Sign-up

VARIoT news about IoT security

Critical Cisco bug allows crims to change admin passwords • The Register

Trust: 3.0

Fetched: July 28, 2024, 10:28 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20419, CVE-2024-20401

CMC | Free Full-Text | Privacy-Preserving Information Fusion Technique for Device to Server-Enabled Communication in the Internet of Things: A Hybrid Approach

Trust: 4.5

Fetched: July 28, 2024, 10:19 a.m., Published: July 18, 2024, midnight
 Vulnerabilities: server impersonation
Affected productsExternal IDs
vendor: google model: home

Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024

Trust: 3.75

Fetched: July 28, 2024, 10:11 a.m., Published: July 26, 2024, 6:19 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: unified communications
vendor: cisco model: meeting server
vendor: cisco model: catalyst 9100
vendor: cisco model: asr 5000
vendor: cisco model: packet data network gateway
vendor: cisco model: firepower threat defense
vendor: cisco model: telepresence video communication server
vendor: cisco model: access points
vendor: cisco model: cisco meeting server
vendor: cisco model: aironet 1540
vendor: cisco model: unity connection
vendor: cisco model: telepresence
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: nexus 3000
vendor: cisco model: application policy infrastructure controller
vendor: cisco model: expressway series
vendor: cisco model: emergency responder
vendor: cisco model: adaptive security appliance
vendor: cisco model: aironet 1560
vendor: cisco model: prime collaboration
vendor: cisco model: network convergence system
vendor: cisco model: series
vendor: cisco model: nx-os
vendor: cisco model: aironet 1560 series
vendor: cisco model: series wireless controllers
vendor: cisco model: connected mobile experiences
vendor: cisco model: mds 9000
vendor: cisco model: webex
vendor: cisco model: firepower
vendor: cisco model: aironet 1540 series
vendor: cisco model: catalyst 9100 series
vendor: cisco model: catalyst iw6300
vendor: cisco model: meeting
vendor: cisco model: nexus
vendor: cisco model: prime infrastructure
vendor: cisco model: roomos
vendor: cisco model: ucs manager
vendor: cisco model: mds 9000 series
vendor: cisco model: series routers
vendor: cisco model: common services platform collector
vendor: cisco model: ios xe
vendor: cisco model: fxos
vendor: cisco model: series switches
vendor: cisco model: integrated management controller
vendor: cisco model: aironet
vendor: cisco model: catalyst
vendor: cisco model: prime collaboration deployment
vendor: cisco model: ios xe software
vendor: cisco model: application services engine
vendor: cisco model: identity services engine
vendor: cisco model: nexus 9000
vendor: cisco model: catalyst 9800
vendor: cisco model: unity
vendor: cisco model: routers
vendor: cisco model: unified communications manager
vendor: cisco model: cisco meeting
vendor: cisco model: evolved programmable network manager
vendor: cisco model: expressway
vendor: cisco model: ucs director
vendor: cisco model: ucs c-series rack servers
vendor: cisco model: firepower management center
vendor: cisco model: nexus 9000 series

Enabling Safe IoT Devices with Mobile App Security | Guardsquare

Trust: 3.5

Fetched: July 28, 2024, 10:11 a.m., Published: July 29, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Photon OS 4.0: Device PHSA-2022-4.0-0269 - vulnerability database | Vulners.com

Trust: 3.0

Fetched: July 28, 2024, 10:10 a.m., Published: July 23, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-41973, CVE-2022-41974

Różnica między zagrożeniem, luką w zabezpieczeniach i ryzykiem w sieci komputerowej

Trust: 3.0

Fetched: July 28, 2024, 10:08 a.m., Published: Dec. 14, 2021, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-200901-0740, VAR-201704-1050, VAR-200201-0021, VAR-201809-0837, VAR-201704-0400, VAR-202003-0211, VAR-202103-1554, VAR-201703-0743, VAR-201711-1056, VAR-201511-0219, VAR-202112-1786, VAR-201709-0320, VAR-201704-1172, VAR-202103-1564, VAR-202106-0522, VAR-200507-0034, VAR-201304-0283, VAR-201309-0233, VAR-202209-2019, VAR-201807-0058, VAR-202301-1573, VAR-201703-1254, VAR-201704-0971, VAR-201704-0974, VAR-201704-0968

Trust: 6.25

Fetched: July 28, 2024, 10:06 a.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: memory leak, file inclusion, buffer overflow...
Affected productsExternal IDs
vendor: node.js model: node.js
vendor: cisco model: firepower extensible operating system
vendor: cisco model: hosted collaboration solution
vendor: cisco model: firepower 9000
vendor: cisco model: wireless access point
vendor: cisco model: firepower
vendor: cisco model: sn 5420 storage router
vendor: cisco model: router
vendor: cisco model: cisco firepower extensible operating system
vendor: infinix model: zero x506
vendor: infinix model: zero 2 x509
vendor: infinix model: infinix hot 2 x510
vendor: infinix model: infinix zero 2 x509
vendor: infinix model: note
vendor: infinix model: infinix hot x507
vendor: infinix model: hot 2 x510
vendor: infinix model: hot x507
vendor: infinix model: infinix zero x506
vendor: doogee model: voyager 2 dg310
vendor: doogee model: doogee voyager 2 dg310
vendor: goahead model: webserver
vendor: cohu model: 3960hd
vendor: foscam model: system
vendor: foscam model: ip camera
vendor: moxa model: awk-3131a wireless access point
vendor: moxa model: moxa awk-3131a
vendor: moxa model: awk-3131a
vendor: novell model: client
vendor: novell model: bordermanager
vendor: xolo model: xolo cube 5.0
vendor: xolo model: cube 5.0
vendor: asus model: gt-ac5300
vendor: asus model: asus
vendor: asus model: router
vendor: apple model: mac os x
vendor: apple model: webkit
vendor: apple model: mac os
vendor: apple model: iphone
vendor: apple model: iphone os
vendor: apple model: safari
vendor: apple model: ipod touch
vendor: miele model: pg8527
vendor: miele model: pg8528
vendor: miele model: pst10 webserver
vendor: miele model: pg8536
vendor: miele model: pg8535
vendor: beeline model: pro 2
vendor: beeline model: beeline pro 2
vendor: tp-link model: gateway
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: note
vendor: samsung model: galaxy s6
vendor: samsung model: note 3
vendor: citrix model: gateway
vendor: leagoo model: leagoo lead 3i
vendor: leagoo model: leagoo alfa 6
vendor: leagoo model: leagoo lead 2s
vendor: leagoo model: lead 5
vendor: leagoo model: leagoo lead 5
vendor: leagoo model: lead 2s
vendor: leagoo model: lead 6
vendor: leagoo model: leagoo lead 6
vendor: leagoo model: alfa 6
vendor: leagoo model: lead 3i
db: NVD ids: CVE-2002-2394, CVE-2009-1697, CVE-2017-3508, CVE-2002-1596, CVE-2002-1818, CVE-2017-15300, CVE-2023-27998, CVE-2007-6640, CVE-2021-30116, CVE-2019-16770, CVE-2020-26281, CVE-2018-17020, CVE-2023-25725, CVE-2015-5505, CVE-2016-2036, CVE-2020-10111, CVE-2024-24758, CVE-2022-31150, CVE-2022-24801, CVE-2021-21409, CVE-2005-4836, CVE-2022-35948, CVE-2014-0253, CVE-2006-1218, CVE-2019-4672, CVE-2017-5674, CVE-1999-1072, CVE-2024-30261, CVE-2024-38372, CVE-2021-20380, CVE-2021-30118, CVE-2013-3960, CVE-2022-35949, CVE-2017-8860, CVE-2021-21299, CVE-2022-28129, CVE-2004-2117, CVE-2012-2333, CVE-2002-2395, CVE-2014-4222, CVE-2015-6368, CVE-2002-1822, CVE-2014-4251, CVE-2011-0398, CVE-2011-0400, CVE-2006-6855, CVE-2023-23936, CVE-2019-0197, CVE-2021-41451, CVE-2018-1000638, CVE-2006-2786, CVE-2015-5152, CVE-2017-14149, CVE-2022-41556, CVE-2017-3500, CVE-2023-45143, CVE-2021-21295, CVE-2020-8659, CVE-2021-29509, CVE-2017-10133, CVE-2000-1154, CVE-2013-3998, CVE-2022-34206, CVE-2019-7652, CVE-2021-22901, CVE-2005-2090, CVE-2024-30260, CVE-2005-1667, CVE-2023-24807, CVE-2009-3651, CVE-2013-1150, CVE-2013-3473, CVE-2023-47641, CVE-2023-33305, CVE-2022-34205, CVE-2020-13934, CVE-2022-3215, CVE-2024-24750, CVE-2006-3869, CVE-2022-24790, CVE-2007-6231, CVE-2021-30117, CVE-2021-30201, CVE-2016-6564, CVE-2022-3918, CVE-2017-10353, CVE-2023-36641, CVE-2023-33274, CVE-2021-39241, CVE-2017-10014, CVE-2000-1155, CVE-2005-0874, CVE-2017-7240, CVE-2016-8723, CVE-2020-12605, CVE-2021-41136, CVE-2024-24791, CVE-2005-0875, CVE-2006-7020, CVE-2016-8726, CVE-2024-23452, CVE-2016-8720

Critical Splunk Vulnerability CVE-2024-36991 Exploited Using Crafted GET Commands

Trust: 4.75

Fetched: July 28, 2024, 10:04 a.m., Published: July 22, 2024, 9:04 a.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2024-36991

6 Steps of Vulnerability Scanning: Best Practices

Trust: 3.75

Fetched: July 28, 2024, 10 a.m., Published: July 6, 2024, midnight
 Vulnerabilities: service disruption
Affected productsExternal IDs

Multiple vulnerabilities in TP-Link Omada system could lead to root access

Trust: 4.25

Fetched: July 28, 2024, 9:59 a.m., Published: June 26, 2024, 4 p.m.
 Vulnerabilities: buffer overflow, denial of service, arbitrary command execution...
Affected productsExternal IDs
vendor: cisco model: tftp server
vendor: cisco model: routers
vendor: cisco model: series
vendor: cisco model: access points
vendor: cisco model: h
vendor: cisco model: router
vendor: cisco model: wireless access point
vendor: tp-link model: routers

CISA warns of path traversal vulnerability in RAD Data's SecFlow-2 hardware - Industrial Cyber

Trust: 5.0

Fetched: July 28, 2024, 9:59 a.m., Published: June 20, 2024, 9:07 a.m.
 Vulnerabilities: path traversal
Affected productsExternal IDs
db: NVD ids: CVE-2019-6268

D-Link Technical Support

Trust: 3.0

Fetched: July 28, 2024, 9:59 a.m., Published: July 1, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-6387

WARNING: MULTIPLE CRITICAL, HIGH AND MEDIUM VULNERABILITIES IN ZYXEL NAS DEVICES CAN BE EXPLOITED TO EXECUTE CODE AND STEAL INFORMATION. DECOMMISION OR PATCH IMMEDIATELY! | Cert

Trust: 5.5

Fetched: July 28, 2024, 9:58 a.m., Published: June 24, 2024, 2:33 p.m.
 Vulnerabilities: privilege management vulnerability, code execution, command injection
Affected productsExternal IDs
vendor: zyxel model: nas542
vendor: zyxel model: nas326
db: NVD ids: CVE-2024-29976, CVE-2024-27793, CVE-2024-29974, CVE-2024-19976, CVE-2024-29975, CVE-2024-29973, CVE-2024-27794, CVE-2024-29972

High Severity Vulnerability in SolarWinds Serv-U (CVE-2024-28995)

Trust: 4.0

Fetched: July 28, 2024, 9:57 a.m., Published: June 5, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: solarwinds model: serv-u
db: NVD ids: CVE-2024-28995

Comprehensive CVEs, Vulnerabilities, and Exploits for Apple OS and iPhone Bluetooth Devices | by Aardvark Infinity | Aardvark Infinity | Jul, 2024 | Medium

Trust: 3.25

Fetched: July 28, 2024, 9:53 a.m., Published: July 28, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Nest Security Bulletin-June 2024 - Help

Trust: 3.0

Fetched: July 28, 2024, 9:53 a.m., Published: June 28, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2016-3189, CVE-2024-32928

Critical Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) Exploited in the Wild, Prompting Urgent Patching |

Trust: 3.75

Fetched: July 28, 2024, 9:52 a.m., Published: July 1, 2024, 2:48 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2023-35078

Baxter Welch Allyn Connex Spot Monitor | CISA

Trust: 3.0

Fetched: July 28, 2024, 9:52 a.m., Published: July 28, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-1275

Zyxel Patches Multiple Vulnerabilities in NAS Products - Qualys ThreatPROTECT

Trust: 5.25

Fetched: July 28, 2024, 9:52 a.m., Published: -
 Vulnerabilities: privilege management vulnerability, code execution, command injection
Affected productsExternal IDs
vendor: zyxel model: nas542
vendor: zyxel model: nas326
db: NVD ids: CVE-2024-29976, CVE-2024-29974, CVE-2024-29975, CVE-2024-29973, CVE-2024-29972

Vulnerability Disclose Policy - Vestel Visual Solutions

Trust: 3.0

Fetched: July 28, 2024, 9:50 a.m., Published: May 27, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs