Sign-up

VARIoT news about IoT security

CERT-In Warns of Multiple Vulnerabilities Affecting Millions of iOS and Android Devices | Technology News

Trust: 4.0

Fetched: May 14, 2025, 9:05 a.m., Published: May 14, 2025, 6:09 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel

FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device

Trust: 4.75

Fetched: May 14, 2025, 9:04 a.m., Published: May 13, 2025, 4:08 p.m.
 Vulnerabilities: service disruption, authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-22252

CVE-2025-0858: Path Traversal Vulnerability in HP Poly Edge E Devices

Trust: 3.75

Fetched: May 13, 2025, 9:27 a.m., Published: May 19, 2025, midnight
 Vulnerabilities: path traversal, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-0858

CISA Warns of Ongoing Exploitation of Vulnerability in SonicWall SMA Devices - cloudindustryreview.com

Related entries in the VARIoT vulnerabilities database: VAR-202112-0361

Trust: 4.5

Fetched: May 13, 2025, 9:26 a.m., Published: April 17, 2025, 6:02 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: remote access
vendor: trend model: security
db: NVD ids: CVE-2021-20038

CISA flags actively exploit vulnerabilities in SonicWall SMA devices - InsighthubNews

Related entries in the VARIoT vulnerabilities database: VAR-202109-0375

Trust: 5.75

Fetched: May 13, 2025, 9:25 a.m., Published: April 17, 2025, 8:51 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: secure mobile access
db: NVD ids: CVE-2021-20035

15 Open Source Vulnerability Scanners for 2025

Trust: 3.5

Fetched: May 13, 2025, 9:24 a.m., Published: Nov. 9, 2017, 9:27 a.m.
 Vulnerabilities: file inclusion, sql injection, cross-site scripting...
Affected productsExternal IDs
vendor: google model: chrome

Update Canonical Ubuntu Desktop: USN-7474-1: Docker vulnerabilities

Trust: 5.25

Fetched: May 13, 2025, 9:23 a.m., Published: Jan. 13, 7474, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2023-28842, CVE-2023-28840, CVE-2024-36621, CVE-2024-23651, CVE-2024-23652, CVE-2024-36623, CVE-2023-28841

Critical Android Security Alert: Multiple Vulnerabilities Expose Millions to Remote Code Execution - UNDERCODE NEWS

Trust: 5.5

Fetched: May 13, 2025, 9:20 a.m., Published: May 12, 2025, 1:41 a.m.
 Vulnerabilities: privilege escalation, information disclosure, code execution...
Affected productsExternal IDs
vendor: trend model: security
vendor: google model: android
db: NVD ids: CVE-2025-27363

組織向け Microsoft Defender for IoT の新機能のアーカイブ - Microsoft Defender for IoT | Microsoft Learn

Trust: 3.5

Fetched: May 13, 2025, 9:12 a.m., Published: April 6, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: aruba model: clearpass
vendor: schneider model: monitor

Update your iPhone: iOS 18.5 patches 30+ security vulnerabilities

Trust: 3.75

Fetched: May 13, 2025, 9:09 a.m., Published: May 12, 2025, 6:45 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: watch
vendor: apple model: mdnsresponder
vendor: apple model: software update
vendor: apple model: webkit
vendor: apple model: watchos
vendor: apple model: icloud
vendor: mdnsresponder model: mdnsresponder

Cisco IOS XE Software for WLC Wireless IPv6 Clients Denial of Service Vulnerability

Trust: 4.0

Fetched: May 13, 2025, 9:09 a.m., Published: May 7, 2025, 3:53 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software

Update Canonical Ubuntu Desktop: USN-7434-1: Perl vulnerability

Trust: 4.0

Fetched: May 13, 2025, 9:05 a.m., Published: Jan. 13, 7434, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Tenable Research in Verizon DBIR: Additional Research Analysis - CIO AXIS

Trust: 3.0

Fetched: May 13, 2025, 9:05 a.m., Published: April 24, 2025, 10:40 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: axis model: axis

Wormable Zero-Click RCE in Apple AirPlay Protocol Exposes Billions of Devices to Remote Attacks - Cyber Kendra

Trust: 5.5

Fetched: May 11, 2025, 9:16 a.m., Published: May 23, 2025, midnight
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2025-24271, CVE-2025-24137, CVE-2025-24132, CVE-2025-24252, CVE-2025-24206

Android's May 2025 Update Tackles CVE-2025-27363 & More - Langflow & MagicINFO Exploited, Kibana at Risk - SOCRadar® Cyber Intelligence Inc.

Related entries in the VARIoT vulnerabilities database: VAR-201805-0262

Trust: 5.25

Fetched: May 11, 2025, 9:15 a.m., Published: May 7, 2025, 12:54 p.m.
 Vulnerabilities: path traversal, code execution, command injection...
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: freetype model: freetype
vendor: google model: android
vendor: google model: wifi
db: NVD ids: CVE-2025-27363, CVE-2025-25014, CVE-2025-26426, CVE-2018-10561, CVE-2024-6047, CVE-2024-11120, CVE-2025-3248, CVE-2024-7399, CVE-2025-0087

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) - Help Net Security

Trust: 4.75

Fetched: May 11, 2025, 9:13 a.m., Published: May 7, 2025, 9:52 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: freetype model: freetype
vendor: google model: android
db: NVD ids: CVE-2025-27363

Update Canonical Ubuntu Desktop: USN-7504-1: LibreOffice vulnerability

Trust: 3.25

Fetched: May 11, 2025, 9:13 a.m., Published: Jan. 11, 7504, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

SonicWall customers confront resurgence of actively exploited vulnerabilities | CyberScoop

Related entries in the VARIoT vulnerabilities database: VAR-202109-0375, VAR-202505-1415, VAR-202505-1034, VAR-202505-1414, VAR-202312-2070

Trust: 5.5

Fetched: May 11, 2025, 9:12 a.m., Published: May 9, 2025, 9:33 p.m.
 Vulnerabilities: default administrator username, code execution, command injection
Affected productsExternal IDs
vendor: check point model: check point
vendor: citrix model: gateway
vendor: palo model: firewall
vendor: palo model: pan-os
vendor: palo model: networks
vendor: cisco model: router
vendor: cisco model: routers
vendor: cisco model: series
vendor: sonicwall model: sonicos
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: sma 100
vendor: sonicwall model: sma100
vendor: palo alto networks model: firewall
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: barracuda model: barracuda
vendor: check point software technologies model: check point
db: NVD ids: CVE-2021-20035, CVE-2025-32819, CVE-2024-21887, CVE-2024-53704, CVE-2025-32821, CVE-2024-3400, CVE-2023-46805, CVE-2025-32820, CVE-2023-44221, CVE-2025-23006

Critical PyTorch Vulnerability Let Attackers Execute Remote Code

Trust: 4.75

Fetched: May 11, 2025, 9:10 a.m., Published: April 21, 2025, 9:02 a.m.
 Vulnerabilities: code execution, command execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-32434

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) - Help Net Security

Related entries in the VARIoT vulnerabilities database: VAR-202505-1414, VAR-202505-1034, VAR-202505-1415

Trust: 5.75

Fetched: May 11, 2025, 9:10 a.m., Published: May 8, 2025, 12:27 p.m.
 Vulnerabilities: path traversal, code execution
Affected productsExternal IDs
vendor: sonicwall model: sma100
vendor: sonicwall model: web application firewall
vendor: sonicwall model: sma 100
vendor: sonicwall model: sma1000
db: NVD ids: CVE-2025-32820, CVE-2025-32821, CVE-2025-32819