Sign-up

VARIoT news about IoT security

NVD - CVE-2022-0646

Trust: [4.5, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 5, 2022, midnight
 Vulnerabilities: incomplete cleanup, use after free
Affected productsExternal IDs
db: NVD ids: CVE-2022-0646

Considering buying a smart device? To protect your security, ask yourself these five questions

Trust: [3.5, []]

Fetched: May 13, 2022, 10:50 a.m., Published: Feb. 21, 2022, 2:52 p.m.
 Vulnerabilities: denial of service, default credentials
Affected productsExternal IDs

Warning Issued About Access:7 Vulnerabilities Affecting IoT and Medical Devices

Trust: [3.0, []]

Fetched: May 13, 2022, 10:50 a.m., Published: March 9, 2022, 3:29 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-25252, CVE-2022-25247, CVE-2022-25248, CVE-2022-25249, CVE-2022-25246, CVE-2022-25251, CVE-2022-25250

APC Smart-UPS Vulnerability Puts Millions of Devices at Risk

Trust: [3.75, []]

Fetched: May 13, 2022, 10:50 a.m., Published: March 9, 2022, 7:26 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs

Dirty Pipe Privilege Escalation Vulnerability in Linux | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202203-0043

Trust: [4.25, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 5, 2022, midnight
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-0847

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices

Trust: [3.75, []]

Fetched: May 13, 2022, 10:50 a.m., Published: March 8, 2022, 6:08 p.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs

7 Best Vulnerability Management Tools in 2022 (Paid & Free)

Trust: [3.5, []]

Fetched: May 13, 2022, 10:50 a.m., Published: Aug. 14, 2021, 9:30 a.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs

Remote code execution vulnerability present in Sophos Firewall | Cyber.gov.au

Trust: [5.25, []]

Fetched: May 13, 2022, 10:50 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-1040

What actions customers can take to protect, detect, and respond to Log4j vulnerabilities in Operational Technology (OT) and Industrial Internet of Things (IIoT) environments | The Internet of Things on AWS - Official Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: [3.75, []]

Fetched: May 13, 2022, 10:50 a.m., Published: Jan. 20, 2022, 12:06 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

BIG-IP AFM vulnerability CVE-2022-23028

Related entries in the VARIoT vulnerabilities database: VAR-202201-1345

Trust: [3.25, []]

Fetched: May 13, 2022, 10:50 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-23028

iDor iDM Server Vulnerability Advisory: Alerts: Public Resources: REN-ISAC: Research Education Networking Information Sharing & Analysis Center

Trust: [4.0, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 6, 5041, midnight
 Vulnerabilities: default credentials, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2021-395072021, CVE-2021-39507

Current Activity | CISA

Related entries in the VARIoT vulnerabilities database: VAR-202203-1579, VAR-202203-1580

Trust: [3.25, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 4, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-22674, CVE-2022-22675

SECURITY - Symphony Plus SPIET800 and PNI800 Denial of Service

Trust: [3.25, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 1, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs

TLStorm Remote Code Execution Vulnerability in APC UPS Systems - NHS Digital

Trust: [4.0, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 6, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Vulnerabilities in Wyze cams exposed users to device takeover and video access - SiliconANGLE

Related entries in the VARIoT vulnerabilities database: VAR-202203-1706, VAR-202203-1880

Trust: [4.5, []]

Fetched: May 13, 2022, 10:50 a.m., Published: March 30, 2022, 1:11 a.m.
 Vulnerabilities: authentication bypass, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2019-12266, CVE-2019-9564

RSA Customer Advisory: Apache Vulnerability | Log4j2 (CVE-2021-44228) - SecurID Community - 660501

Related entries in the VARIoT vulnerabilities database: VAR-201912-0889, VAR-202112-0566

Trust: [3.75, []]

Fetched: May 13, 2022, 10:50 a.m., Published: Dec. 11, 2021, 2:01 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-4104, CVE-2019-17571, CVE-2020-9488, CVE-2021-44228

Airspan Networks Mimosa | CISA

Trust: [4.5, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 1, 2022, midnight
 Vulnerabilities: command injection, os command injection, sql injection...
Affected productsExternal IDs
db: NVD ids: CVE-2022-21215, CVE-2022-21143, CVE-2022-21800, CVE-2022-21196, CVE-2022-21141, CVE-2022-0138, CVE-2022-21176

Researchers discover critical vulnerabilities in APC Smart-UPS devices | TechSpot

Related entries in the VARIoT vulnerabilities database: VAR-202203-0237, VAR-202203-0235, VAR-202203-0236

Trust: [4.75, []]

Fetched: May 13, 2022, 10:50 a.m., Published: April 11, 2022, midnight
 Vulnerabilities: buffer overflow, authentication bypass, memory corruption...
Affected productsExternal IDs
db: NVD ids: CVE-2022-22805, CVE-2022-0715, CVE-2022-22806

Vulnerability in Security: A Complete Overview | Simplilearn

Trust: [3.75, []]

Fetched: May 13, 2022, 10:50 a.m., Published: Feb. 9, 2022, 5:54 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

DSA-2022-035: Dell Wyse Device Agent Security Update for Multiple Vulnerabilities | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202202-0978, VAR-202202-0977, VAR-202202-0979

Trust: [5.0, []]

Fetched: May 13, 2022, 10:50 a.m., Published: May 6, 2022, midnight
 Vulnerabilities: authentication vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2022-23156, CVE-2022-23157, CVE-2022-23158