Sign-up

VARIoT news about IoT security

Vulnerability Charts

Trust: 3.0

Fetched: Aug. 16, 2024, 10:44 a.m., Published: Aug. 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-3823, CVE-2024-4577, CVE-2023-3824, CVE-2024-2757

TVT DVR Sensitive Device - Information Disclosure (CVE-2024-7339) - Vulnerability & Exploit Database

Trust: 5.0

Fetched: Aug. 16, 2024, 10:38 a.m., Published: Aug. 5, 2024, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-7339

Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users

Trust: 5.5

Fetched: Aug. 16, 2024, 10:37 a.m., Published: Aug. 9, 2024, 1:18 p.m.
 Vulnerabilities: memory corruption, code execution, privilege escalation
Affected productsExternal IDs
vendor: sonos model: sonos
db: NVD ids: CVE-2023-50810, CVE-2024-20018, CVE-2023-50809

About the security content of iOS 17.5 and iPadOS 17.5 - Apple Support

Trust: 5.25

Fetched: Aug. 16, 2024, 10:34 a.m., Published: Aug. 17, 2024, midnight
 Vulnerabilities: bounds access issue, authentication issue, code execution...
Affected productsExternal IDs
vendor: trend model: security
vendor: apple model: ipad air
vendor: apple model: iphone
vendor: apple model: ipad
vendor: trend micro model: security
db: NVD ids: CVE-2024-27815, CVE-2024-27818, CVE-2024-27834, CVE-2024-27830, CVE-2024-27800, CVE-2024-27826, CVE-2024-27832, CVE-2024-27833, CVE-2024-27796, CVE-2024-27811, CVE-2024-27804, CVE-2024-27823, CVE-2024-27847, CVE-2024-27839, CVE-2024-27819, CVE-2024-27841, CVE-2024-23251, CVE-2024-27806, CVE-2024-27816, CVE-2024-27807, CVE-2024-27805, CVE-2024-27850, CVE-2024-27838, CVE-2024-27831, CVE-2024-27821, CVE-2024-27852, CVE-2024-27835, CVE-2024-27851, CVE-2024-27884, CVE-2024-27801, CVE-2024-27845, CVE-2024-27857, CVE-2024-27810, CVE-2024-27836, CVE-2024-27803, CVE-2024-27808, CVE-2024-27802, CVE-2024-27840, CVE-2024-27820, CVE-2024-23282, CVE-2024-27855, CVE-2024-27828, CVE-2023-42893, CVE-2024-27817, CVE-2024-27848

​Zigbee explained: Hubs, the best Zigbee devices and everything you need to know - The Ambient

Trust: 3.25

Fetched: Aug. 16, 2024, 10:32 a.m., Published: Jan. 24, 2018, 5:42 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh
vendor: samsung model: samsung
vendor: samsung smartthings model: samsung
vendor: comcast model: xfinity
vendor: comcast model: comcast xfinity
vendor: amazon model: echo show
vendor: google model: google home
vendor: google model: home

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

Trust: 4.75

Fetched: Aug. 16, 2024, 10:26 a.m., Published: Aug. 13, 2024, 2:02 p.m.
 Vulnerabilities: improper validation, code execution, privilege escalation
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-31315

CVE-2024-41976 - Siemens SCALANCE and RUGGEDCOM Routing Devices Remote Code Execution Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202408-0003

Trust: 4.75

Fetched: Aug. 16, 2024, 10:26 a.m., Published: Aug. 13, 2024, 8:15 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: siemens model: ruggedcom
vendor: siemens model: scalance s615
vendor: siemens model: ruggedcom rm1224
vendor: siemens model: scalance
db: NVD ids: CVE-2024-41976

IBM QRadar Vulnerabilities Lets Attackers Trigger Arbitrary Code Remotely

Trust: 5.75

Fetched: Aug. 16, 2024, 10:21 a.m., Published: Aug. 15, 2024, 3:42 a.m.
 Vulnerabilities: cross-site scripting, code execution, denial of service...
Affected productsExternal IDs
vendor: node.js model: node.js
db: NVD ids: CVE-2024-29415, CVE-2024-30261, CVE-2024-25024, CVE-2024-28799, CVE-2024-3651, CVE-2024-39008, CVE-2024-28176, CVE-2024-37168, CVE-2024-34064, CVE-2024-30260

Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs - Blog | Tenable®

Trust: 3.5

Fetched: Aug. 16, 2024, 10:20 a.m., Published: Aug. 13, 2024, 7:05 p.m.
 Vulnerabilities: code execution, memory corruption, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2024-38107, CVE-2024-38141, CVE-2024-38199, CVE-2024-38193, CVE-2024-38200, CVE-2024-38189, CVE-2024-38106, CVE-2024-38202, CVE-2024-21302, CVE-2024-38142, CVE-2024-38063, CVE-2024-38213, CVE-2024-38109, CVE-2024-38133, CVE-2024-38153, CVE-2024-38206, CVE-2024-38178, CVE-2024-38163

Critical 0-Click RCE in Windows TCP/IP Stack Impacts All Systems

Trust: 4.25

Fetched: Aug. 16, 2024, 10:19 a.m., Published: Aug. 14, 2024, 3:47 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-38063

CVE-2024-7357 - D-Link DIR-600 Remote SOAPCGI os Command Injection Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202408-0139

Trust: 5.5

Fetched: Aug. 16, 2024, 10:19 a.m., Published: Aug. 1, 2024, 1:15 p.m.
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
vendor: dlink model: dir-600
vendor: d-link model: dir-600
db: NVD ids: CVE-2024-7357

CVE-2024-41978 - Siemens RUGGEDCOM and SCALANCE Device 2FA Token Forgery Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202408-0002

Trust: 3.5

Fetched: Aug. 16, 2024, 10:18 a.m., Published: Aug. 13, 2024, 8:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: ruggedcom
vendor: siemens model: scalance s615
vendor: siemens model: ruggedcom rm1224
vendor: siemens model: scalance
db: NVD ids: CVE-2024-41978

Open Source Firewall pfsense Vulnerable to Remote Code Execution Attacks

Trust: 5.0

Fetched: Aug. 16, 2024, 10:18 a.m., Published: Aug. 9, 2024, 1:33 p.m.
 Vulnerabilities: code execution, default credentials
Affected productsExternal IDs
vendor: pfsense model: pfsense
db: NVD ids: CVE-2022-31814

CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets

Trust: 4.75

Fetched: Aug. 16, 2024, 10:17 a.m., Published: Aug. 14, 2024, 4 p.m.
 Vulnerabilities: information exposure
Affected productsExternal IDs
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
db: NVD ids: CVE-2024-5916

Threat Advisory: CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerability

Trust: 4.0

Fetched: Aug. 16, 2024, 10:16 a.m., Published: Aug. 16, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-38063

CVE-2024-3913 - D-Link Embedded Device File Write Vulnerability

Trust: 3.0

Fetched: Aug. 16, 2024, 10:14 a.m., Published: Aug. 13, 2024, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3913

CVE-2024-3913 - D-Link Embedded Device File Write Vulnerability

Trust: 3.0

Fetched: Aug. 16, 2024, 10:14 a.m., Published: Aug. 13, 2024, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-3913

Android vulnerability discovered affecting millions of Pixel devices worldwide - GIGAZINE

Trust: 4.5

Fetched: Aug. 16, 2024, 10:11 a.m., Published: Aug. 16, 2024, 11:23 a.m.
 Vulnerabilities: code injection, code execution
Affected productsExternal IDs
vendor: essential model: phone
vendor: google model: pixel
vendor: google model: android

Report: Google Pixel phones sold with hidden surveillance software - The Verge

Trust: 3.75

Fetched: Aug. 16, 2024, 10:10 a.m., Published: Aug. 15, 2024, 5:12 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android

Your Pixel Has a Dangerous Security Vulnerability Baked Into Its Firmware

Trust: 3.5

Fetched: Aug. 16, 2024, 10:09 a.m., Published: Aug. 15, 2024, 10:01 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: software update
vendor: apple model: iphone
vendor: google model: pixel
vendor: google model: android