Sign-up

VARIoT news about IoT security

OESIS Framework October 18, 2022 Release - OPSWAT

Related entries in the VARIoT vulnerabilities database: VAR-202012-0013, VAR-201912-0489, VAR-202012-0006, VAR-201912-0629, VAR-201912-0525, VAR-202012-0007, VAR-201912-0638, VAR-202210-0635, VAR-201912-0122

Trust: 3.5

Fetched: Nov. 4, 2022, 5:52 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: itunes
vendor: apple inc. model: safari
vendor: apple inc. model: itunes
db: NVD ids: CVE-2019-6774, CVE-2022-33746, CVE-2022-33748, CVE-2020-10002, CVE-2019-6773, CVE-2020-6495, CVE-2019-8550, CVE-2019-13701, CVE-2022-28762, CVE-2019-13717, CVE-2019-13702, CVE-2019-13719, CVE-2019-6767, CVE-2019-13715, CVE-2019-13714, CVE-2019-13718, CVE-2018-18447, CVE-2019-13706, CVE-2019-13699, CVE-2019-13700, CVE-2019-6765, CVE-2019-13710, CVE-2020-17380, CVE-2020-10010, CVE-2019-8625, CVE-2019-6775, CVE-2019-13703, CVE-2020-6493, CVE-2019-6771, CVE-2018-18446, CVE-2019-8719, CVE-2020-10011, CVE-2022-39288, CVE-2022-3140, CVE-2019-13716, CVE-2019-9850, CVE-2019-8674, CVE-2019-13708, CVE-2019-6769, CVE-2020-2778, CVE-2019-6764, CVE-2019-6770, CVE-2019-6768, CVE-2022-41032, CVE-2019-13709, CVE-2019-13723, CVE-2019-9851, CVE-2019-8813, CVE-2019-6766, CVE-2019-9855, CVE-2019-13704, CVE-2019-6772

CVE-2022-40202 Deltaww Infrasuite Device Master - SecAlerts - Security vulnerabilities in your inbox

Trust: 5.0

Fetched: Nov. 4, 2022, 5:52 p.m., Published: Nov. 9, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-40202

CVE-2022-41629 Deltaww Infrasuite Device Master - SecAlerts - Security vulnerabilities in your inbox

Trust: 3.0

Fetched: Nov. 4, 2022, 5:51 p.m., Published: Nov. 9, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-41629

CN112528295A - Vulnerability repairing method and device of industrial control system - Google Patents

Trust: 4.25

Fetched: Nov. 4, 2022, 5:49 p.m., Published: Dec. 22, 2020, midnight
 Vulnerabilities: buffer overflow, directory traversal, denial of service...
Affected productsExternal IDs
vendor: trend model: security

What You Should Know about the New OpenSSL Vulnerability - Security Boulevard

Trust: 3.0

Fetched: Nov. 4, 2022, 5:47 p.m., Published: Oct. 31, 2022, 7:38 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

iPhone and iPad devices face serious security vulnerabilities after the new iOS 16 and iPadOS 16 updates - Market for Phones

Trust: 3.75

Fetched: Nov. 4, 2022, 5:46 p.m., Published: Oct. 30, 2022, 5:37 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: ipad air

Apple patches SiriSpy vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202210-1627

Trust: 3.75

Fetched: Nov. 4, 2022, 5:46 p.m., Published: Nov. 5, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: ipad air
db: NVD ids: CVE-2022-32946

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Trust: 3.5

Fetched: Nov. 4, 2022, 5:45 p.m., Published: Nov. 2, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

OpenSSL warns of critical security vulnerability with upcoming patch | ZDNET

Trust: 3.0

Fetched: Nov. 4, 2022, 5:45 p.m., Published: Nov. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point

‘Vulnerability’ found in iPhones and iPads, SingCERT advises Apple users to update for security patch - CNA

Trust: 3.75

Fetched: Nov. 4, 2022, 5:44 p.m., Published: Nov. 19, 2022, midnight
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad
vendor: apple model: ipad air

Tight Internet Explorer integration could lead to vulnerabilities in Windows | SC Media

Trust: 3.0

Fetched: Nov. 4, 2022, 5:43 p.m., Published: Oct. 25, 2022, 9:58 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-37981

Fortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 4.0

Fetched: Nov. 4, 2022, 5:42 p.m., Published: Oct. 17, 2022, midnight
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2022-40684

Threat And Vulnerability Management - Kick Cyber Security Into Gear

Trust: 3.0

Fetched: Nov. 4, 2022, 5:42 p.m., Published: Oct. 24, 2022, 1:32 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-22954

OpenSSL (Spooky SSL) vulnerabilities - how to mitigate risk - Forescout

Trust: 4.5

Fetched: Nov. 4, 2022, 5:41 p.m., Published: Nov. 2, 2022, 10:59 p.m.
 Vulnerabilities: code execution, buffer overflow, buffer overrun...
Affected productsExternal IDs
vendor: snort model: snort
db: NVD ids: CVE-2022-3602, CVE-2022-3786

Cisco : Security vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202207-1583, VAR-202207-1582, VAR-202202-0288, VAR-202207-1530, VAR-202207-1563, VAR-202207-1538, VAR-202207-1534, VAR-202207-1637, VAR-202207-1643, VAR-202207-1616, VAR-202207-1532, VAR-202209-1915, VAR-202207-0228, VAR-202208-1879, VAR-202207-1539, VAR-202210-1812, VAR-202207-1573, VAR-202209-2004, VAR-202207-1644, VAR-202207-1607, VAR-202207-0225, VAR-202210-1411, VAR-202207-1572, VAR-202208-0217, VAR-202208-0326, VAR-202207-1533, VAR-202207-1638, VAR-202207-1535, VAR-202207-1513, VAR-202202-0286, VAR-202203-1506, VAR-202207-1531, VAR-202207-1553, VAR-202209-1949, VAR-202208-0238, VAR-202209-1881, VAR-202209-1929, VAR-202207-1587, VAR-202209-2087, VAR-202207-1514, VAR-202207-1547, VAR-202210-1702, VAR-202207-1564, VAR-202210-1371, VAR-202207-1536, VAR-202207-1617, VAR-202207-1708, VAR-202210-1641, VAR-202209-0491, VAR-202207-1597

Trust: 5.25

Fetched: Nov. 4, 2022, 5:40 p.m., Published: Nov. 4, 2050, midnight
 Vulnerabilities: improper validation, denial of service, directory traversal...
Affected productsExternal IDs
vendor: cisco model: cisco unity connection
vendor: cisco model: ios xe
vendor: cisco model: webex meetings
vendor: cisco model: small business
vendor: cisco model: nexus
vendor: cisco model: cisco roomos
vendor: cisco model: cisco sd-wan
vendor: cisco model: cisco telepresence
vendor: cisco model: identity services engine
vendor: cisco model: unity connection
vendor: cisco model: ios software
vendor: cisco model: cisco unified communications manager
vendor: cisco model: sd-wan
vendor: cisco model: telepresence
vendor: cisco model: webex teams
vendor: cisco model: ios xe software
vendor: cisco model: cisco small business
vendor: cisco model: rv110w
vendor: cisco model: unified communications manager
vendor: cisco model: cisco identity services engine
vendor: cisco model: routers
vendor: cisco model: telepresence collaboration endpoint
vendor: cisco model: webex
vendor: cisco model: unified communications
vendor: cisco model: unified communications manager session management edition
vendor: cisco model: rv130
vendor: cisco model: cisco ios
vendor: cisco model: cisco ios xe
vendor: cisco model: rv130w
vendor: cisco model: cisco webex
vendor: cisco model: application policy infrastructure controller
vendor: cisco model: ios xe sd-wan software
vendor: cisco model: data center network manager
vendor: cisco model: roomos
vendor: cisco model: rv215w
vendor: cisco model: unity
vendor: cisco model: cisco unity
vendor: cisco model: cisco application policy infrastructure controller
vendor: cisco model: cisco webex meetings
db: NVD ids: CVE-2022-20880, CVE-2022-20881, CVE-2022-22807, CVE-2022-20908, CVE-2022-20889, CVE-2022-20886, CVE-2022-20907, CVE-2022-20910, CVE-2022-20885, CVE-2022-20884, CVE-2022-20857, CVE-2022-20915, CVE-2022-20862, CVE-2022-20921, CVE-2022-20888, CVE-2022-20955, CVE-2022-20877, CVE-2022-20920, CVE-2022-20883, CVE-2022-20882, CVE-2022-20859, CVE-2022-20953, CVE-2022-20890, CVE-2022-20914, CVE-2022-20869, CVE-2022-20909, CVE-2022-20874, CVE-2022-20861, CVE-2022-20873, CVE-2022-22809, CVE-2022-22965, CVE-2022-20906, CVE-2022-20860, CVE-2022-20850, CVE-2022-20852, CVE-2022-20830, CVE-2022-20844, CVE-2022-20875, CVE-2022-20930, CVE-2022-20913, CVE-2022-20887, CVE-2022-20954, CVE-2022-20876, CVE-2022-20822, CVE-2022-20858, CVE-2022-20878, CVE-2022-20916, CVE-2022-20959, CVE-2022-20863, CVE-2022-20879

Detected vulnerabilities in the web interface of devices with JunOS | From Linux

Related entries in the VARIoT vulnerabilities database: VAR-202210-0898, VAR-202210-0918, VAR-202210-0849, VAR-202210-0815, VAR-202210-1013

Trust: 3.75

Fetched: Nov. 4, 2022, 5:39 p.m., Published: Oct. 29, 2022, 7:39 p.m.
 Vulnerabilities: code execution, cross-site scripting, file upload vulnerability...
Affected productsExternal IDs
db: NVD ids: CVE-2022-22246, CVE-2022-22242, CVE-2022-22245, CVE-2022-22243, CVE-2022-22241

Are Your Mobile and IoT Devices Weakening Your Security? | Marcum LLP | Accountants and Advisors

Trust: 4.75

Fetched: Nov. 4, 2022, 5:39 p.m., Published: Oct. 25, 2022, 4:30 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: trend model: security

Fortinet says critical auth bypass bug is exploited in attacks

Related entries in the VARIoT vulnerabilities database: VAR-202210-0198

Trust: 4.75

Fetched: Nov. 4, 2022, 5:37 p.m., Published: -
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-40684

New OpenSSL critical vulnerability: What you need to know | Snyk

Trust: 4.0

Fetched: Nov. 4, 2022, 5:37 p.m., Published: Oct. 31, 2022, 12:19 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: node.js model: node.js

Bugs In Safari, IOS 16.1 Could Let Hackers Steal Users’ Sensitive Data: Cert-In - WorldNewsEra

Trust: 4.5

Fetched: Nov. 4, 2022, 5:36 p.m., Published: Oct. 26, 2022, 9:39 p.m.
 Vulnerabilities: improper memory handling, improper validation, use after free...
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: ipad air
vendor: apple model: macos