Sign-up

VARIoT news about IoT security

Zyxel NAS Devices Vulnerability Attackers Execute Code Remotely

Trust: 5.5

Fetched: June 5, 2024, 9:04 a.m., Published: June 4, 2024, 9:08 a.m.
 Vulnerabilities: code execution, command injection, privilege management vulnerability
Affected productsExternal IDs
vendor: zyxel model: nas326
vendor: zyxel model: nas542
db: NVD ids: CVE-2024-29973, CVE-2024-29974, CVE-2024-29972, CVE-2024-29975, CVE-2024-29976

Configuring updates of anti-malware databases on Android devices

Trust: 3.0

Fetched: June 4, 2024, 10:02 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Critical Vulnerabilities found in GE HealthCare Ultrasound Systems

Trust: 4.5

Fetched: June 4, 2024, 9:56 a.m., Published: May 20, 2024, midnight
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2020-6977, CVE-2024-1628

CVE-2024-1629 - Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component - SecAlerts

Trust: 5.0

Fetched: June 4, 2024, 9:56 a.m., Published: June 6, 2024, midnight
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2024-1629

Chrome update patches actively exploited zero-day vulnerability

Trust: 4.75

Fetched: June 4, 2024, 9:55 a.m., Published: May 27, 2024, 9:25 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2024-5274

SMB and Null Sessions: Why Your Pen Test is Probably Wrong - Microsoft Community Hub

Trust: 3.75

Fetched: June 4, 2024, 9:54 a.m., Published: May 21, 2024, 8:26 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: wireshark model: wireshark
db: NVD ids: CVE-1999-0520, CVE-1999-0519

CERT-In warns users about a bug in Checkpoint gateway products

Trust: 3.75

Fetched: June 4, 2024, 9:52 a.m., Published: June 4, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: check point model: security gateway
vendor: check point model: check point
vendor: checkpoint model: security gateway
vendor: checkpoint model: check point
db: NVD ids: CVE-2024-24919

CVE-2024-3661 Impact of TunnelVision Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202405-0458

Trust: 3.75

Fetched: June 4, 2024, 9:51 a.m., Published: May 16, 2024, 4 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: apple model: macos
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: networks
db: NVD ids: CVE-2024-3661

Top IoT platform supply chain vulnerabilities put 100+ million devices at risk - security cameras and baby monitors under threat - SILICONFIT

Trust: 6.0

Fetched: June 4, 2024, 9:51 a.m., Published: May 15, 2024, 1:36 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6321, CVE-2023-6322, CVE-2023-6324, CVE-2023-6323

Security Week 2422: Vulnerabilities in QNAP devices - TechBurst Magazine

Trust: 4.25

Fetched: June 4, 2024, 9:50 a.m., Published: May 27, 2024, 4:12 p.m.
 Vulnerabilities: memory corruption, code execution, denial of service
Affected productsExternal IDs
vendor: tesla model: model 3
vendor: tesla model: model
db: NVD ids: CVE-2024-27130

CVE-2024-36955 - vulnerability database | Vulners.com

Trust: 4.25

Fetched: June 4, 2024, 9:50 a.m., Published: June 3, 2024, 2:04 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: alsa model: alsa
db: NVD ids: CVE-2024-36955

CVE-2024-36022 drm/amdgpu: Init zone device and drm client a... - vulnerability database | Vulners.com

Trust: 4.25

Fetched: June 4, 2024, 9:49 a.m., Published: May 30, 2024, 3:03 p.m.
 Vulnerabilities: kernel panic
Affected productsExternal IDs
db: NVD ids: CVE-2024-36022

ICS Medical Advisory: Baxter Welch Allyn Connex Spot Monitor - globalregulatoryinsights

Trust: 3.0

Fetched: June 4, 2024, 9:47 a.m., Published: May 30, 2024, 4:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-1275

Top 5 CVEs and Vulnerabilities of May 2024 - Strobes

Trust: 4.25

Fetched: June 4, 2024, 9:46 a.m., Published: June 3, 2024, 10:46 a.m.
 Vulnerabilities: cross-site scripting, code execution, authentication bypass...
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point model: security gateway
vendor: checkpoint model: check point
vendor: checkpoint model: security gateway
db: NVD ids: CVE-2024-24919, CVE-2024-4985, CVE-2024-27348, CVE-2024-4835, CVE-2024-27130

ACSC Alert for Check Points’ Quantum Security Gateway Device Vulnerability - Australian Cyber Security Magazine

Trust: 3.75

Fetched: June 4, 2024, 9:46 a.m., Published: June 3, 2024, 2:09 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: security gateway
vendor: check point model: check point
vendor: check point model: quantum security gateway
db: NVD ids: CVE-2024-24919

ERROR: The request could not be satisfied

Trust: 3.25

Fetched: June 4, 2024, 9:45 a.m., Published: May 31, 2024, midnight
 Vulnerabilities: configuration error
Affected productsExternal IDs

CPCI85 Central Processing/Communication Vulnerability: Command Injection Risk (CVE-2024-31485) | SecurityVulnerability.io - SecuirtyVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202405-0176

Trust: 3.25

Fetched: June 4, 2024, 9:39 a.m., Published: June 4, 2024, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-31485

Check Point releases emergency fix after hackers target VPNs - The Hindu

Trust: 3.0

Fetched: June 4, 2024, 9:38 a.m., Published: May 31, 2024, 11:03 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

11 BEST Network Scanning Tools (2024)

Trust: 4.25

Fetched: June 4, 2024, 9:35 a.m., Published: June 1, 2024, 7:16 a.m.
 Vulnerabilities: injection attack, sql injection
Affected productsExternal IDs
vendor: citrix model: licensing
vendor: google model: android
vendor: google model: home
vendor: blackberry model: link
vendor: blackberry model: blackberry
vendor: cisco model: router
vendor: cisco model: routers

Threats, Vulnerabilities, Exploits and Their Relationship to Risk | F5 Labs

Related entries in the VARIoT vulnerabilities database: VAR-202102-0898

Trust: 3.75

Fetched: June 4, 2024, 9:34 a.m., Published: Feb. 23, 2021, 7:55 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2021-20016