VARIoT latest news about IoT security

OEMs Are Urged To Address Vulnerabilities In Device Communication - Cyble Trust: 4.5 Fetched: Oct. 11, 2024, 9:18 a.m., Published: Oct. 9, 2024, 2:15 p.m.	Vulnerabilities: memory corruption, information disclosure, denial of service...

Affected products

External IDs

vendor:	google	model:	chrome
vendor:	trend	model:	security
vendor:	trend micro	model:	security

db:

NVD

ids:

CVE-2024-33066, CVE-2024-33064, CVE-2024-38399, CVE-2024-38425, CVE-2024-33069, CVE-2024-23375, CVE-2024-21455, CVE-2024-7965, CVE-2024-43047

Alienware x14 R2/x16 R1 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Oct. 9, 2024, 11:07 a.m., Published: Oct. 12, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Update your security provider to protect against SSL exploits \| Security \| Android Developers Related entries in the VARIoT vulnerabilities database: VAR-201406-0445 Trust: 3.75 Fetched: Oct. 9, 2024, 11:06 a.m., Published: Dec. 9, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

android

db:

NVD

ids:

CVE-2014-0224

CVE-2024-8458 PLANET Technology switch devices - Cross-site ... - vulnerability database \| Vulners.com Trust: 4.0 Fetched: Oct. 9, 2024, 11:04 a.m., Published: Sept. 30, 2024, 7:45 a.m.	Vulnerabilities: request forgery, cross-site request forgery

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8458

Docker Desktop Vulnerabilities Let Attackers Execute Remote Code Trust: 3.25 Fetched: Oct. 9, 2024, 11:04 a.m., Published: Sept. 13, 2024, 6:56 a.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8695, CVE-2024-8696

Vulnerability Disclosure Policy - NASA Trust: 3.0 Fetched: Oct. 9, 2024, 10:50 a.m., Published: Dec. 3, 2020, 11:46 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

CVE-2024-8455 PLANET Technology switch devices - Swctrl serv... - vulnerability database \| Vulners.com Trust: 3.25 Fetched: Oct. 9, 2024, 10:49 a.m., Published: Sept. 30, 2024, 7:24 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-8455

System BIOS w wersji R6 do komputerów Alienware m15 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Oct. 9, 2024, 10:48 a.m., Published: Oct. 23, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Best Streaming Device for 2024: Top Picks Reviewed - CNET Trust: 3.25 Fetched: Oct. 9, 2024, 10:47 a.m., Published: Oct. 9, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	amazon	model:	fire tv
vendor:	apple	model:	watch
vendor:	apple	model:	apple tv
vendor:	apple	model:	iphone
vendor:	google	model:	android
vendor:	google	model:	google chrome
vendor:	google	model:	chromecast
vendor:	google	model:	chrome
vendor:	google	model:	home
vendor:	roku	model:	roku
vendor:	roku	model:	roku streaming stick
vendor:	roku	model:	roku ultra
vendor:	roku	model:	express
vendor:	roku	model:	ultra
vendor:	roku	model:	streaming stick
vendor:	roku	model:	roku express
vendor:	samsung	model:	note
vendor:	samsung	model:	samsung

System BIOS komputera Dell Precision 3431 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Oct. 9, 2024, 10:43 a.m., Published: Oct. 9, 3431, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

Alienware x14 R2/x16 R1 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: Oct. 9, 2024, 10:41 a.m., Published: Oct. 12, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

CVE-2024-46770 ice: Add netif_device_attach/detach into PF r... - vulnerability database \| Vulners.com Trust: 3.0 Fetched: Oct. 9, 2024, 10:40 a.m., Published: Sept. 18, 2024, 7:12 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-46770

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities Trust: 5.5 Fetched: Oct. 9, 2024, 10:39 a.m., Published: Sept. 11, 2024, 6:30 a.m.	Vulnerabilities: sql injection, code execution, command injection

Affected products

External IDs

vendor:	zyxel	model:	nas542
vendor:	zyxel	model:	nas326

db:

NVD

ids:

CVE-2024-32840, CVE-2024-32845, CVE-2024-32842, CVE-2024-34785, CVE-2024-32848, CVE-2024-32846, CVE-2024-34779, CVE-2024-34783, CVE-2024-6342, CVE-2024-32843, CVE-2024-29847

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws Trust: 5.5 Fetched: Oct. 9, 2024, 10:38 a.m., Published: Sept. 11, 2024, 6:53 a.m.	Vulnerabilities: privilege escalation, code execution, security feature bypass...

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel
vendor:	google	model:	google chrome
vendor:	google	model:	chrome
vendor:	lenovo	model:	updates
vendor:	lenovo	model:	system
vendor:	lenovo	model:	edge
vendor:	palo	model:	networks
vendor:	broadcom	model:	linux
vendor:	samsung	model:	samsung
vendor:	zoho	model:	manageengine servicedesk plus
vendor:	palo alto networks	model:	networks
vendor:	codesys	model:	codesys
vendor:	codesys	model:	linux

db:

NVD

ids:

CVE-2024-43491, CVE-2024-38014, CVE-2024-38226, CVE-2024-43461, CVE-2024-38217, CVE-2024-38112

Forescout Finds 14 Vulnerabilities in Popular DrayTek Routers Affecting Hundreds of Thousands of Exposed Devices Globally \| Business Wire Trust: 3.25 Fetched: Oct. 9, 2024, 10:36 a.m., Published: Oct. 2, 2024, 1 p.m.	Vulnerabilities: os command injection, code execution, command injection

Affected products

External IDs

vendor:	draytek	model:	draytek routers
vendor:	draytek	model:	routers

CVE-2024-40725 and CVE-2024-40898 Vulnerabilities in Apache’s HTTP Server : Vulnerability Analysis and Exploitation - CYFIRMA Trust: 4.5 Fetched: Oct. 9, 2024, 10:35 a.m., Published: Sept. 11, 2024, 7:26 a.m.	Vulnerabilities: session hijacking, privilege escalation, authentication bypass...

Affected products

External IDs

db:

NVD

ids:

CVE-2024-40898, CVE-2024-40725

About the security content of iOS 17.7 and iPadOS 17.7 - Apple Support Trust: 4.5 Fetched: Oct. 9, 2024, 10:35 a.m., Published: Oct. 17, 2024, midnight	Vulnerabilities: bounds access issue

Affected products

External IDs

vendor:	trend micro	model:	security
vendor:	trend	model:	security
vendor:	apple	model:	ipad
vendor:	apple	model:	iphone
vendor:	apple	model:	ipad air

db:

NVD

ids:

CVE-2024-44184, CVE-2024-40844, CVE-2024-44183, CVE-2024-44191, CVE-2024-44164, CVE-2024-27880, CVE-2024-44127, CVE-2024-44176, CVE-2024-40791, CVE-2024-40850, CVE-2024-27876, CVE-2024-44169, CVE-2024-27879, CVE-2024-44171, CVE-2024-44158, CVE-2024-44165

Critical Vulnerability in RADIUS Protocol Undermines Network Device Authentication Security - DediRock Trust: 3.0 Fetched: Oct. 9, 2024, 10:33 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-3596

Cybersec Sentinel Related entries in the VARIoT vulnerabilities database: VAR-202112-0566 Trust: 3.0 Fetched: Oct. 9, 2024, 10:32 a.m., Published: May 9, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2021-44228, CVE-2023-22515, CVE-2023-42793, CVE-2023-27350

Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score Trust: 5.5 Fetched: Oct. 9, 2024, 10:31 a.m., Published: Sept. 10, 2024, 7:30 p.m.	Vulnerabilities: code execution, information disclosure, security feature bypass...

Affected products

External IDs

vendor:	snort.org	model:	snort
vendor:	snort	model:	snort

db:

NVD

ids:

CVE-2024-43491, CVE-2024-43464, CVE-2024-38014, CVE-2024-38226, CVE-2024-38227, CVE-2024-38257, CVE-2024-38228, CVE-2024-38217, CVE-2024-38018

VARIoT news about IoT security