Sign-up

VARIoT news about IoT security

CVE-2023-35082 - Vulnerability affecting EPMM and MobileIron Core | Ivanti

Trust: 3.0

Fetched: Aug. 20, 2023, 9:20 a.m., Published: Aug. 8, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-35082

Get vulnerability by ID | Microsoft Learn

Trust: 3.0

Fetched: Aug. 20, 2023, 9:18 a.m., Published: Dec. 18, 2020, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2019-0608

Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability

Trust: 4.5

Fetched: Aug. 20, 2023, 9:18 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: cross-site request forgery, request forgery
Affected productsExternal IDs
vendor: cisco model: 8831
vendor: cisco model: ip phone
vendor: cisco model: ip conference phone
vendor: cisco model: series

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS | Microsoft Security Blog

Trust: 5.25

Fetched: Aug. 20, 2023, 9:17 a.m., Published: Aug. 11, 2023, midnight
 Vulnerabilities: code execution, buffer overflow, replay attack...
Affected productsExternal IDs
vendor: wago model: wago pfc200
vendor: wago model: pfc200
vendor: codesys model: runtime
vendor: codesys model: control
vendor: codesys model: codesys
db: NVD ids: CVE-2019-9013

Citrix zero-day vulnerability under attack - Security - iTnews

Trust: 5.75

Fetched: Aug. 20, 2023, 9:17 a.m., Published: Aug. 7, 2023, midnight
 Vulnerabilities: code execution, privilege escalation, cross-site scripting
Affected productsExternal IDs
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler gateway
vendor: citrix model: gateway
vendor: citrix model: netscaler
db: NVD ids: CVE-2023-3467, CVE-2023-3519, CVE-2023-3466

DSA-2022-143: Dell Wyse Management Suite Security Update for Multiple Vulnerabilities. | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202206-1979, VAR-202206-2069

Trust: 5.5

Fetched: Aug. 20, 2023, 9:16 a.m., Published: March 6, 2001, midnight
 Vulnerabilities: path traversal, information disclosure, request forgery...
Affected productsExternal IDs
vendor: jquery model: jquery
db: NVD ids: CVE-2022-29097, CVE-2022-29096, CVE-2021-41184

Apple MDM Solutions: MDM for Mac, iPhone, iPad | Kandji

Trust: 3.0

Fetched: Aug. 20, 2023, 9:16 a.m., Published: Aug. 20, 2023, 2 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad

Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerability

Trust: 3.25

Fetched: Aug. 20, 2023, 9:16 a.m., Published: Aug. 3, 2023, 2:03 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: email security appliance

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

Trust: 3.25

Fetched: Aug. 20, 2023, 9:15 a.m., Published: Aug. 17, 2023, 9:54 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability

Trust: 3.0

Fetched: Aug. 20, 2023, 9:15 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco umbrella virtual appliance
vendor: cisco model: umbrella virtual appliance
vendor: cisco model: umbrella

Vulnerability in QVPN Device Client for Windows - Security Advisory | QNAP

Trust: 3.25

Fetched: Aug. 20, 2023, 9:14 a.m., Published: May 6, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27595

Lenovo UDC Vulnerability - Lenovo Support US

Trust: 5.75

Fetched: Aug. 20, 2023, 9:14 a.m., Published: -
 Vulnerabilities: search path vulnerability, privilege escalation, uncontrolled search path
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: system
db: NVD ids: CVE-2023-3078

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

Trust: 4.25

Fetched: Aug. 18, 2023, 9:13 a.m., Published: Aug. 17, 2023, 10 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

ClamAV HFS+ File Scanning Infinite Loop Denial of Service Vulnerability

Trust: 4.75

Fetched: Aug. 18, 2023, 9:13 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability

Trust: 5.0

Fetched: Aug. 18, 2023, 9:12 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

ClamAV AutoIt Module Denial of Service Vulnerability

Trust: 4.75

Fetched: Aug. 18, 2023, 9:12 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

ClamAV AutoIt Module Denial of Service Vulnerability - Cisco

Trust: 4.75

Fetched: Aug. 18, 2023, 9:11 a.m., Published: Aug. 16, 2023, 11:10 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

DSA-2023-270: Dell Wyse Device Agent Security Update for a Zlib Vulnerability | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202203-1690

Trust: 3.25

Fetched: Aug. 16, 2023, 9:12 a.m., Published: June 14, 2007, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2018-25032

A Comprehensive Guide to Medical Device Vulnerability Management

Trust: 3.0

Fetched: Aug. 16, 2023, 9:12 a.m., Published: Aug. 4, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Ford says it’s safe to drive the cars with a WiFi vulnerability

Trust: 3.75

Fetched: Aug. 16, 2023, 9:12 a.m., Published: Aug. 15, 2023, 8:52 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-29468