
vendor: snort model: snort
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: samsung model: samsung

Responding to Chrome's Latest Security Vulnerabilities: Update to Chrome 132 ...

Trust: 4.25

Fetched: Feb. 26, 2025, 9:26 a.m., Published: -
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2025-0762, CVE-2025-0612, CVE-2025-0611

Citrix NetScaler Vulnerability Allows Unauthorized Command Execution

Trust: 5.75

Fetched: Feb. 26, 2025, 9:24 a.m., Published: Feb. 20, 2025, 2:18 a.m.
 Vulnerabilities: privilege escalation, command execution, service disruption
Affected productsExternal IDs
vendor: citrix model: netscaler
db: NVD ids: CVE-2024-20341, CVE-2024-6387, CVE-2024-12284

Update Canonical Ubuntu Server: USN-7280-1: Python vulnerability

Trust: 4.0

Fetched: Feb. 26, 2025, 9:21 a.m., Published: Jan. 26, 7280, midnight
 Vulnerabilities: request forgery
Affected productsExternal IDs
vendor: canonical model: ubuntu

CVE-2025-0858 : Path Traversal Vulnerability in Poly Edge E Devices | SecurityVulnerability.io

Trust: 4.25

Fetched: Feb. 26, 2025, 9:20 a.m., Published: Feb. 5, 2025, 2:28 p.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2025-0858

Flaws in Zettler 130.8005 Industrial Gateway Expose Systems to Remote Exploitation and DoS

Trust: 5.5

Fetched: Feb. 26, 2025, 9:19 a.m., Published: Feb. 12, 2025, midnight
 Vulnerabilities: default credentials, memory leak, authentication bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2024-12011, CVE-2024-12012, CVE-2024-12013

2850+ Ivanti Connect Secure Devices Vulnerable to Remote Code Execution Attacks

Trust: 4.75

Fetched: Feb. 26, 2025, 9:18 a.m., Published: Feb. 26, 2025, 7:59 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-0282, CVE-2025-22467

CVE-2025-0626 : Remote Access Vulnerability in Medical Device by a Leading Vendor | SecurityVulnerability.io

Trust: 3.0

Fetched: Feb. 26, 2025, 9:17 a.m., Published: Jan. 30, 2025, 6:17 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-0626

CVE-2025-25896 - Buffer Overflow - SecAlerts

Related entries in the VARIoT vulnerabilities database: VAR-202502-3667

Trust: 3.25

Fetched: Feb. 25, 2025, 9:30 a.m., Published: Feb. 5, 2025, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2025-25896

Apple Patches Critical Zero-Day Vulnerabilities | Perigon

Trust: 3.0

Fetched: Feb. 25, 2025, 9:30 a.m., Published: Jan. 27, 2025, 7:25 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: tvos