Sign-up

VARIoT news about IoT security

CVE-2024-38543 - In the Linux kernel, the following vulnerability h

Trust: 4.25

Fetched: July 9, 2024, 9:54 a.m., Published: June 19, 2024, 2:15 p.m.
 Vulnerabilities: pointer dereference bug
Affected productsExternal IDs
db: NVD ids: CVE-2024-38543

Analysis of IoT Vulnerabilities and Proposed Solution Approach for Secure Real-Time IoT Communication | SpringerLink

Trust: 3.75

Fetched: July 9, 2024, 9:54 a.m., Published: July 9, 2024, midnight
 Vulnerabilities: denial of service

EOL GeoVision Devices Vulnerable to Command Injection Attacks (CVE-2024-6047) | SecurityVulnerability.io - SecuirtyVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202406-0975

Trust: 4.25

Fetched: July 9, 2024, 9:42 a.m., Published: July 9, 2024, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-6047

Android Security Bulletin-May 2024 | Android Open Source Project

Trust: 4.25

Fetched: July 9, 2024, 9:16 a.m., Published: May 9, 2024, midnight
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: android
vendor: motorola model: motorola
vendor: motorola model: android
vendor: huawei model: huawei
vendor: samsung model: notes
vendor: samsung model: mobile
db: NVD ids: CVE-2024-21480, CVE-2024-20057, CVE-2024-20056, CVE-2023-33119, CVE-2023-43529, CVE-2024-23706, CVE-2024-0043, CVE-2024-1395, CVE-2023-4622, CVE-2023-43531, CVE-2024-0024, CVE-2023-32873, CVE-2024-23709, CVE-2023-43530, CVE-2023-6363, CVE-2024-21477, CVE-2024-23707, CVE-2024-1067, CVE-2024-23705, CVE-2024-0025, CVE-2023-32871, CVE-2024-23708

Four Google Chrome zero day vulnerabilities are part of eight mobile vulns | Threat Intel

Trust: 3.75

Fetched: July 9, 2024, 9:15 a.m., Published: May 28, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2024-4761, CVE-4761-5160, CVE-2024-4671, CVE-2024-5160, CVE-2024-5274, CVE-2024-5158, CVE-2024-4947, CVE-2024-5157, CVE-2024-5159

Threat Actors Actively Exploiting CVE-2024-3273 : Underground Forums Share IP Addresses of Vulnerable D-Link NAS Devices - CYFIRMA

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070

Trust: 5.25

Fetched: July 9, 2024, 9:14 a.m., Published: May 29, 2024, 11:12 a.m.
 Vulnerabilities: denial of service, command injection
Affected productsExternal IDs
vendor: d-link model: dns-340l
vendor: d-link model: dns-327l
vendor: d-link model: dns-320l
vendor: d-link model: dns-325
db: NVD ids: CVE-2024-3273

ZeroLogon Vulnerability Identified Quickly by Darktrace | Darktrace Blog

Trust: 3.5

Fetched: July 9, 2024, 9:11 a.m., Published: Jan. 1, 2024, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: trend model: security
vendor: trendmicro model: security
vendor: trend micro model: security

Unrestricted file upload vulnerability in device image upload could lead to remote code execution · Advisory · traccar/traccar · GitHub

Trust: 3.5

Fetched: July 9, 2024, 9:10 a.m., Published: July 2, 2024, midnight
 Vulnerabilities: denial of service, path traversal, file upload vulnerability...
Affected productsExternal IDs

Cisco warns of appliances vulnerable to RegreSSHion vulnerability | SC Media

Trust: 4.25

Fetched: July 9, 2024, 9:10 a.m., Published: Feb. 13, 2024, 7 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: telepresence

How Can IoT Security Be Improved? Requirements and challenges

Trust: 3.25

Fetched: July 7, 2024, 10:12 a.m., Published: June 10, 2024, midnight
 Vulnerabilities: service disruption, default password, code execution...
Affected productsExternal IDs

Broadcom VMware Cloud Foundation Division response to CVE-2024-6387 - OpenSSH signal handler race condition vulnerability

Trust: 4.0

Fetched: July 7, 2024, 10:10 a.m., Published: Nov. 26, 2037, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: broadcom model: linux
db: NVD ids: CVE-2024-6387

CVE-2024-39479 drm/i915/hwmon: Get rid of devm - vulnerability database | Vulners.com

Trust: 3.0

Fetched: July 7, 2024, 10:10 a.m., Published: July 5, 2024, 6:55 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-39479

Cisco Nexus devices zero day raises alarms despite CVSS score | Cybersecurity Dive

Trust: 5.5

Fetched: July 7, 2024, 10:04 a.m., Published: July 2, 2024, midnight
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
vendor: cisco model: nx-os
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus
vendor: cisco model: nx-os software
vendor: cisco model: nexus devices
db: NVD ids: CVE-2024-20399

CVE-2024-39479 drm/i915/hwmon: Get rid of devm - vulnerability database | Vulners.com

Trust: 3.0

Fetched: July 7, 2024, 10:01 a.m., Published: July 5, 2024, 6:55 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-39479

New vulnerabilities detected on Microsoft Edge browser, update it now: CERT-In

Trust: 4.75

Fetched: July 7, 2024, 10 a.m., Published: June 25, 2024, 7:37 a.m.
 Vulnerabilities: denial of service, use after free
Affected productsExternal IDs
vendor: google model: pixel
vendor: google model: chrome

Hidden Vulnerabilities of Common IoT Devices - Spiceworks

Trust: 3.5

Fetched: July 7, 2024, 10 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home

What's new in Microsoft Defender for IoT - Microsoft Defender for IoT | Microsoft Learn

Trust: 4.5

Fetched: July 7, 2024, 9:56 a.m., Published: March 7, 2024, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: aruba model: clearpass
vendor: palo model: networks
vendor: palo model: firewall
vendor: schneider model: software update
vendor: schneider model: monitor

The Windows Security Updates of June 2024 are now available - gHacks Tech News

Trust: 3.75

Fetched: July 7, 2024, 9:55 a.m., Published: June 11, 2024, 5:48 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-30080

Update Canonical Canonical: USN-6864-1: Vulnerabilities in the Linux kernel

Trust: 5.0

Fetched: July 7, 2024, 9:55 a.m., Published: Jan. 7, 6864, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-21823, CVE-2024-26924

Newly Discovered Vulnerability Poses Risk to Millions of Online Stores - Hackerdose

Trust: 4.0

Fetched: July 7, 2024, 9:52 a.m., Published: June 23, 2024, 10:29 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-2961, CVE-2024-34102