VARIoT latest news about IoT security

Alienware Aurora R15 System BIOS \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: June 18, 2024, 9:29 a.m., Published: June 5, 2024, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

System BIOS komputera Dell Inspiron 3502 \| Szczegóły sterownika \| Dell Polska Trust: 3.25 Fetched: June 18, 2024, 9:28 a.m., Published: June 18, 3502, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

dell

model:

bios

12 Essential Types of Mobile App Testing for Robust Performance \| HeadSpin Trust: 3.75 Fetched: June 18, 2024, 9:25 a.m., Published: June 18, 2020, midnight	Vulnerabilities: memory leak

Affected products

External IDs

vendor:

essential

model:

phone

Critical Security Vulnerability in GitHub Enterprise Server Allows Authentication Bypass - VULNERA Trust: 3.25 Fetched: June 18, 2024, 9:24 a.m., Published: May 21, 2024, 4:16 p.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2024-4985

ASUS Issues Firmware Patches for Critical Router Vulnerabilities Trust: 4.75 Fetched: June 18, 2024, 9:24 a.m., Published: June 17, 2024, 6:27 a.m.	Vulnerabilities: buffer overflow

Affected products

External IDs

vendor:	asus	model:	rt-ax88u
vendor:	asus	model:	dsl-ac750
vendor:	asus	model:	rt-ac68u
vendor:	asus	model:	dsl-n14u
vendor:	asus	model:	dsl-ac56u
vendor:	asus	model:	routers
vendor:	asus	model:	zenwifi xt8
vendor:	asus	model:	dsl-n55u_d1
vendor:	asus	model:	rt-ac86u
vendor:	asus	model:	dsl-n12e_c1
vendor:	asus	model:	dsl-n55u_c1
vendor:	asus	model:	dsl-ac55u
vendor:	asus	model:	dsl-n66u
vendor:	asus	model:	rt-ax58u
vendor:	asus	model:	dsl-ac51
vendor:	asus	model:	dsl-n16u
vendor:	asus	model:	router
vendor:	asus	model:	dsl-ac52u
vendor:	asus	model:	dsl-n17u
vendor:	asus	model:	asus
vendor:	asus	model:	dsl-n16p
vendor:	asus	model:	dsl-n16
vendor:	asus	model:	dsl-n10_c1

db:

NVD

ids:

CVE-2024-3079, CVE-2024-3912, CVE-2024-3080

Zyxel NAS Pre-Auth Command Injection vulnerability (CVE-2023... - vulnerability database \| Vulners.com Trust: 4.25 Fetched: June 18, 2024, 9:18 a.m., Published: June 11, 2024, midnight	Vulnerabilities: command injection

Affected products	External IDs

CVE-2024-36022 drm/amdgpu: Init zone device and drm client a... - vulnerability database \| Vulners.com Trust: 4.25 Fetched: June 18, 2024, 9:10 a.m., Published: May 30, 2024, 3:03 p.m.	Vulnerabilities: kernel panic

Affected products

External IDs

db:

NVD

ids:

CVE-2024-36022

CVE-2024-6047 GeoVision EOL device - OS Command Injection - vulnerability database \| Vulners.com Trust: 3.75 Fetched: June 18, 2024, 9:08 a.m., Published: June 17, 2024, 5:48 a.m.	Vulnerabilities: command injection, os command injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-6047

The In-Depth Guide to OWASP Top 10 Vulnerabilities \| Jit Trust: 3.5 Fetched: June 18, 2024, 9:07 a.m., Published: June 10, 2024, midnight	Vulnerabilities: request forgery, cross-site scripting, sql injection...

Affected products	External IDs

Top 5 threats IoT devices pose to data security - Quintech Trust: 3.25 Fetched: June 18, 2024, 9:07 a.m., Published: June 17, 2024, 1:29 p.m.	Vulnerabilities: denial of service

Affected products	External IDs

ASUS Issues Critical Security Update for Router Vulnerability CVE-2024-3080 (CVSS 9.8) Trust: 5.75 Fetched: June 18, 2024, 9:07 a.m., Published: June 16, 2024, 8:46 a.m.	Vulnerabilities: buffer overflow, authentication bypass

Affected products

External IDs

vendor:	asus	model:	rt-ax88u
vendor:	asus	model:	rt-ac68u
vendor:	asus	model:	routers
vendor:	asus	model:	zenwifi xt8
vendor:	asus	model:	rt-ac86u
vendor:	asus	model:	rt-ax58u
vendor:	asus	model:	router
vendor:	asus	model:	asus

db:

NVD

ids:

CVE-2024-3079, CVE-2024-3080

High-severity vulnerabilities affect a wide range of Asus router models \| Ars Technica Trust: 5.5 Fetched: June 18, 2024, 9:06 a.m., Published: June 17, 2024, 6:39 p.m.	Vulnerabilities: buffer overflow, authentication bypass

Affected products

External IDs

vendor:	asus	model:	routers
vendor:	asus	model:	dsl-n12e_c1
vendor:	asus	model:	dsl-n16u
vendor:	asus	model:	router
vendor:	asus	model:	asus
vendor:	asus	model:	dsl-n16p
vendor:	asus	model:	dsl-n10_c1

db:

NVD

ids:

CVE-2024-3079, CVE-2024-3912, CVE-2024-3080

Most Common Wireless Network Vulnerabilities To Watch For Trust: 3.75 Fetched: June 18, 2024, 9:05 a.m., Published: May 18, 2024, midnight	Vulnerabilities: weak password

Affected products	External IDs

Akira Ransomware Elevates Privilege To Exfiltrate NTDS.dit File Trust: 4.75 Fetched: June 16, 2024, 10:16 a.m., Published: May 20, 2024, 1:05 p.m.	Vulnerabilities: privilege escalation, code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-21972

CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability - Security Boulevard Trust: 3.5 Fetched: June 16, 2024, 10:10 a.m., Published: June 12, 2024, 2:27 p.m.	Vulnerabilities: code execution, sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-29824

Forescout Report 2024 Identifies Risks In Connected Devices \| Security News Trust: 3.75 Fetched: June 16, 2024, 10:10 a.m., Published: -	Vulnerabilities: default credentials

Affected products	External IDs

Muhstik Malware Attacking Apache RocketMQ Platform To Execute Remote Code Trust: 4.25 Fetched: June 16, 2024, 10:09 a.m., Published: June 7, 2024, 12:47 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2023-33246

Zyxel NAS Devices’ EoL Models Patched for Critical Code Execution Vulnerabilities: CVE-2024-29972, CVE-2024-29973, CVE-2024-29974 - TQT Group Trust: 4.25 Fetched: June 16, 2024, 10:09 a.m., Published: June 5, 2024, 10:56 a.m.	Vulnerabilities: command execution, command injection, code execution

Affected products

External IDs

vendor:	zyxel	model:	nas326
vendor:	zyxel	model:	nas542

db:

NVD

ids:

CVE-2024-29976, CVE-2024-29975, CVE-2024-29974, CVE-2024-29972, CVE-2024-29973

Spring Cloud Data Flow Let Attackers Compromise The Server Trust: 3.25 Fetched: June 16, 2024, 10:08 a.m., Published: May 30, 2024, 11:27 a.m.	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2024-22263

Critical wpDataTable Vulnerability - Attackers Perform SQL Injection Trust: 3.0 Fetched: June 16, 2024, 10:06 a.m., Published: June 3, 2024, 7:47 a.m.	Vulnerabilities: sql injection

Affected products

External IDs

db:

NVD

ids:

CVE-2024-3820

VARIoT news about IoT security