Sign-up

VARIoT news about IoT security

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-200903-0335, VAR-201109-0130, VAR-201303-0226, VAR-200903-0332, VAR-201202-0054, VAR-201008-0131, VAR-200904-0328, VAR-201008-0028

Trust: 4.25

Fetched: Jan. 16, 2024, 9:35 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: access violation, information disclosure, double dereference...
Affected productsExternal IDs
vendor: squid model: squid
vendor: delegate model: delegate
vendor: moonlight model: moonlight
vendor: qbik model: wingate
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2009-0803, CVE-2017-0014, CVE-2016-3367, CVE-2009-0804, CVE-2015-6114, CVE-2015-6165, CVE-2011-3389, CVE-2017-0108, CVE-2015-2464, CVE-2009-2497, CVE-2013-3896, CVE-2015-1671, CVE-2013-3129, CVE-2013-0074, CVE-2012-0159, CVE-2015-2435, CVE-2011-1844, CVE-2018-15659, CVE-2009-0802, CVE-2017-0283, CVE-2015-2463, CVE-2009-0801, CVE-2013-3178, CVE-2015-2456, CVE-2012-0014, CVE-2015-6166, CVE-2010-1898, CVE-2009-1211, CVE-2015-2455, CVE-2016-3209, CVE-2014-4589, CVE-2010-0019, CVE-2011-1253, CVE-2016-0034, CVE-2013-3131, CVE-2011-1845, CVE-2015-6108, CVE-2011-2632, CVE-2011-0664, CVE-2010-4254, CVE-2015-1715, CVE-2014-0319, CVE-2012-2292, CVE-2012-0176, CVE-2020-11414, CVE-2017-8528

Over 178,000 SonicWall Firewalls Exposed to Potential Hacks Due to Unpatched Vulnerabilities - VULNERA

Trust: 4.75

Fetched: Jan. 16, 2024, 9:33 a.m., Published: Jan. 15, 2024, 9:33 p.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
vendor: sonicwall model: sonicos
db: NVD ids: CVE-2023-0656, CVE-2022-22274

CVE-2023-49107 - vulnerability database | Vulners.com

Trust: 4.0

Fetched: Jan. 16, 2024, 9:32 a.m., Published: Jan. 16, 2024, 1:15 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: hitachi model: device manager
vendor: hitachi model: hitachi device manager
db: NVD ids: CVE-2023-49107

50 Web Security Stats You Should Know In 2024 | Expert Insights

Trust: 3.75

Fetched: Jan. 16, 2024, 9:26 a.m., Published: Jan. 10, 2024, 4:56 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: home

Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

Trust: 3.0

Fetched: Jan. 16, 2024, 9:25 a.m., Published: Jan. 16, 2024, 6:20 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-49722

Google MultiLogin exploit enables persistent unauthorized access

Trust: 4.5

Fetched: Jan. 16, 2024, 9:23 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: barracuda model: barracuda
vendor: google model: chrome
db: NVD ids: CVE-2023-7101, CVE-2023-7102

Juniper Fixes Critical Vulnerability in Firewalls and Switches - Lansweeper

Trust: 3.0

Fetched: Jan. 16, 2024, 9:22 a.m., Published: Feb. 15, 2023, 7:39 a.m.
 Vulnerabilities: code execution, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2024-21591

Unpatched Samsung Chipset Vulnerabilities Open Android Users to RCE Attacks

Trust: 5.5

Fetched: Jan. 16, 2024, 9:21 a.m., Published: Jan. 5, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: exynos
vendor: samsung model: galaxy
vendor: samsung model: mobile devices
vendor: samsung model: notes
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2023-24033, CVE-2023-26496, CVE-2023-26497, CVE-2023-26498

Another home thermostat found vulnerable to attack

Trust: 3.5

Fetched: Jan. 16, 2024, 9:15 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trane model: thermostat
vendor: trane model: comfortlink ii
vendor: smarter model: coffee
vendor: rising model: antivirus
vendor: google model: wifi
vendor: google model: home

CVE - CVE-2011-0638

Trust: 3.25

Fetched: Jan. 14, 2024, 10:37 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2011-0638

Fixes issued for six Chrome vulnerabilities | SC Media

Trust: 3.25

Fetched: Jan. 14, 2024, 10:36 a.m., Published: Jan. 5, 2024, 10:45 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2023-29357

Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

Trust: 4.25

Fetched: Jan. 14, 2024, 10:33 a.m., Published: Jan. 12, 2024, 10:28 p.m.
 Vulnerabilities: authentication bypass, command injection, code execution
Affected productsExternal IDs
vendor: trend micro model: security
vendor: pulsesecure model: policy secure
vendor: pulsesecure model: pulse connect secure
vendor: pulsesecure model: connect secure
vendor: trend model: security
db: NVD ids: CVE-2023-46805, CVE-2024-21887

Can Home Assistant Run on Raspberry Pi Zero 2 W? - ByRetreat

Trust: 3.5

Fetched: Jan. 14, 2024, 10:32 a.m., Published: Dec. 21, 2023, 8:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: home assistant model: home assistant

CVE - CVE-2021-1497

Trust: 3.25

Fetched: Jan. 14, 2024, 10:31 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-1497

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-201304-0252, VAR-201309-0003, VAR-201511-0294, VAR-202105-1451, VAR-202010-0467, VAR-202105-0904, VAR-201408-0279, VAR-201310-0032, VAR-200905-0261, VAR-201406-0102, VAR-200905-0262, VAR-201310-0031, VAR-201310-0030, VAR-201511-0101, VAR-202010-0453, VAR-201309-0002, VAR-201508-0166, VAR-201205-0297, VAR-201504-0451, VAR-200905-0265, VAR-200905-0263, VAR-201505-0417, VAR-201902-0242, VAR-201310-0029, VAR-201401-0139, VAR-201308-0129

Trust: 6.25

Fetched: Jan. 14, 2024, 10:28 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: kernel panic, code execution, improper validation...
Affected productsExternal IDs
vendor: cisco model: unity
vendor: cisco model: unified computing system
vendor: cisco model: cisco unified computing system
vendor: cisco model: cisco integrated management controller
vendor: cisco model: guard
vendor: cisco model: integrated management controller
vendor: parallels model: tools
vendor: emerson model: avocent mergepoint unity
vendor: emerson model: network power avocent mergepoint unity 2016
vendor: emerson network power model: avocent mergepoint unity
vendor: emerson network power model: network power avocent mergepoint unity 2016
vendor: canonical model: ubuntu
vendor: aten model: cn8000
vendor: aten model: kh1516i ip kvm switch
vendor: aten model: kn9116 ip kvm switch
db: NVD ids: CVE-2021-37576, CVE-2020-27777, CVE-2018-10853, CVE-2013-1943, CVE-2013-5634, CVE-2011-1773, CVE-2020-10756, CVE-2021-4095, CVE-2013-1186, CVE-2021-42073, CVE-2015-2877, CVE-2012-4073, CVE-2010-0297, CVE-2009-2287, CVE-2015-5307, CVE-2011-0011, CVE-2011-4127, CVE-2021-22543, CVE-2022-4636, CVE-2019-11135, CVE-2014-0142, CVE-2020-24628, CVE-2009-3290, CVE-2014-3645, CVE-2022-1158, CVE-2014-3601, CVE-2010-0430, CVE-2013-1798, CVE-2010-0309, CVE-2017-2584, CVE-2016-3713, CVE-2013-7130, CVE-2013-1935, CVE-2009-3722, CVE-2011-1750, CVE-2020-12768, CVE-2016-4440, CVE-2021-3501, CVE-2012-2137, CVE-2020-8834, CVE-2011-4622, CVE-2019-19332, CVE-2017-12188, CVE-2021-4032, CVE-2016-9777, CVE-2014-8480, CVE-2015-8345, CVE-2013-1766, CVE-2017-8106, CVE-2010-2784, CVE-2014-8369, CVE-2007-1320, CVE-2021-3653, CVE-2014-3080, CVE-2012-4117, CVE-2019-3016, CVE-2010-0306, CVE-2009-1242, CVE-2012-4461, CVE-2009-1472, CVE-2010-3881, CVE-2013-4129, CVE-2023-25530, CVE-2011-2212, CVE-2014-7842, CVE-2023-25527, CVE-2014-3611, CVE-2020-36313, CVE-2023-4155, CVE-2014-1997, CVE-2009-3616, CVE-2017-2596, CVE-2009-3640, CVE-2009-1473, CVE-2013-2007, CVE-2017-15306, CVE-2022-45869, CVE-2016-3044, CVE-2011-2512, CVE-2021-21731, CVE-2017-17741, CVE-2012-4116, CVE-2010-0741, CVE-2023-31029, CVE-2012-2652, CVE-2016-0749, CVE-2021-3656, CVE-2019-3887, CVE-2015-7513, CVE-2015-5156, CVE-2012-0045, CVE-2022-0171, CVE-2018-16882, CVE-2021-30178, CVE-2019-12491, CVE-2017-12168, CVE-2013-6368, CVE-2012-4115, CVE-2015-8104, CVE-2015-1950, CVE-2009-3638, CVE-2023-31024, CVE-2020-24627, CVE-2013-6376, CVE-2018-12904, CVE-2014-8481, CVE-2012-4072, CVE-2010-0435, CVE-2017-1000407, CVE-2015-3214, CVE-2016-8630, CVE-2020-2732, CVE-2010-5313, CVE-2019-7222, CVE-2019-14821, CVE-2022-2196, CVE-2017-7518, CVE-2013-4587, CVE-2020-36311, CVE-2021-29657, CVE-2014-8134, CVE-2010-0431, CVE-2022-1789, CVE-2017-2583, CVE-2015-3247, CVE-2014-0143, CVE-2010-3698, CVE-2010-0428, CVE-2022-3344, CVE-2010-0419, CVE-2021-42075, CVE-2020-36310, CVE-2013-6367, CVE-2014-0155, CVE-2012-1179, CVE-2020-36312, CVE-2021-4093, CVE-2017-12154, CVE-2012-2121, CVE-2023-1513, CVE-2021-43056, CVE-2015-3324, CVE-2008-2004, CVE-2008-4539, CVE-2023-30456, CVE-2018-19406, CVE-2012-2119, CVE-2015-0239, CVE-2022-2153, CVE-2022-1263, CVE-2021-42074, CVE-2021-44776, CVE-2010-0429, CVE-2016-9756, CVE-2021-42076, CVE-2014-0049, CVE-2013-0311, CVE-2015-3252, CVE-2014-3690, CVE-2011-2527, CVE-2004-2627, CVE-2009-1477, CVE-2010-4525, CVE-2016-9588, CVE-2010-2653, CVE-2012-0029, CVE-2012-1601, CVE-2015-4036, CVE-2013-1922, CVE-2021-42072, CVE-2008-2382, CVE-2013-1797, CVE-2023-5090, CVE-2009-4004, CVE-2016-10150, CVE-2015-4692, CVE-2023-25529, CVE-2022-39189, CVE-2023-2680, CVE-2011-1751, CVE-2022-1852, CVE-2014-8086, CVE-2019-7221, CVE-2015-5260, CVE-2021-38198, CVE-2009-1474, CVE-2014-3646, CVE-2023-31030, CVE-2022-0516, CVE-2010-0298, CVE-2009-4031, CVE-2014-3610, CVE-2021-20295, CVE-2015-3456, CVE-2021-3750, CVE-2018-12473, CVE-2019-6974, CVE-2017-1000252, CVE-2018-19407, CVE-2014-3615, CVE-2014-3647, CVE-2012-4114, CVE-2020-3993, CVE-2018-18021, CVE-2013-1796, CVE-2013-6030, CVE-2013-2069, CVE-2018-1087, CVE-2020-27152, CVE-2013-0526, CVE-2011-4347, CVE-2013-4592, CVE-2016-5412, CVE-2018-10901

CISA Issues ICS Advisories for Vulnerabilities Affecting Siemens, Schneider Electric, Rapid Software, Horner Automation

Related entries in the VARIoT vulnerabilities database: VAR-202402-0004, VAR-202401-0197, VAR-202401-0682, VAR-202402-0006, VAR-202401-0196

Trust: 4.5

Fetched: Jan. 14, 2024, 10:27 a.m., Published: Jan. 12, 2024, 1:19 p.m.
 Vulnerabilities: default credentials, code execution
Affected productsExternal IDs
vendor: horner automation model: cscape
vendor: horner automation model: automation cscape
vendor: schneider electric model: monitor
vendor: schneider model: monitor
vendor: siemens model: simatic
vendor: siemens model: simatic ipc847e
vendor: siemens model: simatic ipc647e
vendor: horner model: cscape
vendor: horner model: automation cscape
vendor: rapid model: scada
vendor: rapid model: rapid scada
vendor: rapid scada model: scada
vendor: rapid scada model: rapid scada
db: NVD ids: CVE-2024-21764, CVE-2023-49621, CVE-2023-7206, CVE-2023-51438, CVE-2023-7032, CVE-2024-21852, CVE-2023-49251

SSH shaken, not stirred by Terrapin downgrade vulnerability • The Register

Trust: 4.5

Fetched: Jan. 14, 2024, 10:21 a.m., Published: -
 Vulnerabilities: buffer overflow, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-46445, CVE-2023-48795, CVE-2023-46446

Two zero-days in Ivanti products actively exploited by threat actor | SC Media

Trust: 4.5

Fetched: Jan. 14, 2024, 10:12 a.m., Published: Jan. 4, 2024, 6 p.m.
 Vulnerabilities: authentication bypass, command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-46805, CVE-2024-21887

Private IP address disclosure

Trust: 4.0

Fetched: Jan. 14, 2024, 10:07 a.m., Published: Dec. 26, 2023, 3:17 p.m.
 Vulnerabilities: address disclosure
Affected productsExternal IDs

CVE - CVE-2022-45143

Trust: 3.25

Fetched: Jan. 14, 2024, 10:07 a.m., Published: Jan. 3, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-45143