Sign-up

VARIoT news about IoT security

Frontiers | Threat modelling in Internet of Things (IoT) environments using dynamic attack graphs

Related entries in the VARIoT vulnerabilities database: VAR-202206-1951, VAR-201707-0956, VAR-202208-2200

Trust: 5.75

Fetched: June 16, 2024, 9:38 a.m., Published: April 10, 2024, midnight
 Vulnerabilities: information leak
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2017-0785, CVE-2021-41635, CVE-2017-6753, CVE-2022-30318, CVE-2017-1000251, CVE-2009-2446, CVE-2017-8628

Top 100 Vulnerabilities in Cybersecurity - Tech Hyme

Trust: 4.5

Fetched: June 16, 2024, 9:37 a.m., Published: June 11, 2024, 4:38 p.m.
 Vulnerabilities: account lockout, command injection, local file inclusion...
Affected productsExternal IDs

Google Urgently Fixes a Zero Day Vulnerability - ZAM

Trust: 5.5

Fetched: June 16, 2024, 9:35 a.m., Published: June 15, 2024, 7:59 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32899, CVE-2024-32898, CVE-2024-32896, CVE-2024-32897

Cisco Firepower Management Center Software Object Group Acce... - vulnerability database | Vulners.com

Trust: 3.0

Fetched: June 16, 2024, 9:35 a.m., Published: June 14, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower management center
vendor: cisco model: firepower
vendor: cisco model: cisco firepower management center

CVE-2024-36949: Vulnerability in linux-libc-dev - Kernel: amd/amdkfd: Sync All Devices to Wait All Processes Being Evicted

Trust: 3.0

Fetched: June 16, 2024, 9:35 a.m., Published: May 30, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-36949

20 Best Security Testing Tools In 2024 - The CTO Club

Trust: 3.5

Fetched: June 16, 2024, 9:34 a.m., Published: June 14, 2024, 6:46 p.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs

CVE-2024-31163 ASUS Download Master - Buffer Overflow - vulnerability database | Vulners.com

Trust: 5.25

Fetched: June 16, 2024, 9:29 a.m., Published: June 14, 2024, 6:52 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2024-31163

Siemens SIMATIC S7-200 SMART Devices - vulnerability database | Vulners.com

Related entries in the VARIoT vulnerabilities database: VAR-202406-0059

Trust: 3.5

Fetched: June 16, 2024, 9:27 a.m., Published: June 13, 2024, noon
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: simatic s7-200 smart cpu st40
vendor: siemens model: simatic s7-200 smart
vendor: siemens model: simatic s7-200
vendor: siemens model: simatic s7-200 smart cpu sr30
vendor: siemens model: simatic s7-200 smart cpu
vendor: siemens model: simatic
vendor: siemens model: simatic s7-200 smart cpu sr40
vendor: siemens model: simatic s7-200 smart cpu sr60
vendor: siemens model: simatic s7-200 smart cpu cr60
vendor: siemens model: simatic s7-200 smart cpu st30
vendor: siemens model: s7-200 smart
vendor: siemens model: simatic s7-200 smart cpu sr20
vendor: siemens model: simatic s7-200 smart cpu cr40
vendor: siemens model: simatic s7-200 smart cpu st20
vendor: siemens model: simatic s7-200 smart cpu st60
db: NVD ids: CVE-2024-35292

Response to vulnerabilities in OKI’s digital multi-function peripherals | 2024 | Security Bulletins | OKI Europe Ltd

Trust: 3.75

Fetched: June 16, 2024, 9:27 a.m., Published: June 16, 2024, midnight
 Vulnerabilities: os command injection, authentication bypass, default credentials...
Affected productsExternal IDs
db: NVD ids: CVE-2024-3497, CVE-2024-27154, CVE-2024-27164, CVE-2024-27156, CVE-2024-27146, CVE-2024-27153, CVE-2024-27171, CVE-2024-27144, CVE-2024-27142, CVE-2024-27169, CVE-2024-27143, CVE-2024-27147, CVE-2024-27157, CVE-2024-7145, CVE-2024-27180, CVE-2024-3498, CVE-2024-27167, CVE-2024-27173, CVE-2024-27163, CVE-2024-27178, CVE-2024-27161, CVE-2024-27168, CVE-2024-27165, CVE-2024-27150, CVE-2024-27175, CVE-2024-27176, CVE-2024-27152, CVE-2024-27166, CVE-2024-3496, CVE-2024-27160, CVE-2024-27158, CVE-2024-27141, CVE-2024-27149, CVE-2024-27159, CVE-2024-27162, CVE-2024-27151, CVE-2024-27174, CVE-2024-27170, CVE-2024-27148, CVE-2024-27155, CVE-2024-27179, CVE-2024-27172

Beware! Zero-click RCE Exploit for iMessage Circulating

Trust: 5.25

Fetched: June 16, 2024, 9:26 a.m., Published: April 25, 2024, 1:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone

Cisco Releases Critical Security Updates to Fix Firewall 0-Days

Trust: 4.5

Fetched: June 16, 2024, 9:25 a.m., Published: April 25, 2024, 7:42 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: device manager
vendor: cisco model: asa series
vendor: cisco model: series
vendor: cisco model: firepower management center
vendor: cisco model: asa software
db: NVD ids: CVE-2024-20358, CVE-2024-20359, CVE-2024-20353

10 Best Web Vulnerability Scanners for Continuous Security | Geekflare

Trust: 3.5

Fetched: June 16, 2024, 9:24 a.m., Published: Jan. 28, 2017, 12:45 p.m.
 Vulnerabilities: os command injection, code execution, file inclusion...
Affected productsExternal IDs

Samsung Mobile Flaw Let Attackers Execute Arbitrary Code

Trust: 5.5

Fetched: June 16, 2024, 9:24 a.m., Published: May 7, 2024, 10:09 a.m.
 Vulnerabilities: memory corruption, code execution, authentication bypass...
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
vendor: samsung model: mobile devices
vendor: google model: android
db: NVD ids: CVE-2024-20865, CVE-2024-20861, CVE-2024-20866, CVE-2024-20862, CVE-2024-20856, CVE-2024-20864, CVE-2024-20855

Cisco IOS Vulnerability Allows DOS Attacks via Malicious Traffic

Trust: 5.75

Fetched: June 16, 2024, 9:23 a.m., Published: April 8, 2024, 2:21 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: catalyst 6000
vendor: cisco model: cisco catalyst 6000 series
vendor: cisco model: catalyst 6000 series
vendor: cisco model: ios software
vendor: cisco model: catalyst
vendor: cisco model: series switches
vendor: cisco model: cisco ios
vendor: cisco model: catalyst 6500 series
vendor: cisco model: routers
vendor: cisco model: supervisor engine
vendor: cisco model: series
vendor: cisco model: catalyst 6500
vendor: cisco systems model: catalyst 6000
vendor: cisco systems model: cisco catalyst 6000 series
vendor: cisco systems model: catalyst 6000 series
vendor: cisco systems model: ios software
vendor: cisco systems model: catalyst
vendor: cisco systems model: series switches
vendor: cisco systems model: cisco ios
vendor: cisco systems model: catalyst 6500 series
vendor: cisco systems model: routers
vendor: cisco systems model: supervisor engine
vendor: cisco systems model: series
vendor: cisco systems model: catalyst 6500
db: NVD ids: CVE-2024-20276

Fortinet Hacks Led To 20,000 FortiGate Devices Breached: Report

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.25

Fetched: June 14, 2024, 9:47 a.m., Published: June 11, 2024, 1:24 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says | Ars Technica

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.75

Fetched: June 14, 2024, 9:46 a.m., Published: June 11, 2024, 10:56 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

ARM Discloses Exploited Vulnerability in Mali GPU Drivers - WinBuzzer

Trust: 3.75

Fetched: June 14, 2024, 9:46 a.m., Published: June 11, 2024, 4:27 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: roku model: roku ultra
vendor: roku model: ultra
vendor: roku model: roku
vendor: amazon model: fire tv
vendor: apple model: iphone
vendor: apple model: watch
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: google model: pixel
vendor: google model: android
vendor: tesla model: model
vendor: tesla model: model 3
db: NVD ids: CVE-2024-4610, CVE-2023-4211

Cyber Security News Weekly Round-Up June(Vulnerabilities, Cyber Attacks, Threats & New Stories)

Related entries in the VARIoT vulnerabilities database: VAR-202203-1978

Trust: 4.25

Fetched: June 14, 2024, 9:29 a.m., Published: June 9, 2024, 12:26 p.m.
 Vulnerabilities: security feature bypass, memory corruption, command injection...
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: android
vendor: google model: chrome
vendor: cisco model: routers
vendor: cisco model: cisco webex
vendor: cisco model: webex meetings
vendor: cisco model: series
vendor: cisco model: meeting
vendor: cisco model: webex
vendor: cisco model: cisco webex meetings
vendor: zyxel model: nas542
vendor: zyxel model: nas326
db: NVD ids: CVE-2024-24919, CVE-2024-32850, CVE-2024-29974, CVE-2024-4577, CVE-2017-3506, CVE-2024-27822, CVE-2024-29972, CVE-2023-32233, CVE-2024-29973, CVE-2024-4358, CVE-2022-26243

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

Related entries in the VARIoT vulnerabilities database: VAR-202203-1978

Trust: 5.25

Fetched: June 14, 2024, 9:27 a.m., Published: June 3, 2024, midnight
 Vulnerabilities: security feature bypass, memory corruption, command injection...
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: android
vendor: google model: chrome
vendor: cisco model: webex meetings
vendor: cisco model: series
vendor: cisco model: meeting
vendor: cisco model: webex
vendor: zyxel model: nas542
vendor: zyxel model: nas326
db: NVD ids: CVE-2024-24919, CVE-2024-32850, CVE-2024-29974, CVE-2024-4577, CVE-2017-3506, CVE-2024-27822, CVE-2024-29972, CVE-2023-32233, CVE-2024-29973, CVE-2024-4358, CVE-2022-26243

CVE-2023-3942 Multiple SQLi in ZkTeco-based OEM devices - vulnerability database | Vulners.com

Trust: 5.0

Fetched: June 14, 2024, 9:26 a.m., Published: May 21, 2024, 12:23 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-3942