Sign-up

VARIoT news about IoT security

CVE-2024-39950 - "Dahua Device Initialization Overwrite Vulnerability"

Trust: 3.0

Fetched: Aug. 2, 2024, 9:06 a.m., Published: July 31, 2024, 4:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-39950

Android security checkup: 18 steps to a safer phone - Computerworld

Trust: 3.5

Fetched: July 31, 2024, 9:27 a.m., Published: July 24, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: pixel
vendor: google model: android
vendor: samsung model: android phone

[2024] Advanced VAPT Interview Questions - Web Asha

Trust: 3.5

Fetched: July 31, 2024, 9:23 a.m., Published: July 29, 2024, 6 p.m.
 Vulnerabilities: information disclosure, cross-site scripting, sql injection...
Affected productsExternal IDs

Infostealer Logs Unmask Pedophiles, Twilio API Hack, and Rockwell Device Vulnerabilities - Go REF

Trust: 4.5

Fetched: July 31, 2024, 9:22 a.m., Published: July 4, 2024, 1:36 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: rockwell automation model: automation panelview plus
vendor: rockwell automation model: automation panelview
vendor: rockwell model: automation panelview plus
vendor: rockwell model: automation panelview

Acronis Issues Urgent Patch for High-Risk Vulnerability

Trust: 4.25

Fetched: July 31, 2024, 9:22 a.m., Published: July 30, 2024, 9:29 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-45249

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: July 31, 2024, 9:21 a.m., Published: July 10, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

CVE-2024-42116 - "Ionic Gigabit Controller (igc) Uninitialized Net Device Log Information Exposure"

Trust: 4.25

Fetched: July 31, 2024, 9:17 a.m., Published: July 30, 2024, 8:15 a.m.
 Vulnerabilities: information exposure
Affected productsExternal IDs
db: NVD ids: CVE-2024-42116

CVE-2024-40818 - vulnerability database | Vulners.com

Trust: 4.0

Fetched: July 31, 2024, 9:15 a.m., Published: July 29, 2024, 11:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2024-40818

CVE-2024-7205 - eWeLink Cloud Service Data Exposure and Command Injection Vulnerability

Trust: 5.25

Fetched: July 31, 2024, 9:15 a.m., Published: July 31, 2024, 6:15 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-7205

Android’s July 2024 Security Update : 27 vulnerabilities Patched

Related entries in the VARIoT vulnerabilities database: VAR-202407-1872, VAR-202407-0013, VAR-202407-1709, VAR-202407-0076, VAR-202407-0093

Trust: 4.75

Fetched: July 31, 2024, 9:13 a.m., Published: July 3, 2024, 3:06 a.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-4610, CVE-2024-21462, CVE-2024-23380, CVE-2024-21465, CVE-2024-20076, CVE-2024-34726, CVE-2024-31335, CVE-2024-26923, CVE-2024-0153, CVE-2024-21461, CVE-2024-20077, CVE-2024-34724, CVE-2024-31334, CVE-2024-34725, CVE-2024-21460, CVE-2024-21469, CVE-2024-23372, CVE-2024-23373, CVE-2024-23368

CVE-2024-21741 - GigaDevice GD32E103C8T6 Vulnerability: Incomplete Device File Access Protection

Trust: 3.0

Fetched: July 31, 2024, 9:11 a.m., Published: June 25, 2024, 9:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-21741

IoT Security: A Call to Action for Improved Vulnerability Disclosure

Trust: 4.5

Fetched: July 31, 2024, 9:10 a.m., Published: July 10, 2024, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: huawei model: huawei

CVE-2023-3939 - Multiple command injection in ZkTeco-based OEM devices - SecAlerts

Trust: 4.75

Fetched: July 31, 2024, 9:10 a.m., Published: May 21, 2024, midnight
 Vulnerabilities: os command injection, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-3939

iommu: Return right value in iommu_sva_bind_device() (CVE-2024-40945) | SecurityVulnerability.io - SecuirtyVulnerability.io

Trust: 5.0

Fetched: July 31, 2024, 9:09 a.m., Published: July 31, 2024, midnight
 Vulnerabilities: pointer dereference issue
Affected productsExternal IDs
db: NVD ids: CVE-2024-40945

Understanding the CVE-2024-7205 Vulnerability in eWeLink

Trust: 3.75

Fetched: July 31, 2024, 9:08 a.m., Published: July 31, 2024, 8:36 a.m.
 Vulnerabilities: information leakage
Affected productsExternal IDs
db: NVD ids: CVE-2024-7205

Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it | Ars Technica

Trust: 4.75

Fetched: July 31, 2024, 9:08 a.m., Published: July 10, 2024, 9:44 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point

Microsoft fixes zero-day vulnerability in Internet Explorer abused by cyber-criminals for over a year | TechSpot

Trust: 5.0

Fetched: July 30, 2024, 9:28 a.m., Published: July 6, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2024-38112

CVE-2024-41085 - cxl/mem: Fix no cxl_nvd during pmem region auto-assembling - SecAlerts

Trust: 3.0

Fetched: July 30, 2024, 9:27 a.m., Published: July 29, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-41085

CVE-2024-42127 - drm/lima: fix shared irq handling on driver remove - SecAlerts

Trust: 3.0

Fetched: July 30, 2024, 9:26 a.m., Published: July 30, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-42127

CVE-2024-41637: Critical Vulnerability in RaspAP Exposes Raspberry Pi to Complete Control

Trust: 3.25

Fetched: July 30, 2024, 9:26 a.m., Published: July 29, 2024, 7:17 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-41637