Sign-up

VARIoT news about IoT security

Xiaomi Phones Affected By 20+ Security Vulnerabilities

Trust: 3.75

Fetched: May 17, 2024, 9:30 a.m., Published: May 6, 2024, 5:08 p.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: xiaomi model: miui
vendor: google model: android

Cisco AppDynamics Network Visibility Service Denial of Service Vulnerability

Trust: 3.25

Fetched: May 17, 2024, 9:29 a.m., Published: May 15, 2024, 3:50 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day

Trust: 3.5

Fetched: May 17, 2024, 9:29 a.m., Published: May 5, 2024, midnight
 Vulnerabilities: command execution, authentication bypass, command injection
Affected productsExternal IDs
vendor: d-link model: router

Android smartphones at risk of ‘Dirty Stream’ attack via Google Play Store apps- Report | Tech News

Trust: 3.5

Fetched: May 17, 2024, 9:27 a.m., Published: May 6, 2024, 4:15 a.m.
 Vulnerabilities: code execution, path traversal
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: google model: android

New Android security flaw lets hackers seize control of apps - how to stay safe | Tom's Guide

Trust: 3.75

Fetched: May 17, 2024, 9:27 a.m., Published: May 5, 2024, 3:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Top IoT platform vulnerabilities put 100+ million devices at risk - security cameras and baby monitors under threat | TechRadar

Trust: 5.0

Fetched: May 17, 2024, 9:27 a.m., Published: May 15, 2024, 1 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6322, CVE-2023-6324, CVE-2023-6323, CVE-2023-6321

iOS 17.5 Kernel Vulnerability For Jailbreak Released - iDevice Central

Trust: 3.5

Fetched: May 17, 2024, 9:26 a.m., Published: May 14, 2024, 9:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: safari
vendor: apple model: webkit
db: NVD ids: CVE-2024-27804, CVE-2024-27818

Android Security Bulletin-December 2021 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202112-0911, VAR-202112-0901, VAR-202112-0909, VAR-202112-0916, VAR-202112-0910, VAR-202112-1035, VAR-202112-0908, VAR-202112-0900, VAR-202112-0906

Trust: 5.25

Fetched: May 17, 2024, 9:25 a.m., Published: Dec. 17, 2021, midnight
 Vulnerabilities: information disclosure, memory corruption, code execution...
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: samsung model: notes
vendor: samsung model: mobile
vendor: motorola model: android
vendor: motorola model: motorola
vendor: huawei model: huawei
db: NVD ids: CVE-2021-0956, CVE-2020-11263, CVE-2021-30273, CVE-2021-0953, CVE-2021-0958, CVE-2021-0963, CVE-2021-30275, CVE-2021-0967, CVE-2021-0952, CVE-2021-30283, CVE-2021-30351, CVE-2021-30279, CVE-2021-30271, CVE-2021-0955, CVE-2021-1918, CVE-2021-0675, CVE-2021-0968, CVE-2021-1894, CVE-2021-0965, CVE-2021-30274, CVE-2021-0970, CVE-2021-30303, CVE-2021-30272, CVE-2021-0704, CVE-2021-30289, CVE-2021-30282, CVE-2021-30269, CVE-2021-30270, CVE-2021-0966, CVE-2021-0969, CVE-2021-0964, CVE-2021-30276, CVE-2021-30336, CVE-2021-0954, CVE-2021-30267, CVE-2021-30293, CVE-2021-0971, CVE-2021-30268, CVE-2021-30278, CVE-2021-0904

Top 8 Mobile Code Vulnerabilities and How to Avoid them

Trust: 3.5

Fetched: May 17, 2024, 9:23 a.m., Published: March 23, 2022, midnight
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: delegate model: delegate

10 Effective Ways to Protect Your Devices from Wi-Fi Vulnerability

Trust: 4.5

Fetched: May 17, 2024, 9:16 a.m., Published: June 22, 2023, 5:54 p.m.
 Vulnerabilities: default administrator password
Affected productsExternal IDs
vendor: essential model: phone

Hey, Siri: Hackers Can Control Smart Devices Using Inaudible Sounds

Trust: 3.75

Fetched: May 17, 2024, 9:15 a.m., Published: May 5, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: home
vendor: google model: google home

Remote Code Execution (RCE) | Types, Examples & Mitigation | Imperva

Related entries in the VARIoT vulnerabilities database: VAR-202104-0752, VAR-202112-1782, VAR-202112-0562, VAR-202112-0566

Trust: 5.25

Fetched: May 17, 2024, 9:15 a.m., Published: Dec. 20, 2023, 3:52 p.m.
 Vulnerabilities: privilege escalation, injection attack, service disruption...
Affected productsExternal IDs
vendor: imperva model: web application firewall
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2021-1844, CVE-2019-8942, CVE-2021-45105, CVE-2020-17051, CVE-2021-45046, CVE-2021-44228

OWASP Internet of Things | OWASP Foundation

Trust: 3.75

Fetched: May 17, 2024, 9:14 a.m., Published: May 10, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

What is CVE? Common Vulnerabilities & Exposures - CrowdStrike

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: May 17, 2024, 9:13 a.m., Published: March 19, 2024, 5:29 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-34523, CVE-2021-34473, CVE-2021-44228, CVE-2021-31207

The Top 10 IoT Security Tools | Expert Insights

Trust: 3.25

Fetched: May 15, 2024, 9:08 a.m., Published: Aug. 14, 2023, 9:33 a.m.
 Vulnerabilities: -
Affected productsExternal IDs

Is Smart Home Security Easily Hacked? Here's Everything You Should Know - CNET

Trust: 3.25

Fetched: May 12, 2024, 9:27 a.m., Published: May 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dahua model: camera
vendor: huawei model: huawei

Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion | Ars Technica

Trust: 3.75

Fetched: May 12, 2024, 9:08 a.m., Published: May 8, 2024, 9:35 p.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-26026, CVE-2024-21793

CyberPower PowerPanel Enterprise Power Device Network Utility Multiple Vulnerabilities | allinfosecnews.com

Trust: 3.0

Fetched: May 10, 2024, 9:47 a.m., Published: May 9, 2024, 2:39 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-32735

Top 100 web vulnerabilities. Injection Vulnerabilities: 1. SQL… | by Cysigma | Apr, 2024 | Medium

Trust: 3.0

Fetched: May 10, 2024, 9:45 a.m., Published: -
 Vulnerabilities: code execution, file inclusion, cross-site scripting...
Affected productsExternal IDs

Identification of Big-IP icontrol Rest Vulnerability CVE-2022-1388 by Moon Treader - Vehere

Related entries in the VARIoT vulnerabilities database: VAR-202205-0394

Trust: 5.0

Fetched: May 10, 2024, 9:44 a.m., Published: May 9, 2024, 8:50 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-1388