Sign-up

VARIoT news about IoT security

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-200411-0080, VAR-200809-0311, VAR-200803-0060, VAR-200809-0004, VAR-200803-0006, VAR-202012-1099, VAR-202204-1970, VAR-201708-0403, VAR-200605-0265, VAR-200508-0116, VAR-202208-2139, VAR-202002-0522, VAR-200803-0008, VAR-201101-0214, VAR-200801-0206, VAR-200806-0028, VAR-200505-0999, VAR-202002-0525, VAR-200810-0303, VAR-200710-0057, VAR-201810-1148, VAR-200508-0264, VAR-201006-0258, VAR-200905-0190, VAR-202002-0565, VAR-200107-0147, VAR-202301-0975, VAR-202301-0949, VAR-202012-1100, VAR-201006-0273, VAR-202301-0652, VAR-200803-0166, VAR-200408-0079, VAR-200412-0233, VAR-200509-0223, VAR-200509-0096, VAR-200905-0191, VAR-201411-0433, VAR-202305-2432, VAR-200905-0192, VAR-201910-1351, VAR-200212-0695, VAR-202012-1102, VAR-201810-1093, VAR-200610-0506, VAR-200203-0057, VAR-200703-0627, VAR-201409-0056, VAR-201409-0059, VAR-200707-0349, VAR-200211-0010, VAR-202010-0520, VAR-202002-0519, VAR-200312-0446, VAR-201207-0320, VAR-200906-0439, VAR-201111-0178, VAR-201006-0465, VAR-201906-0418, VAR-200905-0189, VAR-200612-0590, VAR-200812-0329, VAR-200803-0061, VAR-200509-0093, VAR-200601-0270, VAR-201409-0057, VAR-201907-1574, VAR-200803-0064, VAR-200212-0296, VAR-201810-1092, VAR-200909-0134, VAR-202208-1701, VAR-200412-0788, VAR-200803-0170, VAR-200505-0609, VAR-200412-0234, VAR-202002-0520, VAR-200812-0330, VAR-201111-0179, VAR-200905-0193, VAR-200208-0019, VAR-202012-1101, VAR-201911-1035, VAR-202002-0524, VAR-200604-0339, VAR-201809-0319, VAR-200603-0054, VAR-200212-0086, VAR-200704-0461, VAR-200809-0436, VAR-200603-0053, VAR-201712-0291, VAR-201409-0058, VAR-200805-0149, VAR-202001-1158, VAR-200803-0059, VAR-200512-0266, VAR-200905-0188, VAR-200810-0116, VAR-200902-0210, VAR-202002-0523, VAR-200211-0060, VAR-201411-0434, VAR-202102-1300, VAR-201906-0002, VAR-200905-0187, VAR-202002-0571, VAR-200108-0036, VAR-202002-0521, VAR-202305-2397, VAR-200703-0205, VAR-200803-0007, VAR-200212-0041, VAR-201906-0212, VAR-200911-0308, VAR-200611-0141, VAR-200809-0452, VAR-200509-0095, VAR-200509-0097

Trust: 6.25

Fetched: Jan. 14, 2024, 9:20 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: denial of service, directory traversal, os command injection...
Affected productsExternal IDs
vendor: broadcom model: adsl
vendor: broadcom model: bcmwl5.sys wireless device driver
vendor: broadcom model: linux
vendor: broadcom model: bcmwl5.sys
vendor: cisco model: wrt54g
vendor: cisco model: linksys e2000
vendor: cisco model: ip phone
vendor: cisco model: wag200g
vendor: cisco model: linksys wrt350n
vendor: cisco model: wrt300n
vendor: cisco model: linksys ea6500
vendor: cisco model: linksys e1200
vendor: cisco model: ea6200
vendor: cisco model: ea6400
vendor: cisco model: linksys
vendor: cisco model: ea4500
vendor: cisco model: spa-2102 phone adapter
vendor: cisco model: wag54gs
vendor: cisco model: cisco linksys playerpt activex control
vendor: cisco model: wrt54gl
vendor: cisco model: wrt54gc
vendor: cisco model: re6300
vendor: cisco model: e2500
vendor: cisco model: wvc54gca
vendor: cisco model: ea6900
vendor: cisco model: wvbr0
vendor: cisco model: wvc54gc
vendor: cisco model: ea6700
vendor: cisco model: router
vendor: cisco model: linksys wrt54g
vendor: cisco model: e4200v2
vendor: cisco model: linksys ea4500
vendor: cisco model: linksys wrt110
vendor: cisco model: routers
vendor: cisco model: ea2700
vendor: cisco model: linksys playerpt activex control
vendor: cisco model: wrt1900acs
vendor: cisco model: linksys wrt54gc
vendor: cisco model: spa941
vendor: cisco model: linksys e4200
vendor: cisco model: linksys routers
vendor: cisco model: e1200 firmware
vendor: cisco model: wag54g2
vendor: cisco model: re6400
vendor: cisco model: e2500 firmware
vendor: cisco model: wrt54gx
vendor: cisco model: wap54gv3
vendor: cisco model: access points
vendor: cisco model: wvc200 wireless-g ptz internet video camera
vendor: cisco model: wap4400n
vendor: cisco model: cisco wvc200 wireless-g ptz internet video camera
vendor: cisco model: wireless access point
vendor: cisco model: wvc200
vendor: cisco model: cisco linksys wrh54g
vendor: cisco model: linksys e2500
vendor: cisco model: linksys wrt54g router
vendor: cisco model: linksys wag200g
vendor: cisco model: ea6300
vendor: cisco model: velop
vendor: cisco model: linksys wrt54gc router
vendor: cisco model: wrt350n
vendor: cisco model: linksys wrt54g router firmware
vendor: cisco model: wip 330 wireless-g ip phone
vendor: cisco model: linksys wrh54g
vendor: cisco model: cisco linksys wrt350n
vendor: cisco model: ea3500
vendor: cisco model: cisco linksys wrt54gc
vendor: cisco model: linksys wrt54gx
vendor: cisco model: e1200
vendor: cisco model: linksys wrt160n
vendor: cisco model: ea6500 firmware
vendor: cisco model: wrt160n
vendor: cisco model: linksys wag54g2
vendor: cisco model: ea6500
vendor: cisco model: linksys wrt54gs
vendor: cisco model: wrt54gs
vendor: linksys model: wrt54g
vendor: linksys model: wag200g
vendor: linksys model: wrt300n
vendor: linksys model: befsru31
vendor: linksys model: ea6200
vendor: linksys model: ea6400
vendor: linksys model: ea4500
vendor: linksys model: spa-2102 phone adapter
vendor: linksys model: wag54gs
vendor: linksys model: wrt54gl
vendor: linksys model: wrt54gc
vendor: linksys model: re6300
vendor: linksys model: e2500
vendor: linksys model: befsr41
vendor: linksys model: wrt110
vendor: linksys model: wet11
vendor: linksys model: befsr11
vendor: linksys model: ea6900
vendor: linksys model: wvbr0
vendor: linksys model: wvc54gc
vendor: linksys model: ea6700
vendor: linksys model: e4200v2
vendor: linksys model: befsx41
vendor: linksys model: ea2700
vendor: linksys model: wrt1900acs
vendor: linksys model: spa941
vendor: linksys model: wag54g2
vendor: linksys model: re6400
vendor: linksys model: wrt54gx
vendor: linksys model: wap54gv3
vendor: linksys model: wap4400n
vendor: linksys model: rt31p2
vendor: linksys model: befw11s4
vendor: linksys model: ea6300
vendor: linksys model: velop
vendor: linksys model: wrt350n
vendor: linksys model: re6500
vendor: linksys model: befn2ps4
vendor: linksys model: wip 330 wireless-g ip phone
vendor: linksys model: befvp41
vendor: linksys model: befsr81
vendor: linksys model: wap55ag
vendor: linksys model: wpc300n wireless-n notebook adapter
vendor: linksys model: ea3500
vendor: linksys model: e1200
vendor: linksys model: wvc11b
vendor: linksys model: wrt160n
vendor: linksys model: rt31p2 voip router
vendor: linksys model: wap11
vendor: linksys model: spa941 voip phone
vendor: linksys model: ea6500
vendor: linksys model: wrt54gs
vendor: marvell model: semiconductor 88w8361p-bem1 chipset
vendor: alloy model: gl-2422ap-s
vendor: netgear model: me102
vendor: netgear model: router
vendor: wrt54g model: linksys
vendor: belkin model: linksys wrt1900acs
vendor: belkin model: linksys ea6500
vendor: belkin model: linksys e1200
vendor: belkin model: ea6400
vendor: belkin model: ea6900
vendor: belkin model: linksys velop
vendor: belkin model: router
vendor: belkin model: ea2700
vendor: belkin model: wrt1900acs
vendor: belkin model: linksys e4200
vendor: belkin model: linksys re6500
vendor: belkin model: linksys e2500
vendor: belkin model: ea6300
vendor: belkin model: linksys wrt160nl
vendor: belkin model: ea6500
vendor: belkin model: belkin linksys wrt160nl 1.0.04.002_us_20130619
vendor: d-link model: router
vendor: d-link model: di-804
vendor: d-link model: dl-704
vendor: marvell semiconductor model: semiconductor 88w8361p-bem1 chipset
vendor: wisecom model: gl2422ap-0t
vendor: apple model: safari
vendor: atmel model: 802.11b vnet-b access point
vendor: globalsuntech model: wisecom gl2422ap-0t
db: NVD ids: CVE-2004-0312, CVE-2008-1144, CVE-2008-1264, CVE-2008-1197, CVE-2007-6707, CVE-2020-35713, CVE-2022-24372, CVE-2017-10677, CVE-2006-2559, CVE-2022-35572, CVE-2005-2589, CVE-2022-38555, CVE-2013-2681, CVE-2007-6709, CVE-2011-0352, CVE-2008-0228, CVE-2008-2636, CVE-2005-1059, CVE-2013-2684, CVE-2008-4441, CVE-2007-5411, CVE-2018-3953, CVE-2005-2434, CVE-2010-2261, CVE-2009-1558, CVE-2013-3067, CVE-2001-0514, CVE-2022-43970, CVE-2022-43973, CVE-2020-35714, CVE-2010-1573, CVE-2022-43972, CVE-2008-1243, CVE-2004-0580, CVE-2004-2507, CVE-2005-2799, CVE-2005-2915, CVE-2009-1559, CVE-2014-8243, CVE-2023-31742, CVE-2009-1560, CVE-2013-4658, CVE-2002-2371, CVE-2020-35716, CVE-2018-3955, CVE-2006-5202, CVE-2002-0109, CVE-2007-1585, CVE-2013-3064, CVE-2013-3068, CVE-2007-3574, CVE-2002-1236, CVE-2023-31740, CVE-2020-26561, CVE-2013-2678, CVE-2003-1497, CVE-2012-0284, CVE-2009-2073, CVE-2011-4499, CVE-2010-2506, CVE-2019-7579, CVE-2009-1557, CVE-2006-6411, CVE-2008-4390, CVE-2008-1265, CVE-2005-2912, CVE-2006-0309, CVE-2013-3065, CVE-2019-11535, CVE-2022-38841, CVE-2008-1268, CVE-2002-1865, CVE-2018-3954, CVE-2009-3341, CVE-2022-38132, CVE-2004-2606, CVE-2009-5140, CVE-2008-1247, CVE-2005-0334, CVE-2004-2508, CVE-2013-2679, CVE-2008-4391, CVE-2011-4500, CVE-2009-1561, CVE-2002-0426, CVE-2020-35715, CVE-2019-16340, CVE-2013-2683, CVE-2006-1973, CVE-2018-17208, CVE-2006-1068, CVE-2002-2137, CVE-2007-2270, CVE-2008-4296, CVE-2006-1067, CVE-2017-17411, CVE-2022-43971, CVE-2013-3066, CVE-2008-2092, CVE-2013-5122, CVE-2008-1263, CVE-2005-4257, CVE-2009-1556, CVE-2008-4594, CVE-2008-6280, CVE-2013-2682, CVE-2002-1312, CVE-2014-8244, CVE-2021-25310, CVE-2009-5157, CVE-2009-1555, CVE-2013-3568, CVE-2001-1117, CVE-2013-2680, CVE-2023-31741, CVE-2006-7121, CVE-2007-6708, CVE-2002-2159, CVE-2019-7311, CVE-2007-5475, CVE-2006-5882, CVE-2007-5474, CVE-2005-2914, CVE-2005-2916

The first Windows security updates of 2024 are here - gHacks Tech News

Trust: 3.5

Fetched: Jan. 14, 2024, 9:18 a.m., Published: Jan. 9, 2024, 6:54 p.m.
 Vulnerabilities: feature bypass, security feature bypass, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-20700, CVE-2024-20674

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

Trust: 3.25

Fetched: Jan. 14, 2024, 9:18 a.m., Published: Jan. 11, 2024, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2023-29357

Cisco Identity Services Engine Stored Cross-Site Scripting V... - vulnerability database | Vulners.com

Trust: 5.0

Fetched: Jan. 12, 2024, 9:54 a.m., Published: Jan. 10, 2024, 4 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trust: 3.5

Fetched: Jan. 12, 2024, 9:52 a.m., Published: Jan. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: filezilla model: server
db: NVD ids: CVE-2023-36025

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trust: 3.5

Fetched: Jan. 12, 2024, 9:52 a.m., Published: Jan. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: filezilla model: server
db: NVD ids: CVE-2023-36025

CVE - CVE-2023-43115

Trust: 3.25

Fetched: Jan. 12, 2024, 9:51 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-43115

CVE-2024-20666 Vulnerability Creates Patch Failures for WinRE OS Update - NinjaOne

Trust: 3.25

Fetched: Jan. 12, 2024, 9:51 a.m., Published: Jan. 10, 2024, 5:21 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-20666

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trust: 3.5

Fetched: Jan. 12, 2024, 9:50 a.m., Published: Jan. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend model: antivirus
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: filezilla model: server
db: NVD ids: CVE-2023-36025

Kyocera Device Manager Vulnerability (CVE-2023-50916) and QNAP Systems Security Fixes - CyberSRC

Trust: 3.0

Fetched: Jan. 12, 2024, 9:49 a.m., Published: Jan. 10, 2024, 7:36 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability - Cisco

Trust: 5.0

Fetched: Jan. 12, 2024, 9:38 a.m., Published: Jan. 10, 2024, 10:05 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

Security Vulnerability in KYOCERA Device Manager | KYOCERA Document Solutions

Trust: 3.25

Fetched: Jan. 12, 2024, 9:33 a.m., Published: Jan. 11, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software

Trust: 5.75

Fetched: Jan. 12, 2024, 9:32 a.m., Published: Jan. 11, 2024, 4:55 a.m.
 Vulnerabilities: command injection, file upload bug, improper validation
Affected productsExternal IDs
vendor: cisco model: wap371
vendor: cisco model: cisco unity
vendor: cisco model: unity
vendor: cisco model: identity services engine
vendor: cisco model: cisco unity connection
vendor: cisco model: wireless access point
vendor: cisco model: telepresence
vendor: cisco model: telepresence management suite
vendor: cisco model: unity connection
db: NVD ids: CVE-2024-20287, CVE-2024-20272

Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887) - Help Net Security

Trust: 3.5

Fetched: Jan. 12, 2024, 9:32 a.m., Published: Jan. 11, 2024, 11:35 a.m.
 Vulnerabilities: command injection, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2023-46805

Security Vulnerability in KYOCERA Device Manager

Trust: 3.25

Fetched: Jan. 12, 2024, 9:27 a.m., Published: Jan. 24, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-50916

(Response) Splitting Up Reverse Proxies To Reach Internal Only Paths

Trust: 3.75

Fetched: Jan. 12, 2024, 9:26 a.m., Published: Jan. 24, 2024, midnight
 Vulnerabilities: response splitting vulnerability
Affected productsExternal IDs

.NET January 2024 Updates - .NET 8.0.1, 7.0.15, .NET 6.0.26 - .NET Blog

Trust: 5.0

Fetched: Jan. 12, 2024, 9:26 a.m., Published: Jan. 9, 2024, 6 p.m.
 Vulnerabilities: feature bypass, denial of service, security feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2024-0057, CVE-2024-21319, CVE-2024-0056

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

Trust: 5.0

Fetched: Jan. 12, 2024, 9:20 a.m., Published: Jan. 10, 2024, 3:55 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: cisco model: identity services engine
vendor: cisco model: cisco identity services engine

Cisco WAP371 Wireless Access Point Command Injection Vulnerability - Cisco

Trust: 5.0

Fetched: Jan. 12, 2024, 9:20 a.m., Published: Jan. 10, 2024, 10:05 a.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: wap371
vendor: cisco model: wireless access point

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks | Ars Technica

Trust: 5.75

Fetched: Jan. 12, 2024, 9:20 a.m., Published: Jan. 10, 2024, 10:18 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: pulse secure model: connect secure
vendor: citrix model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler application delivery controller
vendor: citrix model: application delivery controller
vendor: citrix model: netscaler
db: NVD ids: CVE-2023-49103, CVE-2023-46805, CVE-2022-47966, CVE-2024-21887, CVE-2023-34362