Sign-up

VARIoT news about IoT security

Critical Vulnerability in Azure-Connected IoT Devices Requires Immediate Attention - Technology Solutions for Home

Trust: 5.0

Fetched: March 12, 2024, 9:32 a.m., Published: March 12, 2024, midnight
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-27099

CISA breached by hackers exploiting Ivanti bugs | SC Media

Trust: 3.0

Fetched: March 12, 2024, 9:26 a.m., Published: June 14, 2023, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

Critical vulnerability CVE-2024-21899 allows QNAP NAS access without authentication | Born's Tech and Windows World

Trust: 5.25

Fetched: March 12, 2024, 9:23 a.m., Published: March 12, 2024, 5:24 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21900, CVE-2024-21899, CVE-2024-21901

What is IoT? The internet of things explained | Network World

Trust: 3.5

Fetched: March 12, 2024, 9:22 a.m., Published: Feb. 27, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

150,000 Devices at Risk: Fortinet Bug Exploited

Trust: 4.25

Fetched: March 12, 2024, 9:22 a.m., Published: March 12, 2024, 7:26 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21762

Widespread Exploitation of Critical TeamCity Flaw to Create Admin Accounts - VULNERA

Trust: 5.0

Fetched: March 12, 2024, 9:21 a.m., Published: March 7, 2024, 12:19 a.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2024-27198

QNAP Fixes Critical Flaws Impacting NAS Devices | Decipher

Trust: 3.75

Fetched: March 12, 2024, 9:21 a.m., Published: March 11, 2024, midnight
 Vulnerabilities: authentication bug, sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21900, CVE-2024-21899, CVE-2024-21901

1Panel is vulnerable to command injection - vulnerability database | Vulners.com

Trust: 3.0

Fetched: March 12, 2024, 9:20 a.m., Published: March 10, 2024, 3:30 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs

Apple Urges Users to Update Devices Due to Critical Security Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202208-1345, VAR-202208-1294

Trust: 4.75

Fetched: March 12, 2024, 9:19 a.m., Published: March 6, 2024, 1:41 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: ipad
db: NVD ids: CVE-2022-32893, CVE-2022-32894, CVE-2023-37450

Directory traversal - vulnerability database | Vulners.com

Trust: 4.25

Fetched: March 12, 2024, 9:18 a.m., Published: March 6, 2024, 5:15 p.m.
 Vulnerabilities: directory traversal
Affected productsExternal IDs

Command injection - vulnerability database | Vulners.com

Trust: 5.0

Fetched: March 12, 2024, 9:18 a.m., Published: March 6, 2024, 5:15 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: cisco small business
vendor: cisco model: small business
vendor: cisco model: series

QNAP warns its NAS devices are facing a critical security flaw - but a patch is available, so update now | TechRadar

Trust: 5.0

Fetched: March 12, 2024, 9:17 a.m., Published: March 11, 2024, 4:01 p.m.
 Vulnerabilities: code injection, arbitrary command execution, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21900, CVE-2024-21899, CVE-2024-21901

QNAP Patches Critical Vulnerabilities Impacting NAS Devices (CVE-2024-21899, CVE-2024-21900, & CVE-2024-21901) - Qualys ThreatPROTECT

Trust: 5.0

Fetched: March 12, 2024, 9:16 a.m., Published: -
 Vulnerabilities: sql injection, authentication vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-21900, CVE-2024-21899, CVE-2024-21901

Security Advisory: Pure Response to CVE-2022-0847 "Dirty Pipe" - Pure Technical Services

Related entries in the VARIoT vulnerabilities database: VAR-202203-0043

Trust: 5.0

Fetched: March 10, 2024, 10:47 a.m., Published: March 9, 2022, 6:20 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: pure model: purity
db: NVD ids: CVE-2022-0847

Android Linux Wi-Fi Vulnerabilities: Protect Devices Today!

Trust: 5.0

Fetched: March 10, 2024, 10:46 a.m., Published: March 1, 2024, 2:36 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-52160, CVE-2023-52161

CVE-2024-21357 - Security Update Guide - Microsoft - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Trust: 3.0

Fetched: March 10, 2024, 10:46 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21357

Common Types Of Cybersecurity Threats And Vulnerabilities

Trust: 4.0

Fetched: March 10, 2024, 10:45 a.m., Published: Dec. 5, 2023, 9:25 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

iOS 17.4 Fixes Two Big iPhone Security Flaws | Lifehacker

Trust: 5.5

Fetched: March 10, 2024, 10:44 a.m., Published: March 6, 2024, 5:30 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
db: NVD ids: CVE-2024-23225, CVE-2024-23256, CVE-2024-23296, CVE-2024-23243

20 Emerging Cybersecurity Trends to Watch Out in 2024

Trust: 4.5

Fetched: March 10, 2024, 10:41 a.m., Published: March 11, 2020, 4:32 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus

Security Engineer Unveils IoT Device Vulnerabilities Through Solar System Hack

Trust: 3.0

Fetched: March 10, 2024, 10:41 a.m., Published: March 1, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs