Sign-up

VARIoT news about IoT security

Protect Four-Faith Routers from CVE-2024-12856 Exploit

Trust: 5.25

Fetched: Jan. 1, 2025, 9:07 a.m., Published: Dec. 30, 2024, midnight
 Vulnerabilities: command injection, command execution, remote command injection...
Affected productsExternal IDs
vendor: snort model: snort
vendor: four-faith model: f3x24
vendor: four-faith model: four-faith
db: NVD ids: CVE-2024-12856

Securing Cloud-Based Internet of Things: Challenges and Mitigations

Trust: 4.5

Fetched: Dec. 31, 2024, 9:43 a.m., Published: Dec. 26, 2024, midnight
 Vulnerabilities: sql injection, authentication attack, information leak...
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: flow
vendor: samsung model: samsung

Ai Vulnerabilities In Smart Audio Devices | Restackio

Trust: 3.75

Fetched: Dec. 31, 2024, 9:43 a.m., Published: Dec. 25, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

Analyzing the vulnerability landscape in Q3 2024 | Securelist

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.25

Fetched: Dec. 31, 2024, 9:42 a.m., Published: March 31, 2024, midnight
 Vulnerabilities: buffer overflow, os command injection, injection attack...
Affected productsExternal IDs
vendor: freeipa model: freeipa
vendor: trend model: security
vendor: cups model: cups
db: NVD ids: CVE-2024-3183, CVE-2023-51385, CVE-2023-36874, CVE-2021-40444, CVE-2023-2640, CVE-2023-22809, CVE-2023-36802, CVE-2024-5290, CVE-2023-23397, CVE-2024-6387, CVE-2024-45519, CVE-2024-47177, CVE-2017-11882, CVE-2023-32233, CVE-2018-0802, CVE-2023-3269, CVE-2023-31248, CVE-2017-0199, CVE-2023-4911, CVE-2024-38112, CVE-2023-38831

Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393) - Qualys ThreatPROTECT

Trust: 5.75

Fetched: Dec. 31, 2024, 9:41 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: firewall
vendor: paloaltonetworks model: networks
db: NVD ids: CVE-2024-3393

8 Best Network Vulnerability Scanner

Trust: 3.5

Fetched: Dec. 31, 2024, 9:39 a.m., Published: April 1, 2018, 4:16 a.m.
 Vulnerabilities: sql injection, cross-site scripting, weak password
Affected productsExternal IDs
vendor: sophos model: firewall
vendor: cisco model: routers
vendor: cisco model: umbrella
vendor: cisco model: guard

U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

Trust: 3.75

Fetched: Dec. 31, 2024, 9:32 a.m., Published: Dec. 23, 2024, 10:27 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44207

Cisco Confirms Active Exploitation Of Cisco XSS VPN Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-201403-0466

Trust: 4.75

Fetched: Dec. 31, 2024, 9:31 a.m., Published: Dec. 3, 2024, 11:48 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: trend model: security
vendor: cisco model: adaptive security appliance
vendor: cisco model: asa software
db: NVD ids: CVE-2014-2120

D-Link DAP-1513 Multiple Vulnerabilities (Nov 2022) - vulnerability database | Vulners.com

Related entries in the VARIoT vulnerabilities database: VAR-202412-0623

Trust: 4.0

Fetched: Dec. 31, 2024, 9:28 a.m., Published: Dec. 23, 2024, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-36832

Update Canonical Ubuntu Desktop: USN-7136-1: Django vulnerabilities

Trust: 6.25

Fetched: Dec. 31, 2024, 9:27 a.m., Published: Jan. 31, 7136, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-53907, CVE-2024-53908

CEH Module3 - Scanning Networks - CY - Technical Memory extension

Trust: 3.75

Fetched: Dec. 31, 2024, 9:24 a.m., Published: Dec. 26, 2024, 4:51 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: wireshark model: wireshark

CVE-2024-56699 - Exploits & Severity - Feedly

Trust: 4.75

Fetched: Dec. 31, 2024, 9:22 a.m., Published: Dec. 28, 2024, midnight
 Vulnerabilities: denial of service, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2024-56699

Impact of Unpatched Vulnerabilities in 2025 - Kratikal Blogs

Trust: 3.0

Fetched: Dec. 31, 2024, 9:21 a.m., Published: Dec. 24, 2024, 6:29 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-5806

Ruijie Cloud Flaws Put 50,000 Devices at Risk

Trust: 4.75

Fetched: Dec. 31, 2024, 9:21 a.m., Published: Dec. 26, 2024, midnight
 Vulnerabilities: request forgery, code execution, weak password
Affected productsExternal IDs
db: NVD ids: CVE-2024-48874, CVE-2024-47547, CVE-2024-52324

CVE-2024-53181: Addressing the Linux Vector Device Removal Vulnerability

Trust: 3.0

Fetched: Dec. 31, 2024, 9:20 a.m., Published: Dec. 27, 2024, midnight
 Vulnerabilities: kernel panic
Affected productsExternal IDs
db: NVD ids: CVE-2024-53181

CVE-2024-53197 ALSA: usb-audio: Fix potential out-of-bound a... - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Dec. 31, 2024, 9:19 a.m., Published: Dec. 27, 2024, 1:49 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: alsa model: alsa
db: NVD ids: CVE-2024-53197

IBM AIX Vulnerability Let Attackers Trigger DoS Condition

Trust: 4.0

Fetched: Dec. 31, 2024, 9:18 a.m., Published: Dec. 26, 2024, 7:11 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-52906, CVE-2024-47102

Does a VPN Protect You From Hackers in 2025?

Trust: 4.5

Fetched: Dec. 31, 2024, 9:17 a.m., Published: Dec. 18, 2024, 9:23 a.m.
 Vulnerabilities: session hijacking, cross-site scripting, denial of service
Affected productsExternal IDs
vendor: google model: home

CVEs and Security Vulnerabilities - OpenCVE

Trust: 4.5

Fetched: Dec. 31, 2024, 9:15 a.m., Published: April 6, 2024, midnight
 Vulnerabilities: sql injection, default credentials, resource exhaustion...
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: firewall
vendor: palo model: networks
vendor: four-faith model: four-faith
vendor: four-faith model: f3x24
vendor: four-faith model: four-faith router
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks

D-Link Web Management Interface Vulnerability Let Attackers Gain Device Access

Related entries in the VARIoT vulnerabilities database: VAR-202412-2435

Trust: 5.75

Fetched: Dec. 31, 2024, 9:15 a.m., Published: Dec. 30, 2024, 7:44 a.m.
 Vulnerabilities: improper access control
Affected productsExternal IDs
vendor: d-link model: router
vendor: d-link model: dir-823g
db: NVD ids: CVE-2024-13030