VARIoT news about IoT security

Trust: 5.25

Fetched: Jan. 7, 2024, 9:54 a.m., Published: Jan. 3, 2024, midnight
Vulnerabilities: memory corruption, denial of service, buffer overflow...
Affected productsExternal IDs
vendor: mikrotik model: routers
vendor: mikrotik model: winbox
vendor: mikrotik model: mikrotik router
vendor: mikrotik model: routerboard
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik-router-monitoring-system
vendor: mikrotik model: hap lite
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: router hap lite
vendor: mikrotik model: router
db: NVD ids: CVE-2018-10070, CVE-2020-20227, CVE-2020-20217, CVE-2020-20264, CVE-2020-20230, CVE-2020-20211, CVE-2020-20254, CVE-2020-20225, CVE-2019-16160, CVE-2022-45313, CVE-2015-2350, CVE-2021-27221, CVE-2021-36614, CVE-2020-20266, CVE-2019-13954, CVE-2020-20252, CVE-2012-6050, CVE-2019-13955, CVE-2020-20265, CVE-2020-20250, CVE-2020-22845, CVE-2020-20213, CVE-2020-20253, CVE-2020-20021, CVE-2020-20215, CVE-2020-20221, CVE-2019-3924, CVE-2020-20245, CVE-2020-5720, CVE-2018-5951, CVE-2020-20247, CVE-2020-20248, CVE-2017-7285, CVE-2017-20149, CVE-2020-20231, CVE-2008-0680, CVE-2018-1157, CVE-2019-3981, CVE-2020-22844, CVE-2020-10364, CVE-2020-20237, CVE-2019-13074, CVE-2023-30799, CVE-2020-20218, CVE-2020-20212, CVE-2022-34960, CVE-2017-6444, CVE-2018-1159, CVE-2020-20249, CVE-2018-14847, CVE-2020-20220, CVE-2020-20236, CVE-2018-10066, CVE-2019-15055, CVE-2023-30800, CVE-2020-20267, CVE-2008-6976, CVE-2020-20222, CVE-2018-7445, CVE-2020-20246, CVE-2020-11881, CVE-2022-45315, CVE-2020-20262, CVE-2017-8338, CVE-2023-41570, CVE-2023-24094, CVE-2018-1156, CVE-2020-13118, CVE-2022-36522, CVE-2017-17537, CVE-2020-20214, CVE-2018-1158, CVE-2021-41987, CVE-2021-3014, CVE-2017-6297, CVE-2019-3943, CVE-2020-20216, CVE-2021-36613, CVE-2020-5721, CVE-2020-20219, CVE-2017-17538

Trust: 3.0

Fetched: Jan. 7, 2024, 9:48 a.m., Published: Jan. 4, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xr
vendor: cisco model: ios xr
vendor: cisco model: nx-os software
vendor: cisco model: ios xr software
vendor: cisco model: cisco nx-os
vendor: cisco model: nx-os
vendor: cisco model: cisco ios

Trust: 5.75

Fetched: Jan. 7, 2024, 9:47 a.m., Published: Jan. 5, 2024, midnight
Vulnerabilities: sql injection, authentication bypass
Affected productsExternal IDs
vendor: mobileiron model: mobileiron sentry
vendor: mobileiron model: sentry
db: NVD ids: CVE-2023-35078, CVE-2023-35081, CVE-2023-39336

Trust: 3.25

Fetched: Jan. 7, 2024, 9:46 a.m., Published: Jan. 1, 2024, midnight
Vulnerabilities: configuration error
Affected productsExternal IDs

Trust: 3.5

Fetched: Jan. 7, 2024, 9:46 a.m., Published: Oct. 26, 2023, 9:26 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: apple tv
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: watch
db: NVD ids: CVE-2023-32434, CVE-2023-32435, CVE-2023-38606, CVE-2023-41990

Trust: 5.25

Fetched: Jan. 7, 2024, 9:35 a.m., Published: Jan. 3, 2024, midnight
Vulnerabilities: resource exhaustion, memory corruption, denial of service...
Affected productsExternal IDs
vendor: imperva model: web application firewall
vendor: node.js model: node.js
db: NVD ids: CVE-2023-7078, CVE-2022-2145, CVE-2022-3337, CVE-2023-2512, CVE-2023-1314, CVE-2022-4428, CVE-2023-0238, CVE-2023-3766, CVE-2023-2754, CVE-2023-6289, CVE-2017-7235, CVE-2023-0652, CVE-2020-35152, CVE-2023-1732, CVE-2023-1862, CVE-2020-24356, CVE-2023-3036, CVE-2021-3910, CVE-2020-15236, CVE-2023-48230, CVE-2023-1412, CVE-2022-3322, CVE-2022-3512, CVE-2022-3320, CVE-2022-2225, CVE-2021-43800, CVE-2022-2147, CVE-2021-3761, CVE-2023-6992, CVE-2019-10842, CVE-2022-3616, CVE-2022-2529, CVE-2023-40180, CVE-2021-3907, CVE-2021-3912, CVE-2014-125026, CVE-2023-4241, CVE-2021-3908, CVE-2023-7080, CVE-2023-5135, CVE-2023-7079, CVE-2023-43805, CVE-2023-3040, CVE-2022-4457, CVE-2023-6180, CVE-2023-6193, CVE-2023-3348, CVE-2022-36083, CVE-2021-3911, CVE-2021-3909, CVE-2022-3321, CVE-2023-0654
Related entries in the VARIoT vulnerabilities database: VAR-202006-1151

Trust: 4.75

Fetched: Jan. 7, 2024, 9:35 a.m., Published: Jan. 3, 2024, midnight
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xe software
vendor: cisco model: ios software
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe
vendor: cisco systems model: ios xe software
vendor: cisco systems model: ios software
vendor: cisco systems model: cisco ios xe
vendor: cisco systems model: cisco ios
vendor: cisco systems model: ios xe
db: NVD ids: CVE-2020-3200

Trust: 5.25

Fetched: Jan. 7, 2024, 9:32 a.m., Published: Dec. 25, 2023, midnight
Vulnerabilities: script execution, buffer overflow, request forgery...
Affected productsExternal IDs
vendor: typo3 model: typo3
vendor: google model: android
vendor: sierra model: aleos
vendor: sierra model: wireless aleos
vendor: barracuda model: barracuda
vendor: barracuda model: running
vendor: nokia model: series
vendor: sierra wireless model: aleos
vendor: sierra wireless model: wireless aleos
vendor: peplink model: balance
vendor: proftpd model: proftpd
vendor: mupdf model: mupdf
vendor: barracuda networks model: barracuda
vendor: barracuda networks model: running
vendor: arris model: dg860a
db: NVD ids: CVE-2023-51034, CVE-2023-49469, CVE-2022-39818, CVE-2023-52173, CVE-2023-41542, CVE-2023-49779, CVE-2023-46919, CVE-2023-38826, CVE-2023-51104, CVE-2023-52152, CVE-2023-51713, CVE-2023-5672, CVE-2023-43116, CVE-2023-46711, CVE-2023-51772, CVE-2023-31298, CVE-2022-46486, CVE-2023-50294, CVE-2023-50550, CVE-2023-42436, CVE-2023-52096, CVE-2023-36485, CVE-2023-50572, CVE-2023-49438, CVE-2023-5931, CVE-2023-51080, CVE-2023-34829, CVE-2023-7101, CVE-2023-43955, CVE-2023-31301, CVE-2023-52263, CVE-2023-52174, CVE-2023-51714, CVE-2023-51074, CVE-2023-31292, CVE-2023-30451, CVE-2023-50175, CVE-2023-47804, CVE-2023-50035, CVE-2023-38021, CVE-2023-52264, CVE-2023-50038, CVE-2023-47215, CVE-2023-47091, CVE-2023-49117, CVE-2023-49598, CVE-2023-50559, CVE-2023-48654, CVE-2023-41543, CVE-2023-7102, CVE-2023-51105, CVE-2023-28616, CVE-2023-51103, CVE-2023-50071, CVE-2023-51136, CVE-2023-50339, CVE-2023-46681, CVE-2023-51763, CVE-2022-34268, CVE-2023-49954, CVE-2023-6268, CVE-2023-5673, CVE-2023-42465, CVE-2023-49230, CVE-2023-51006, CVE-2023-27150, CVE-2023-49228, CVE-2022-47502, CVE-2023-51035, CVE-2023-5980, CVE-2023-49299, CVE-2022-43675, CVE-2023-28872, CVE-2022-41762, CVE-2023-51764, CVE-2023-45957, CVE-2023-50448, CVE-2023-49226, CVE-2023-6166, CVE-2023-31293, CVE-2023-50070, CVE-2023-50445, CVE-2023-46987, CVE-2023-43741, CVE-2023-6155, CVE-2023-51766, CVE-2023-46989, CVE-2023-51771, CVE-2023-49949, CVE-2023-50589, CVE-2023-5991, CVE-2022-41760, CVE-2023-48003, CVE-2023-31224, CVE-2022-41761, CVE-2023-49000, CVE-2023-31294, CVE-2023-51363, CVE-2023-52262, CVE-2023-38023, CVE-2023-41544, CVE-2023-46699, CVE-2023-50578, CVE-2023-6250, CVE-2023-49807, CVE-2022-39822, CVE-2023-47247, CVE-2023-51079, CVE-2023-31302, CVE-2023-31299, CVE-2023-38321, CVE-2023-31295, CVE-2023-23634, CVE-2023-50692, CVE-2022-34267, CVE-2022-46487, CVE-2023-49229, CVE-2023-49003, CVE-2023-51084, CVE-2022-47532, CVE-2023-52265, CVE-2023-52257, CVE-2023-50571, CVE-2023-52086, CVE-2023-31296, CVE-2023-49002, CVE-2023-49391, CVE-2023-5644, CVE-2023-50297, CVE-2023-52240, CVE-2023-51707, CVE-2023-49944, CVE-2023-47882, CVE-2023-36486, CVE-2023-49119, CVE-2023-51467, CVE-2023-50570, CVE-2023-50968, CVE-2022-39820, CVE-2023-51010, CVE-2023-5203, CVE-2023-49001, CVE-2023-52252, CVE-2023-50470, CVE-2023-43481, CVE-2023-5674, CVE-2023-50069, CVE-2023-31297, CVE-2023-40038, CVE-2023-51765, CVE-2023-51135, CVE-2023-5645, CVE-2023-50651, CVE-2023-51708, CVE-2023-38022, CVE-2023-51075, CVE-2023-51133, CVE-2023-45737, CVE-2023-51654, CVE-2023-5939, CVE-2023-51106, CVE-2023-50332, CVE-2023-50104, CVE-2023-6114, CVE-2023-45741, CVE-2023-45740, CVE-2023-51107, CVE-2023-46918, CVE-2023-50110, CVE-2023-47883, CVE-2023-49328, CVE-2023-24609, CVE-2023-51767, CVE-2023-31300

Trust: 3.0

Fetched: Jan. 7, 2024, 9:30 a.m., Published: April 7, 2019, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Trust: 3.5

Fetched: Jan. 7, 2024, 9:22 a.m., Published: Oct. 10, 2023, midnight
Vulnerabilities: memory corruption, information leak, privilege escalation...
Affected productsExternal IDs
db: NVD ids: CVE-2023-29360, CVE-2023-36802

Trust: 3.25

Fetched: Jan. 7, 2024, 9:20 a.m., Published: Jan. 7, 2024, 9:20 a.m.
Vulnerabilities: cross-site scripting, sql injection, default password
Affected productsExternal IDs
vendor: trend model: antivirus
vendor: trend model: security
vendor: clamav model: clamav
vendor: trend micro model: antivirus
vendor: trend micro model: security
vendor: clam model: clamav
vendor: tripwire model: ip360
vendor: wireshark model: wireshark

Trust: 6.0

Fetched: Jan. 7, 2024, 9:20 a.m., Published: Nov. 2, 2023, 1:53 a.m.
Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower
vendor: cisco model: firepower management center
db: NVD ids: CVE-2023-20048

Trust: 5.0

Fetched: Jan. 7, 2024, 9:18 a.m., Published: Nov. 21, 2023, 9:29 p.m.
Vulnerabilities: security bypass
Affected productsExternal IDs
db: NVD ids: CVE-2023-24880, CVE-2023-32049, CVE-2023-36025

Trust: 5.25

Fetched: Jan. 7, 2024, 9:15 a.m., Published: Jan. 3, 2024, midnight
Vulnerabilities: service crash, application crash, memory corruption...
Affected productsExternal IDs
vendor: f-prot model: f-prot antivirus
vendor: sophos model: anti-virus
vendor: sophos model: endpoint protection
vendor: sophos model: sophos anti-virus
vendor: sophos model: firewall
vendor: rising model: rising antivirus
vendor: rising model: antivirus
vendor: clamav model: clamav
vendor: clam model: clamav
vendor: cisco model: advanced malware protection
vendor: cisco model: email security appliance
vendor: cisco model: cisco email security appliance
vendor: cisco model: web security appliance
vendor: cisco model: 1100
vendor: cisco model: clamav
vendor: symantec model: antivirus
vendor: symantec model: endpoint protection
vendor: symantec model: web security
vendor: symantec model: symantec endpoint protection
vendor: esafe model: antivirus
vendor: avira model: antivirus
vendor: avira model: antivir
vendor: jiangmin model: jiangmin
vendor: jiangmin model: jiangmin antivirus
vendor: jiangmin model: antivirus
vendor: comodo model: antivirus
vendor: comodo model: comodo antivirus
vendor: comodo model: firewall
vendor: comodo model: internet security
vendor: emsisoft model: anti-malware
vendor: emsisoft model: antivirus
vendor: emsisoft model: emsisoft anti-malware
vendor: avast model: anti-virus
vendor: avast model: antivirus
vendor: quick heal model: quick heal
vendor: trend model: housecall
vendor: trend model: virusbuster
vendor: trend model: antivirus
vendor: trend model: trend micro housecall
vendor: trend model: internet security
vendor: trend model: trend micro antivirus
vendor: trend model: security
vendor: trend model: micro housecall
vendor: squid model: squid
vendor: ahnlab model: engine
vendor: ahnlab model: v3 internet security
vendor: trend micro model: housecall
vendor: trend micro model: virusbuster
vendor: trend micro model: antivirus
vendor: trend micro model: trend micro housecall
vendor: trend micro model: internet security
vendor: trend micro model: trend micro antivirus
vendor: trend micro model: security
vendor: trend micro model: micro housecall
vendor: gibraltar model: firewall
vendor: gibraltar model: gibraltar firewall
vendor: antiy model: avl sdk
vendor: apple model: apple mac os x
vendor: apple model: mac os x
vendor: apple model: mac os
vendor: antiy labs model: avl sdk
vendor: ikarus model: ikarus virus utilities t3 command line scanner
vendor: ikarus model: virus utilities t3 command line scanner
vendor: norman model: antivirus
vendor: norman model: norman antivirus
vendor: nprotect model: anti-virus
vendor: nprotect model: antivirus
vendor: nprotect model: nprotect anti-virus
db: NVD ids: CVE-2007-4510, CVE-2008-6680, CVE-2021-1252, CVE-2010-4260, CVE-2008-5313, CVE-2003-0946, CVE-2007-0897, CVE-2010-1639, CVE-2015-1463, CVE-2022-20803, CVE-2008-1837, CVE-2005-2056, CVE-2008-5314, CVE-2005-1795, CVE-2018-20902, CVE-2015-2222, CVE-2019-1788, CVE-2022-20698, CVE-2012-1443, CVE-2013-7088, CVE-2016-1371, CVE-2007-3023, CVE-2012-1457, CVE-2012-2243, CVE-2008-2713, CVE-2006-1615, CVE-2007-0898, CVE-2006-0162, CVE-2014-9050, CVE-2008-3914, CVE-2005-1922, CVE-2012-1459, CVE-2010-3434, CVE-2017-12376, CVE-2020-3350, CVE-2008-1100, CVE-2017-12380, CVE-2018-0360, CVE-2007-3725, CVE-2022-20792, CVE-2019-12900, CVE-2005-2070, CVE-2008-1389, CVE-2007-6596, CVE-2022-20796, CVE-2021-27506, CVE-2019-15961, CVE-2016-1405, CVE-2010-1311, CVE-2008-6845, CVE-2007-3025, CVE-2007-1997, CVE-2005-1923, CVE-2017-12379, CVE-2005-3587, CVE-2008-1836, CVE-2008-5312, CVE-2023-20032, CVE-2014-9328, CVE-2015-2170, CVE-2006-6406, CVE-2015-2668, CVE-2008-3912, CVE-2017-11423, CVE-2007-6337, CVE-2008-3913, CVE-2015-1461, CVE-2006-1614, CVE-2018-11196, CVE-2018-20873, CVE-2017-12374, CVE-2008-3215, CVE-2010-4261, CVE-2007-2650, CVE-2013-2021, CVE-2017-6419, CVE-2005-3239, CVE-2019-12625, CVE-2005-0133, CVE-2017-12378, CVE-2011-3627, CVE-2010-4479, CVE-2017-6420, CVE-2004-1909, CVE-2008-1387, CVE-2005-2920, CVE-2005-2450, CVE-2022-20771, CVE-2004-1876, CVE-2006-5874, CVE-2019-1787, CVE-2007-6745, CVE-2009-1270, CVE-2007-6029, CVE-2019-1789, CVE-2010-1640, CVE-2009-1601, CVE-2006-1630, CVE-2012-3501, CVE-2010-0058, CVE-2008-1833, CVE-2007-6336, CVE-2005-3303, CVE-2020-7613, CVE-2007-6335, CVE-2015-1462, CVE-2008-1835, CVE-2015-2221, CVE-2007-4560, CVE-2012-2244, CVE-2018-0202, CVE-2008-5525, CVE-2016-1372, CVE-2007-3123, CVE-2017-6418, CVE-2013-6497, CVE-2009-1241, CVE-2023-20197, CVE-2022-20785, CVE-2018-1000085, CVE-2008-0318, CVE-2019-1786, CVE-2022-20770, CVE-2006-5295, CVE-2012-1419, CVE-2006-4613, CVE-2018-15378, CVE-2021-1404, CVE-2017-12375, CVE-2007-3122, CVE-2011-1003, CVE-2019-1785, CVE-2007-1745, CVE-2006-2427, CVE-2006-1989, CVE-2023-20052, CVE-2007-6595, CVE-2013-2020, CVE-2009-1372, CVE-2008-0314, CVE-2006-4182, CVE-2005-1711, CVE-2004-0270, CVE-2007-3024, CVE-2021-1386, CVE-2010-0098, CVE-2020-3341, CVE-2012-1458, CVE-2005-0218, CVE-2020-3327, CVE-2005-3500, CVE-2008-5140, CVE-2020-3481, CVE-2020-3123, CVE-2013-7087, CVE-2021-1405, CVE-2005-3501, CVE-2017-12377, CVE-2019-1798, CVE-2006-4018, CVE-2018-0361, CVE-2006-6481, CVE-2005-3229, CVE-2006-5745, CVE-2011-2721, CVE-2008-5050, CVE-2005-2919, CVE-2007-2029, CVE-2008-0728, CVE-2009-1371, CVE-2023-20212, CVE-2013-7089

Trust: 3.75

Fetched: Jan. 7, 2024, 9:10 a.m., Published: Nov. 1, 2023, 3:59 p.m.
Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: cisco firepower management center
vendor: cisco model: firepower
vendor: cisco model: firepower management center
vendor: cisco model: asa software

Trust: 4.0

Fetched: Jan. 7, 2024, 9:09 a.m., Published: Nov. 1, 2023, 4 p.m.
Vulnerabilities: code injection
Affected productsExternal IDs
vendor: cisco model: cisco firepower threat defense software
vendor: cisco model: firepower threat defense
vendor: cisco model: cisco firepower management center
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense software
vendor: cisco model: firepower management center
vendor: cisco model: asa software

Trust: 5.75

Fetched: Jan. 5, 2024, 10:17 a.m., Published: Jan. 3, 2024, midnight
Vulnerabilities: remote command injection, command injection
Affected productsExternal IDs
vendor: barracuda model: barracuda
db: NVD ids: CVE-2023-2868

Trust: 3.0

Fetched: Jan. 5, 2024, 10:17 a.m., Published: Jan. 3, 2024, midnight
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-36804

Trust: 6.25

Fetched: Jan. 5, 2024, 10:16 a.m., Published: Jan. 4, 2024, 10:41 p.m.
Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2023-41974

Trust: 3.25

Fetched: Jan. 5, 2024, 10:15 a.m., Published: Jan. 3, 2024, 10:24 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point