Sign-up

VARIoT news about IoT security

Zyxel security advisory for buffer overflow vulnerabilities in some 5G NR/4G LTE CPE, ... - Zyxel Community

Trust: 4.5

Fetched: May 22, 2024, 11:37 a.m., Published: May 21, 2024, midnight
 Vulnerabilities: denial of service, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-0816, CVE-2023-37929

Google Android July 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices | Qualys Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202107-0545, VAR-202107-0541, VAR-202107-0543, VAR-202107-0544, VAR-202107-0026

Trust: 4.25

Fetched: May 22, 2024, 11:36 a.m., Published: July 13, 2021, 9:04 p.m.
 Vulnerabilities: information disclosure, buffer overflow, code execution
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: mobile
vendor: huawei model: huawei
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2021-0587, CVE-2021-1888, CVE-2021-1886, CVE-2021-1890, CVE-2021-0592, CVE-2021-1889, CVE-2020-11307, CVE-2021-1965

CWE - Vulnerability Type Distributions in CVE

Trust: 3.25

Fetched: May 22, 2024, 11:27 a.m., Published: May 25, 2024, midnight
 Vulnerabilities: request forgery, remote file inclusion, format string vulnerability...
Affected productsExternal IDs
vendor: mandriva model: linux
vendor: trend model: security
vendor: netbsd model: netbsd
vendor: netbsd model: beta
vendor: netbsd model: current

OWASP Mobile Top 10 Vulnerabilities and How to Prevent Them

Trust: 3.5

Fetched: May 22, 2024, 11:26 a.m., Published: July 6, 2022, 10:28 a.m.
 Vulnerabilities: default credentials, buffer overflow, code execution
Affected productsExternal IDs

Electronics | Free Full-Text | Cybersecurity Threats, Countermeasures and Mitigation Techniques on the IoT: Future Research Directions

Trust: 3.5

Fetched: May 22, 2024, 11:24 a.m., Published: Jan. 22, 2022, midnight
 Vulnerabilities: code injection
Affected productsExternal IDs

Managing Device Loss: Safeguarding Data and Security | 2023

Trust: 3.5

Fetched: May 22, 2024, 11:24 a.m., Published: Nov. 1, 2023, 4 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: mobile

Smart Yet Flawed: IoT Device Vulnerabilities Explained - Security News - Trend Micro SG

Related entries in the VARIoT vulnerabilities database: VAR-202003-1707

Trust: 4.25

Fetched: May 22, 2024, 11:23 a.m., Published: -
 Vulnerabilities: denial of service, default credentials
Affected productsExternal IDs
vendor: sonos model: sonos
vendor: trend micro model: internet security
vendor: trend micro model: security
vendor: trend micro model: home network security
vendor: trend model: internet security
vendor: trend model: security
vendor: trend model: home network security
db: NVD ids: CVE-2020-9054

Vulnerability Summary for the Week of March 22, 2021 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202103-0538, VAR-202103-0912, VAR-202103-1332, VAR-202103-1321, VAR-202103-0234, VAR-202103-0550, VAR-202103-0468, VAR-202103-0536, VAR-202103-0542, VAR-202103-0777, VAR-202103-0773, VAR-202103-0916, VAR-202103-0766, VAR-202103-0764, VAR-202103-0774, VAR-202103-0548, VAR-202103-0543, VAR-202103-0539, VAR-202103-0915, VAR-202103-0433, VAR-202103-0531, VAR-202103-0775, VAR-202103-0545, VAR-202103-0765, VAR-202103-1327, VAR-202103-0549, VAR-202103-0534, VAR-202103-0767, VAR-202103-0914, VAR-202103-0470, VAR-202103-0769, VAR-202103-0772, VAR-202103-0547, VAR-202103-0383, VAR-202103-0650, VAR-202103-0532, VAR-202103-0763, VAR-202103-0776, VAR-202103-0529, VAR-202103-1464, VAR-202103-0541, VAR-202103-1463, VAR-202103-0544, VAR-202103-0778, VAR-202103-0913, VAR-202103-0465, VAR-202103-0779, VAR-202103-0768, VAR-202103-0287, VAR-202103-0540, VAR-202103-0457, VAR-202103-0911, VAR-202103-0530, VAR-202103-0546, VAR-202103-0467, VAR-202103-0535, VAR-202103-0537, VAR-202103-0533, VAR-202103-0479

Trust: 6.25

Fetched: May 22, 2024, 11:20 a.m., Published: March 22, 2021, midnight
 Vulnerabilities: application crash, kernel panic, request forgery...
Affected productsExternal IDs
vendor: tibco software model: enterprise message service
vendor: tibco software model: tibco enterprise message service
vendor: tibco software model: tibco rendezvous
vendor: tibco software model: rendezvous
vendor: tibco model: enterprise message service
vendor: tibco model: tibco enterprise message service
vendor: tibco model: tibco rendezvous
vendor: tibco model: rendezvous
vendor: cisco model: iox application framework
vendor: cisco model: cisco iox
vendor: cisco model: aironet series access points
vendor: cisco model: ios xe
vendor: cisco model: ios xe sd-wan software
vendor: cisco model: cisco ios xe
vendor: cisco model: series
vendor: cisco model: 1100
vendor: cisco model: ios software
vendor: cisco model: industrial integrated services routers
vendor: cisco model: industrial isrs
vendor: cisco model: router
vendor: cisco model: network convergence system
vendor: cisco model: cisco ic3000 industrial compute gateway
vendor: cisco model: cisco aironet series access points
vendor: cisco model: cisco iox application
vendor: cisco model: catalyst 4500
vendor: cisco model: series switches
vendor: cisco model: sd-wan
vendor: cisco model: integrated services routers
vendor: cisco model: aironet access points
vendor: cisco model: cgr 1000
vendor: cisco model: catalyst
vendor: cisco model: aironet_access_points
vendor: cisco model: aironet
vendor: cisco model: cisco catalyst 4500 series
vendor: cisco model: cisco ios
vendor: cisco model: access points
vendor: cisco model: wireless controller
vendor: cisco model: ic3000
vendor: cisco model: ios xe software
vendor: cisco model: routers
vendor: cisco model: jabber
vendor: cisco model: iox application
vendor: cisco model: cisco jabber
vendor: cisco model: series routers
vendor: cisco model: aironet series
vendor: cisco model: catalyst 4500 series
vendor: cisco model: 809 industrial integrated services routers
vendor: cisco model: ic3000 industrial compute gateway
vendor: mulesoft model: mule runtime
vendor: google model: wifi
vendor: google model: android
vendor: tp-link model: gateway
vendor: tp-link model: routers
vendor: tableau model: tableau server
vendor: tableau model: server
vendor: ansible model: ansible
vendor: samsung model: notes
vendor: samsung model: note
vendor: samsung model: printers
vendor: samsung model: mobile
vendor: samsung model: samsung notes
vendor: samsung model: galaxy
vendor: rpath model: linux
vendor: rockwell model: micrologix
vendor: rockwell model: automation micrologix
vendor: rockwell model: micrologix 1400
vendor: nokia model: series
vendor: nokia model: impact
vendor: rockwell automation model: micrologix
vendor: rockwell automation model: automation micrologix
vendor: rockwell automation model: micrologix 1400
vendor: askey model: fiber router rtf3505vw-n1
vendor: askey model: askey fiber router rtf3505vw-n1
vendor: rockwell_automation model: micrologix
vendor: rockwell_automation model: automation micrologix
vendor: rockwell_automation model: micrologix 1400
db: NVD ids: CVE-2021-1394, CVE-2020-7467, CVE-2021-1452, CVE-2021-27440, CVE-2021-29266, CVE-2021-25372, CVE-2021-21373, CVE-2021-25354, CVE-2020-25581, CVE-2021-25355, CVE-2021-25371, CVE-2021-28250, CVE-2021-20284, CVE-2020-28695, CVE-2021-1391, CVE-2019-19350, CVE-2021-22506, CVE-2020-7464, CVE-2021-1626, CVE-2021-1281, CVE-2021-21389, CVE-2021-1417, CVE-2021-28823, CVE-2021-29093, CVE-2021-1627, CVE-2021-21385, CVE-2021-1382, CVE-2021-1441, CVE-2019-19354, CVE-2021-1435, CVE-2021-22886, CVE-2021-20289, CVE-2021-27454, CVE-2021-29255, CVE-2021-23890, CVE-2021-27194, CVE-2021-1469, CVE-2021-1454, CVE-2021-20677, CVE-2021-1436, CVE-2021-20683, CVE-2021-28247, CVE-2021-1375, CVE-2021-1383, CVE-2021-28117, CVE-2021-28249, CVE-2021-29094, CVE-2021-21374, CVE-2021-28820, CVE-2021-1398, CVE-2021-28248, CVE-2021-27452, CVE-2021-21411, CVE-2021-22194, CVE-2021-25352, CVE-2021-22659, CVE-2021-3027, CVE-2021-28821, CVE-2021-3392, CVE-2020-25580, CVE-2021-22184, CVE-2021-1431, CVE-2021-3409, CVE-2020-35518, CVE-2021-29265, CVE-2021-25351, CVE-2021-20193, CVE-2021-1629, CVE-2021-21401, CVE-2021-1437, CVE-2021-1385, CVE-2021-1460, CVE-2021-25367, CVE-2021-21403, CVE-2021-20285, CVE-2021-29156, CVE-2021-1376, CVE-2021-1403, CVE-2021-20271, CVE-2021-1471, CVE-2020-7461, CVE-2021-27962, CVE-2021-21332, CVE-2021-20681, CVE-2021-26715, CVE-2021-27450, CVE-2021-1352, CVE-2021-3109, CVE-2021-28824, CVE-2021-1449, CVE-2021-1434, CVE-2021-29249, CVE-2021-1374, CVE-2021-27193, CVE-2021-1220, CVE-2020-19625, CVE-2021-21396, CVE-2021-26596, CVE-2021-21333, CVE-2021-1432, CVE-2020-25578, CVE-2021-28818, CVE-2021-1453, CVE-2021-1439, CVE-2021-1418, CVE-2021-23888, CVE-2021-20213, CVE-2021-3449, CVE-2020-7468, CVE-2020-17380, CVE-2021-25366, CVE-2021-1381, CVE-2021-29271, CVE-2021-3450, CVE-2021-1384, CVE-2021-22172, CVE-2021-29096, CVE-2021-25350, CVE-2021-1442, CVE-2021-27448, CVE-2021-28246, CVE-2021-1356, CVE-2020-25582, CVE-2021-1628, CVE-2021-20679, CVE-2021-23889, CVE-2021-25349, CVE-2021-1451, CVE-2021-25353, CVE-2021-1371, CVE-2021-27192, CVE-2021-25368, CVE-2021-1443, CVE-2021-21372, CVE-2021-20682, CVE-2021-1446, CVE-2021-27195, CVE-2021-28822, CVE-2021-22180, CVE-2020-25579, CVE-2021-27372, CVE-2020-35508, CVE-2021-29272, CVE-2021-1377, CVE-2020-35856, CVE-2020-7463, CVE-2021-28956, CVE-2021-3275, CVE-2021-27438, CVE-2021-1423, CVE-2021-26597, CVE-2021-1390, CVE-2019-19349, CVE-2021-1373, CVE-2021-1411, CVE-2021-1392, CVE-2021-3443, CVE-2020-25840, CVE-2020-7462, CVE-2021-3467, CVE-2021-25369, CVE-2021-29264, CVE-2020-27829, CVE-2021-1433, CVE-2020-25085, CVE-2021-25370, CVE-2021-20206, CVE-2021-20197

IoT Security Vulnerabilities and Defensive Measures in Industry 4.0 | SpringerLink

Trust: 4.0

Fetched: May 22, 2024, 11:16 a.m., Published: May 22, 2023, midnight
 Vulnerabilities: denial of service, sql injection, injection attack...

Common Wireless Network Security Threats | Pluralsight

Trust: 4.75

Fetched: May 22, 2024, 11:15 a.m., Published: Nov. 2, 2011, 10:36 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

IoT device vulnerabilities are on the rise - EDN

Trust: 3.75

Fetched: May 22, 2024, 11:12 a.m., Published: Jan. 27, 2020, 11:49 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: home
vendor: google model: nexus
vendor: google model: wifi
vendor: google model: google home
vendor: trend model: security

Vulnerability in Web Services on Devices (WSD) API | MSRC Blog | Microsoft Security Response Center

Trust: 3.75

Fetched: May 22, 2024, 11:11 a.m., Published: -
 Vulnerabilities: application crash, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2009-2512

Applied Sciences | Free Full-Text | Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices

Trust: 4.75

Fetched: May 22, 2024, 11:10 a.m., Published: Jan. 22, 2019, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: raspberry pi model: 3

CVE-2018-13379, CVE-2019-5591, CVE-2020-12812: Fortinet Vulnerabilities Targeted by APT Actors - Blog | Tenable®

Related entries in the VARIoT vulnerabilities database: VAR-201906-0815, VAR-202007-0079, VAR-202008-0193

Trust: 5.5

Fetched: May 22, 2024, 11:09 a.m., Published: April 8, 2021, 10:13 p.m.
 Vulnerabilities: path traversal, default configuration vulnerability, authentication vulnerability...
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2018-13379, CVE-2020-12812, CVE-2019-5591

Fortinet says hackers exploited critical vulnerability to infect VPN customers | Ars Technica

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.75

Fetched: May 22, 2024, 11:08 a.m., Published: Jan. 12, 2023, 7:20 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

Rocky Linux 9 : keylime (RLSA-2024:1139) - vulnerability database | Vulners.com

Trust: 3.0

Fetched: May 22, 2024, 11:01 a.m., Published: May 14, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-3674

Notes on ThroughTek Kalay Vulnerabilities and Their Impact on the IoT Ecosystem

Trust: 4.5

Fetched: May 22, 2024, 10:59 a.m., Published: May 3, 2024, midnight
 Vulnerabilities: buffer overflow, command execution, code execution
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6324, CVE-2023-6322, CVE-2023-6323, CVE-2023-6321

About the security content of iOS 17.0.1 and iPadOS 17.0.1 - Apple Support

Trust: 4.25

Fetched: May 22, 2024, 10:57 a.m., Published: Sept. 21, 2023, midnight
 Vulnerabilities: certificate validation issue, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad
db: NVD ids: CVE-2023-41993, CVE-2023-41992, CVE-2023-41991

VMware Workstation 17.0.x < 17.5.2 Multiple Vulnerabiliti... - vulnerability database | Vulners.com

Trust: 5.25

Fetched: May 22, 2024, 10:49 a.m., Published: May 16, 2024, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-22270, CVE-2024-22269, CVE-2024-22268, CVE-2024-22267

Vulnerability Summary for the Week of November 14, 2022 | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202211-0836, VAR-202211-1257, VAR-202211-0835, VAR-202211-0796, VAR-202211-0552, VAR-202211-1267, VAR-202211-0831, VAR-202211-0550, VAR-202211-0551, VAR-202211-0610, VAR-202211-1437, VAR-202211-1308, VAR-202211-0717, VAR-202211-1383, VAR-202211-0563, VAR-202211-0561, VAR-202211-0962, VAR-202211-0718, VAR-202211-0652

Trust: 5.25

Fetched: May 22, 2024, 10:45 a.m., Published: Nov. 14, 2022, midnight
 Vulnerabilities: application crash, kernel panic, request forgery...
Affected productsExternal IDs
vendor: cisco model: adaptive security appliance
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: series
vendor: cisco model: quad
vendor: cisco model: router
vendor: cisco model: firepower management center
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
vendor: cisco model: intrusion prevention system
vendor: cisco model: fxos
vendor: cisco model: cisco firepower management center
vendor: google model: wifi
vendor: google model: android
vendor: d-link model: router
vendor: opc foundation model: local_discovery_server
vendor: opc foundation model: local discovery server
vendor: dlink model: router
vendor: horner model: cscape
vendor: zoom model: zoom client
vendor: zoom model: client
vendor: horner automation model: cscape
vendor: maradns model: maradns
vendor: apple model: macos
vendor: apple model: mdnsresponder
vendor: snort model: snort
vendor: zoho model: manageengine supportcenter plus
db: NVD ids: CVE-2022-42894, CVE-2022-41894, CVE-2022-39178, CVE-2022-42960, CVE-2022-36357, CVE-2022-4065, CVE-2022-41132, CVE-2022-41692, CVE-2022-44007, CVE-2022-39317, CVE-2022-30772, CVE-2022-3997, CVE-2022-31617, CVE-2022-41315, CVE-2022-39389, CVE-2022-43999, CVE-2022-29275, CVE-2022-43482, CVE-2022-20922, CVE-2022-41887, CVE-2022-20946, CVE-2021-31739, CVE-2022-42497, CVE-2022-42732, CVE-2022-20459, CVE-2022-41155, CVE-2022-41634, CVE-2022-41938, CVE-2022-43071, CVE-2022-45461, CVE-2022-42734, CVE-2021-31608, CVE-2022-40694, CVE-2022-28766, CVE-2022-40200, CVE-2022-38871, CVE-2022-40192, CVE-2022-41643, CVE-2022-23748, CVE-2022-31613, CVE-2022-41889, CVE-2022-42891, CVE-2022-41652, CVE-2022-44584, CVE-2022-41891, CVE-2022-31606, CVE-2022-24037, CVE-2022-42459, CVE-2022-20943, CVE-2022-44008, CVE-2022-20918, CVE-2022-45163, CVE-2022-41840, CVE-2022-29278, CVE-2022-41914, CVE-2022-43096, CVE-2022-41880, CVE-2022-41888, CVE-2022-38974, CVE-2022-20427, CVE-2022-41909, CVE-2022-45471, CVE-2022-36432, CVE-2022-41885, CVE-2022-41907, CVE-2022-38461, CVE-2022-30771, CVE-2022-44725, CVE-2022-24942, CVE-2022-20949, CVE-2022-44005, CVE-2022-44740, CVE-2022-20460, CVE-2022-43192, CVE-2022-36787, CVE-2022-42461, CVE-2022-43492, CVE-2022-41884, CVE-2022-45369, CVE-2022-45072, CVE-2022-34665, CVE-2022-24939, CVE-2022-40886, CVE-2021-33897, CVE-2022-20928, CVE-2022-41135, CVE-2022-42892, CVE-2022-41897, CVE-2022-45474, CVE-2022-41896, CVE-2022-41886, CVE-2022-41890, CVE-2022-41655, CVE-2022-41901, CVE-2022-41900, CVE-2022-42903, CVE-2022-41883, CVE-2022-31612, CVE-2022-31607, CVE-2022-30283, CVE-2022-20941, CVE-2022-34827, CVE-2022-38165, CVE-2022-43171, CVE-2021-37936, CVE-2022-31615, CVE-2022-42733, CVE-2022-3998, CVE-2022-42893, CVE-2022-41788, CVE-2022-44583, CVE-2022-36786, CVE-2022-44634, CVE-2022-41895, CVE-2022-39320, CVE-2022-41899, CVE-2022-41618, CVE-2022-29279, CVE-2022-44641, CVE-2022-42883, CVE-2021-36905, CVE-2022-36785, CVE-2022-38201, CVE-2022-36924, CVE-2022-40216, CVE-2022-20927, CVE-2022-29276, CVE-2022-20950, CVE-2022-36784, CVE-2022-20934, CVE-2022-30256, CVE-2022-45082, CVE-2022-40963, CVE-2022-45071, CVE-2022-41920, CVE-2022-41615, CVE-2022-24038, CVE-2022-43308, CVE-2022-41908, CVE-2022-4055, CVE-2022-42982, CVE-2022-45132, CVE-2022-3377, CVE-2022-41911, CVE-2022-41685, CVE-2022-42533, CVE-2022-43673, CVE-2022-20938, CVE-2022-44204, CVE-2022-20924, CVE-2022-4066, CVE-2022-41839, CVE-2022-41939, CVE-2022-41791, CVE-2022-41898, CVE-2022-34667, CVE-2022-20947, CVE-2022-31694, CVE-2022-37197, CVE-2022-20940, CVE-2022-44000, CVE-2022-20926, CVE-2022-31608, CVE-2022-29277, CVE-2022-41781, CVE-2022-31610, CVE-2022-28768, CVE-2022-42904, CVE-2022-3090, CVE-2022-45473, CVE-2022-45073, CVE-2022-41893, CVE-2022-20428, CVE-2021-22141, CVE-2022-4051, CVE-2022-42698, CVE-2022-25917, CVE-2022-4064, CVE-2022-20925, CVE-2022-39181, CVE-2022-31616