Sign-up

VARIoT news about IoT security

Security Advisory - Cross-Site Scripting(XSS) Vulnerability in Huawei WS318n Product

Related entries in the VARIoT vulnerabilities database: VAR-202112-2524

Trust: 5.75

Fetched: May 13, 2022, 7:59 a.m., Published: May 13, 2040, midnight
 Vulnerabilities: information disclosure, cross-site scripting
Affected productsExternal IDs
vendor: huawei model: huawei
db: NVD ids: CVE-2021-40041

Vulnerability in GitHub Actions Allowed Attackers to Take Control of Victim’s Device | IT Security News

Related entries in the VARIoT vulnerabilities database: VAR-202110-0794

Trust: 3.75

Fetched: May 13, 2022, 7:59 a.m., Published: May 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2021-38178

Microsoft Issues Serious Windows 10, Windows 11 Upgrade Warning

Related entries in the VARIoT vulnerabilities database: VAR-202107-1503, VAR-202109-1789, VAR-202201-0640

Trust: 3.75

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-21874, CVE-2021-36976, CVE-2022-21839, CVE-2022-21836, CVE-2021-22947, CVE-2022-21919

Attackers Are Targeting Unknown SolarwWnds Vulnerability, Microsoft Warns - KoDDoS Blog

Trust: 4.5

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 23, 2022, 7:27 a.m.
 Vulnerabilities: input validation bug, code execution
Affected productsExternal IDs
vendor: solarwinds model: serv-u
db: NVD ids: CVE-2021-35247, CVE-2021-35211

CentOS have Vulnerabilities

Trust: 4.75

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 25, 2022, midnight
 Vulnerabilities: code execution, command execution, file inclusion
Affected productsExternal IDs
db: NVD ids: CVE-2021-45466, CVE-2021-45467

Investigation of Log4j Vulnerability with Illumina instruments

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-2011, VAR-202112-0566

Trust: 3.0

Fetched: May 13, 2022, 7:59 a.m., Published: May 13, 2000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44832, CVE-2021-44228

iOS Devices Can Freeze, Crash Due to a HomeKit Vulnerability | Dagold News

Trust: 3.5

Fetched: May 13, 2022, 7:59 a.m., Published: May 13, 2012, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: ipad
vendor: apple model: icloud
vendor: apple model: macos
vendor: apple model: iphone

Log4j vulnerability targeted

Trust: 5.0

Fetched: May 13, 2022, 7:59 a.m., Published: May 18, 2022, midnight
 Vulnerabilities: input validation problem
Affected productsExternal IDs
vendor: solarwinds model: serv-u
db: NVD ids: CVE-2021-35247

MSP facing vulnerabilities| WatchGuard Blog

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.75

Fetched: May 13, 2022, 7:59 a.m., Published: May 19, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Microsoft January 2022 Security Updates address 10 Critical vulnerabilities - Securezoo

Related entries in the VARIoT vulnerabilities database: VAR-202109-1789, VAR-202112-0566

Trust: 4.25

Fetched: May 13, 2022, 7:59 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-21846, CVE-2022-21840, CVE-2022-21857, CVE-2021-22947, CVE-2021-44228, CVE-2022-21917, CVE-2022-21833, CVE-2022-21912, CVE-2022-21907, CVE-2022-21898

QNAP Product Information Disclosure Vulnerability

Trust: 3.5

Fetched: May 13, 2022, 7:59 a.m., Published: Sept. 10, 2021, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs

CISA Listed Multiple Vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202103-0965

Trust: 5.5

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 24, 2022, midnight
 Vulnerabilities: os command injection, information disclosure, denial of service...
Affected productsExternal IDs
vendor: nagios model: nagios xi
vendor: solarwinds model: serv-u
vendor: aviatrix model: controller
vendor: node.js model: node.js
db: NVD ids: CVE-2006-1547, CVE-2021-40870, CVE-2021-32648, CVE-2020-11978, CVE-2021-33766, CVE-2021-21315, CVE-2021-22991, CVE-2021-25298, CVE-2018-8453, CVE-2012-0391, CVE-2021-25296, CVE-2021-35247, CVE-2020-13671, CVE-2020-14864, CVE-2021-21975, CVE-2021-25297, CVE-2020-13927

Cybercriminals Are Weaponizing MikroTik Devices: Here’s How

Related entries in the VARIoT vulnerabilities database: VAR-201910-0546, VAR-201803-2171, VAR-201910-0547, VAR-201808-0384

Trust: 5.5

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2021, midnight
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: mikrotik model: router
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik routers
vendor: mikrotik model: routers
db: NVD ids: CVE-2019-3977, CVE-2018-7445, CVE-2019-3978, CVE-2018-14847

UPDATE January 13, 2022 - Log4j Vulnerability Response | WaterISAC

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 17, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security

Remote Desktop Protocol Remote Code Execution Vulnerability - CVE-2022-21893 - Security Investigation

Trust: 4.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2022, 3:58 p.m.
 Vulnerabilities: code execution, privilege escalation
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2019-0708, CVE-2022-21893, CVE-2019-0887

53% of medical devices have a known critical vulnerability | Vumetric Cyber Portal

Trust: 3.0

Fetched: May 13, 2022, 7:58 a.m., Published: May 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Is Your Hospital Safe From A Cyber Attack? Probably Not, Report Warns

Trust: 3.75

Fetched: May 13, 2022, 7:58 a.m., Published: May 2, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: trend model: security

Always On VPN IKEv2 Security Vulnerabilities - January 2022 | Richard M. Hicks Consulting, Inc.

Trust: 4.0

Fetched: May 13, 2022, 7:58 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: denial of service, code execution, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2022-21849

Microsoft warns EVERY Windows 10 user over nine 'critical' dangers you need to fix now

Trust: 5.0

Fetched: May 13, 2022, 7:58 a.m., Published: May 10, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-21840