Sign-up

VARIoT news about IoT security

CVE-2025-1829 : Command Injection Vulnerability in TOTOLINK X18 Wireless Device | SecurityVulnerability.io

Trust: 4.5

Fetched: March 5, 2025, 9:13 a.m., Published: March 2, 2025, 7 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-1829

Android Security Bulletin-March 20255 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202503-1450

Trust: 4.25

Fetched: March 5, 2025, 9:12 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: code execution, information disclosure, denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: samsung model: note
vendor: samsung model: samsung
vendor: google model: android
vendor: google model: pixel
vendor: motorola model: android
vendor: motorola model: motorola
vendor: huawei model: huawei
db: NVD ids: CVE-2024-43093, CVE-2025-0081, CVE-2025-22411, CVE-2023-21125, CVE-2024-0032, CVE-2025-20645, CVE-2025-0087, CVE-2025-0074, CVE-2025-0075, CVE-2025-0079, CVE-2025-22408, CVE-2024-53025, CVE-2024-53011, CVE-2025-0080, CVE-2024-43051, CVE-2025-26417, CVE-2025-0092, CVE-2025-0078, CVE-2025-0082, CVE-2025-0086, CVE-2025-0084, CVE-2024-49740, CVE-2025-22405, CVE-2024-49728, CVE-2024-43090, CVE-2025-22412, CVE-2025-0093, CVE-2025-22410, CVE-2025-0083, CVE-2025-22406, CVE-2025-22407, CVE-2025-22409, CVE-2024-50302, CVE-2025-22404, CVE-2025-20644, CVE-2025-22403

System BIOS komputerów Dell Inspiron 16 5640 i Vostro 16 5640 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: March 4, 2025, 9:51 a.m., Published: March 27, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Google Warns of Two Critical Android Vulnerabilities Under Attack - Update Now!

Trust: 5.5

Fetched: March 4, 2025, 9:37 a.m., Published: March 4, 2025, 8:47 a.m.
 Vulnerabilities: memory leak, privilege escalation, improper validation
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: xiaomi model: miui
vendor: google model: android
db: NVD ids: CVE-2024-43093, CVE-2024-50302, CVE-2024-53104, CVE-2024-53197

Understanding and Mitigating CVE-2025-20645: MediaTek Vulnerability in KeyInstall

Trust: 3.0

Fetched: March 4, 2025, 9:37 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-20645

U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog

Trust: 4.75

Fetched: March 4, 2025, 9:36 a.m., Published: Feb. 5, 2025, 9 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-53104

Mitigation Strategies for CVE-2025-1614: FiberHome AN5506-01A ONU GPON Vulnerability

Trust: 4.75

Fetched: March 4, 2025, 9:35 a.m., Published: Jan. 4, 5506, midnight
 Vulnerabilities: code injection, cross-site scripting, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-1614

Understanding and Mitigating CVE-2025-20644: Memory Corruption Vulnerability in MediaTek Modems

Related entries in the VARIoT vulnerabilities database: VAR-202503-1450

Trust: 5.0

Fetched: March 4, 2025, 9:34 a.m., Published: -
 Vulnerabilities: memory corruption, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2025-20644

Understanding and Mitigating CVE-2025-20651: MediaTek Device Vulnerability

Trust: 4.0

Fetched: March 4, 2025, 9:26 a.m., Published: -
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-20651

Samsung Galaxy S25 Security Concerns: The Zero-Day Vulnerability and What It Means for Users (US) - MobilityArena

Trust: 4.5

Fetched: March 4, 2025, 9:25 a.m., Published: March 3, 2025, 8:56 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: samsung model: knox
vendor: samsung model: galaxy
vendor: samsung model: samsung
vendor: samsung model: samsung galaxy
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-53104

Security Misconfiguration: Impact, Examples, and Prevention

Trust: 4.5

Fetched: March 4, 2025, 9:19 a.m., Published: May 29, 2022, 12:08 p.m.
 Vulnerabilities: code injection, traversal attack, directory traversal...
Affected productsExternal IDs

Cybersecurity Basics, Threats, Tools, and Examples

Trust: 4.25

Fetched: March 2, 2025, 9:46 a.m., Published: June 29, 2024, 1:19 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: avira model: antivirus
vendor: mesh model: mesh
vendor: avast model: antivirus
vendor: comodo model: antivirus
vendor: pfsense model: pfsense
vendor: barracuda model: barracuda
vendor: barracuda model: running
vendor: google model: home
vendor: essential model: phone
vendor: sophos model: mobile
vendor: snort model: snort

Analysing Cyber Attacks and Cyber Security Vulnerabilities in the University Sector

Trust: 3.5

Fetched: March 2, 2025, 9:32 a.m., Published: Feb. 2, 2025, midnight
 Vulnerabilities: injection attack, sql injection
Affected productsExternal IDs
vendor: essential model: phone

System BIOS komputera Dell XPS 17 9710 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: March 2, 2025, 9:31 a.m., Published: March 24, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Kandji Announces Vulnerability Management, a new security product for Apple devices - MacTech.com

Trust: 3.0

Fetched: March 2, 2025, 9:31 a.m., Published: Feb. 12, 2025, 3:56 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Trust: 4.5

Fetched: March 2, 2025, 9:31 a.m., Published: Feb. 25, 2025, 10:41 a.m.
 Vulnerabilities: access control flaw, code execution, improper access control
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: networks
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2025-24989, CVE-2024-20953, CVE-2017-3066

Find my hacker: How Apple's network can be a potential tracking tool | College of Engineering and Computing

Trust: 4.75

Fetched: March 2, 2025, 9:29 a.m., Published: Feb. 2, 2025, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: essential model: phone

CVE-2025-20161 - Cisco NX-OS Software Command Injection Vulnerability - SecAlerts

Trust: 4.75

Fetched: March 2, 2025, 9:29 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: nx-os software
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os
db: NVD ids: CVE-2025-20161

Multiple Vulnerabilities Discovered in NVIDIA CUDA Toolkit - Cyber Security Review

Trust: 4.5

Fetched: March 2, 2025, 9:28 a.m., Published: Feb. 19, 2025, 7 a.m.
 Vulnerabilities: path traversal, command execution
Affected productsExternal IDs
vendor: mitel model: micollab
vendor: palo model: networks
vendor: palo model: ssl vpn
db: NVD ids: CVE-2024-53872, CVE-2024-53870, CVE-2024-53873, CVE-2024-41713, CVE-2024-53871, CVE-2024-55550

Linux Grub Read Command Buffer Overflow Vulnerability Enabling Potential Secure Boot Bypass

Trust: 4.75

Fetched: March 2, 2025, 9:27 a.m., Published: Feb. 25, 2025, 12:07 p.m.
 Vulnerabilities: buffer overflow, memory corruption, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2025-0690