Sign-up

VARIoT news about IoT security

You Should Update Your Apple Device to Protect Yourself From Getting Hacked

Trust: 3.75

Fetched: Nov. 22, 2024, 10 a.m., Published: Nov. 20, 2024, 2:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: macos
db: NVD ids: CVE-2024-44308, CVE-2024-44309

Palo Alto Networks warns hackers are breaking into its customers' firewalls - again | TechCrunch

Trust: 3.75

Fetched: Nov. 22, 2024, 9:59 a.m., Published: Nov. 21, 2024, 2:09 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: palo model: firewall
vendor: palo model: networks
vendor: palo model: pan-os
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks
vendor: palo alto networks model: pan-os
db: NVD ids: CVE-2024-0012, CVE-2024-9474

Ensuring IoT Security in 5G Era: Examining Protocols, Architectures, and Security Measures | SpringerLink

Trust: 3.5

Fetched: Nov. 22, 2024, 9:59 a.m., Published: Nov. 22, 2024, midnight
 Vulnerabilities: -

【Vulnerability Alert】GeoVision End-of-Life Devices - OS Command Injection

Trust: 4.75

Fetched: Nov. 22, 2024, 9:46 a.m., Published: Nov. 20, 2024, midnight
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-11120

Update now! Apple confirms vulnerabilities are already being exploited | Malwarebytes

Trust: 5.5

Fetched: Nov. 22, 2024, 9:45 a.m., Published: Nov. 20, 2024, 1:12 p.m.
 Vulnerabilities: cross-site scripting, code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: software update
vendor: apple model: webkit
db: NVD ids: CVE-2024-44308, CVE-2024-44309

Apple warns 2 macOS zero-day vulnerabilities under attack | TechTarget

Trust: 4.25

Fetched: Nov. 22, 2024, 9:44 a.m., Published: Nov. 20, 2024, midnight
 Vulnerabilities: cross-site scripting, code execution
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: safari
vendor: canary model: canary
vendor: trend model: security
db: NVD ids: CVE-2024-44308, CVE-2024-44309

Samsung Electronics Scales Up Mobile Security Rewards Program to Boost Industry Collaboration and Safety - Samsung Mobile Press

Trust: 3.5

Fetched: Nov. 22, 2024, 9:44 a.m., Published: Nov. 21, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: samsung mobile

【Vulnerability Alert】GeoVision End-of-Life Devices - OS Command Injection

Trust: 4.75

Fetched: Nov. 22, 2024, 9:43 a.m., Published: Nov. 20, 2024, midnight
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-11120

risk estimation study of native code vulnerabilities in Android applications | Journal of Cybersecurity | Oxford Academic

Trust: 3.25

Fetched: Nov. 22, 2024, 9:19 a.m., Published: Jan. 2, 2024, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: system
vendor: google model: android
vendor: samsung model: note
vendor: samsung model: mobile devices
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: motorola model: android
vendor: motorola model: motorola

Disclosure of 7 Android and Google Pixel Vulnerabilities | Oversecured Blog

Trust: 3.5

Fetched: Nov. 22, 2024, 9:14 a.m., Published: Nov. 7, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-34719, CVE-2023-20963, CVE-2024-0017, CVE-2023-21292, CVE-2023-21383, CVE-2021-0600

Palo Alto Networks Fixes 2 Zero-Days in PAN-OS - Lansweeper

Trust: 5.5

Fetched: Nov. 20, 2024, 10:19 a.m., Published: Nov. 19, 2024, 3:14 p.m.
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2024-9474, CVE-2024-0012

XillyUSB Device Endpoint Validation Vulnerability in Linux Kernel

Trust: 4.25

Fetched: Nov. 20, 2024, 10:18 a.m., Published: Nov. 12, 2024, midnight
 Vulnerabilities: endpoint validation vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-45011

CVE-2022-20931 Cisco Touch 10 Device Downgrade Attack Vulner... - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Nov. 20, 2024, 10:17 a.m., Published: Nov. 15, 2024, 3:30 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco telepresence ce software
vendor: cisco model: telepresence ce software
vendor: cisco model: telepresence ce
vendor: cisco model: telepresence
vendor: cisco model: cisco telepresence
db: NVD ids: CVE-2022-20931

Update your iPhone, iPad, & Mac now to block security threats

Trust: 4.75

Fetched: Nov. 20, 2024, 10:15 a.m., Published: Nov. 13, 2024, midnight
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: iphone
vendor: apple model: macos
db: NVD ids: CVE-2024-44308, CVE-2024-44309

Understanding the Vulnerabilities of the Diameter Protocol in 4G Networks

Trust: 5.5

Fetched: Nov. 20, 2024, 10:13 a.m., Published: Nov. 19, 2024, midnight
 Vulnerabilities: traffic interception, denial of service, information disclosure
Affected productsExternal IDs
vendor: trend model: security

What Is an Information Disclosure Vulnerability? [Examples]

Trust: 3.5

Fetched: Nov. 20, 2024, 10:13 a.m., Published: Nov. 6, 2024, midnight
 Vulnerabilities: improper access control, memory leak, information disclosure
Affected productsExternal IDs

The Critical Role of Vulnerability Testing in Modern Cybersecurity - History Tools

Trust: 3.25

Fetched: Nov. 20, 2024, 10:07 a.m., Published: Nov. 10, 2024, midnight
 Vulnerabilities: denial of service, code execution, authentication bypass...
Affected productsExternal IDs
vendor: essential model: phone
vendor: rising model: antivirus

Nvidia GPU driver addresses eight major high-severity vulnerabilities - Nvidia GPU owners should update ASAP | Tom's Hardware

Trust: 4.0

Fetched: Nov. 20, 2024, 10:06 a.m., Published: Oct. 28, 2024, 3:32 p.m.
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Trust: 3.5

Fetched: Nov. 20, 2024, 10:06 a.m., Published: Oct. 27, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Mobile Endpoint Protection: Definition and Implementation

Trust: 3.5

Fetched: Nov. 20, 2024, 10:05 a.m., Published: Nov. 13, 2024, 2:49 p.m.
 Vulnerabilities: denial of service, sql injection
Affected productsExternal IDs
vendor: essential model: phone