Sign-up

VARIoT news about IoT security

使用广泛的软件包(应用)可见性 (QUERY_ALL_PACKAGES) 权限 - Play 管理中心帮助

Trust: 3.25

Fetched: July 27, 2025, 9:58 a.m., Published: July 11, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

使用大範圍的套件 (應用程式) 瀏覽權限 (QUERY_ALL_PACKAGES) - Play 管理中心說明

Trust: 3.25

Fetched: July 27, 2025, 9:56 a.m., Published: July 30, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

使用廣泛套裝 (應用程式) 檢視 (QUERY_ALL_PACKAGES) 權限 - Play 管理中心 說明

Trust: 3.25

Fetched: July 27, 2025, 9:55 a.m., Published: July 11, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Set default search engine and site search shortcuts - Computer - Google Chrome Help

Trust: 3.0

Fetched: July 27, 2025, 9:55 a.m., Published: May 27, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome

‘Failings’ in provision of cricketer Graham Thorpe’s care before death - coroner | The Standard

Trust: 3.25

Fetched: July 27, 2025, 9:07 a.m., Published: July 25, 2025, 8:08 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canary model: canary

Top 10 Trending CVEs, Latest Insights & Analysis | cvemon | cvemon

Trust: 4.0

Fetched: July 25, 2025, 10:15 a.m., Published: July 10, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-53771

Cyber Security Testing: Definition and Types

Trust: 3.5

Fetched: July 25, 2025, 10:05 a.m., Published: July 21, 2025, 7:12 a.m.
 Vulnerabilities: session fixation, code execution, privilege escalation...
Affected productsExternal IDs

Update Canonical Ubuntu Desktop: USN-7629-1: Protocol Buffers vulnerabilities

Trust: 6.25

Fetched: July 25, 2025, 10:03 a.m., Published: Jan. 25, 7629, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-7254, CVE-2025-4565

What is Cyber Infrastructure? Safeguarding Digital Assets | SentinelOne

Trust: 3.5

Fetched: July 25, 2025, 10:01 a.m., Published: July 21, 2025, 8:23 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

CVE-2025-49724: Windows Devices Vulnerability - DEC Solutions Group

Trust: 5.25

Fetched: July 25, 2025, 10:01 a.m., Published: July 8, 2025, 6:05 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-49724

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

Related entries in the VARIoT vulnerabilities database: VAR-202401-1629, VAR-202401-2573

Trust: 5.75

Fetched: July 25, 2025, 10 a.m., Published: June 30, 2025, 6:49 p.m.
 Vulnerabilities: code injection, denial of service, buffer overflow
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler gateway
db: NVD ids: CVE-2023-6549, CVE-2023-6548, CVE-2025-6543

Schneider Electric EcoStruxure (Update B) | CISA

Trust: 5.25

Fetched: July 25, 2025, 9:59 a.m., Published: July 15, 2025, midnight
 Vulnerabilities: uncontrolled search path, privilege escalation
Affected productsExternal IDs
vendor: trend micro model: security
vendor: schneider model: vijeo designer
vendor: schneider model: zelio soft 2
vendor: schneider model: ecostruxure machine expert
vendor: schneider model: ecostruxure control expert
vendor: schneider model: zelio soft
vendor: schneider model: control expert
vendor: schneider electric model: vijeo designer
vendor: schneider electric model: zelio soft 2
vendor: schneider electric model: ecostruxure machine expert
vendor: schneider electric model: ecostruxure control expert
vendor: schneider electric model: zelio soft
vendor: schneider electric model: control expert
vendor: trend model: security
db: NVD ids: CVE-2024-2658

Update Canonical Ubuntu Desktop: USN-7628-1: Linux kernel (Azure) vulnerabilities

Trust: 3.75

Fetched: July 25, 2025, 9:59 a.m., Published: Jan. 25, 7628, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: acrn model: acrn
vendor: alsa model: alsa
vendor: canonical model: ubuntu
db: NVD ids: CVE-2025-2312

Technical Advisory: Critical Remote Code Execution Vulnerability in Microsoft SharePoint Server (CVE-2025-53770)

Trust: 3.75

Fetched: July 25, 2025, 9:58 a.m., Published: July 21, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2025-49704, CVE-2025-49706, CVE-2025-53770

RondoDox Unveiled: Breaking Down a New Botnet Threat | FortiGuard Labs

Trust: 4.5

Fetched: July 25, 2025, 9:56 a.m., Published: July 3, 2025, 1 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: wireshark model: wireshark
vendor: four-faith model: f3x24
vendor: four-faith model: four-faith router
vendor: four-faith model: four-faith
db: NVD ids: CVE-2024-12856, CVE-2024-3721

CVE-2025-4395 : User Account Vulnerability in Medtronic MyCareLink Patient Monitor Devices

Trust: 4.25

Fetched: July 25, 2025, 9:56 a.m., Published: July 24, 2025, 3:30 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: medtronic model: mycarelink patient monitor
db: NVD ids: CVE-2025-4395

Update Canonical Ubuntu Server: USN-7629-1: Protocol Buffers vulnerabilities

Trust: 6.25

Fetched: July 25, 2025, 9:54 a.m., Published: Jan. 25, 7629, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu
db: NVD ids: CVE-2024-7254, CVE-2025-4565

Critical Sophos Firewall Vulnerabilities Enables pre-auth Remote Code Execution

Trust: 5.5

Fetched: July 25, 2025, 9:52 a.m., Published: July 22, 2025, 1:06 p.m.
 Vulnerabilities: command injection, code execution, sql injection
Affected productsExternal IDs
vendor: sophos model: firewall
db: NVD ids: CVE-2025-7382, CVE-2024-13974, CVE-2025-6704, CVE-2024-13973, CVE-2025-7624

CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation - Blog | Tenable®

Trust: 4.5

Fetched: July 25, 2025, 9:51 a.m., Published: June 27, 2025, 9:11 p.m.
 Vulnerabilities: denial of service, improper access control, access control vulnerability
Affected productsExternal IDs
vendor: citrix model: gateway
vendor: citrix model: netscaler
vendor: citrix model: netscaler adc
db: NVD ids: CVE-2025-5349, CVE-2025-6543, CVE-2025-5777, CVE-2023-4966

Mobile Device Security: Strategies Against Cyber Threats.

Trust: 3.75

Fetched: July 25, 2025, 9:50 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone