Sign-up

VARIoT news about IoT security

Google Chrome Multiple Vulnerabilities

Trust: 5.75

Fetched: Sept. 16, 2024, 8:24 p.m., Published: Aug. 28, 2024, midnight
 Vulnerabilities: heap corruption, information disclosure, code execution...
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2024-7971, CVE-2024-7965

CVE-2024-45038 Device crash via malformed MQTT packet when d... - vulnerability database | Vulners.com

Trust: 4.25

Fetched: Sept. 16, 2024, 8:24 p.m., Published: Aug. 27, 2024, 8:36 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
db: NVD ids: CVE-2024-45038

Which Cell Phone Is Most Secure in 2024? iPhone vs. Android | All About Cookies

Trust: 3.5

Fetched: Sept. 16, 2024, 8:22 p.m., Published: Oct. 20, 2022, 4:33 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: watch
vendor: samsung model: mobile phones
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: android phone
vendor: motorola model: motorola
vendor: motorola model: android
vendor: google model: pixel
vendor: google model: android

CVE-2024-45032: Industrial Edge Device Token Impersonation Vulnerability - DEC Solutions Group

Trust: 3.25

Fetched: Sept. 16, 2024, 8:22 p.m., Published: Sept. 10, 2024, 10:31 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-45032

Zero-Day Vulnerability In Arcadyan WiFi Devices Allows RCE for Root Access - Cybernoz

Trust: 4.5

Fetched: Sept. 16, 2024, 8:19 p.m., Published: Aug. 22, 2024, 9:58 a.m.
 Vulnerabilities: command injection, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-41992

CISA Warns of Three Vulnerabilities That Are Actively Exploited in the Wild

Trust: 4.5

Fetched: Sept. 16, 2024, 8:19 p.m., Published: Sept. 10, 2024, 8:10 a.m.
 Vulnerabilities: privilege escalation, improper access control, code execution...
Affected productsExternal IDs
vendor: sonicwall model: sonicos
vendor: imagemagick model: imagemagick
db: NVD ids: CVE-2024-40766, CVE-2016-3714, CVE-2017-1000253

ServiceNow Vulnerabilities: CVE-2024-4789 and CVE-2024-5217 | UpGuard

Trust: 3.0

Fetched: Sept. 16, 2024, 8:19 p.m., Published: Sept. 8, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-4789, CVE-2024-5217

Zero-day vulnerability in Arcadyan WiFi devices allows RCE for root access - 5gantennas.org

Trust: 4.5

Fetched: Sept. 16, 2024, 8:18 p.m., Published: Sept. 4, 2024, midnight
 Vulnerabilities: command injection, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-41992

MOBOTIX vulnerability (CVE-2023-34873): Find impacted devices

Trust: 5.0

Fetched: Sept. 16, 2024, 8:18 p.m., Published: Aug. 22, 2024, 2:26 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mobotix model: ip camera
vendor: mobotix model: mobotix ip camera
db: NVD ids: CVE-2023-34873

CVE-2024-42057 - Exploits & Severity - Feedly

Trust: 4.75

Fetched: Sept. 16, 2024, 8:09 p.m., Published: Sept. 3, 2024, midnight
 Vulnerabilities: command injection, service disruption
Affected productsExternal IDs
db: NVD ids: CVE-2024-42057

10 IoT Security Interview Questions and Answers - CLIMB

Trust: 3.75

Fetched: Sept. 16, 2024, 8:09 p.m., Published: Sept. 9, 2024, 5:28 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

CVE-2024-44549 - Tenda AX1806 Device Stack Overflow Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202408-2378

Trust: 3.0

Fetched: Sept. 16, 2024, 8:08 p.m., Published: Aug. 26, 2024, 4:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-44549

Critical Vulnerability CVE-2024-40766 in SonicWall Devices Exploited in the wild | Cyber Incident Response Team - Government of Jamaica

Trust: 4.5

Fetched: Sept. 16, 2024, 8:07 p.m., Published: May 16, 2024, midnight
 Vulnerabilities: improper access control, access control vulnerability
Affected productsExternal IDs
vendor: sonicwall model: soho
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2024-40766, CVE-2024-406766

10 Vulnerability Scanning Interview Questions and Answers - CLIMB

Trust: 3.5

Fetched: Sept. 16, 2024, 8:05 p.m., Published: Sept. 9, 2024, 5:27 p.m.
 Vulnerabilities: session hijacking, sql injection, cross-site scripting
Affected productsExternal IDs
vendor: ansible model: ansible

Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities

Trust: 5.0

Fetched: Sept. 16, 2024, 8:04 p.m., Published: Aug. 22, 2024, 3:15 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

Exploring Android threats and ways to mitigate them | Unlocked 403 cybersecurity podcast (ep.5)

Trust: 3.25

Fetched: Sept. 16, 2024, 7:58 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-45866

PoC Tool for Exploiting CVE-2024-7029 in AvTech Devices: Enabling RCE, Vulnerability Scanning, and Interactive Shell

Trust: 4.75

Fetched: Sept. 16, 2024, 7:58 p.m., Published: Sept. 2, 2024, 5:11 p.m.
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-7029

10 najlepszych praktyk bezpieczeństwa Internetu rzeczy (IoT) - GeeksforGeeks

Trust: 3.5

Fetched: Sept. 16, 2024, 7:57 p.m., Published: April 30, 2024, 4:13 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: checkpoint model: endpoint security

CVE-2024-43913 nvme: apple: fix device reference counting - vulnerability database | Vulners.com

Trust: 3.25

Fetched: Sept. 16, 2024, 7:57 p.m., Published: Aug. 26, 2024, 10:11 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-43913

CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability - Security Boulevard

Trust: 3.25

Fetched: Sept. 16, 2024, 7:56 p.m., Published: Sept. 13, 2024, 2:34 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-29847