Sign-up

VARIoT news about IoT security

GRC | Security Now! Episode Archive

Trust: 3.25

Fetched: June 9, 2022, 12:58 p.m., Published: May 9, 2022, midnight
 Vulnerabilities: authentication bypass, code execution, privilege escalation...
Affected productsExternal IDs
vendor: cisco model: series
vendor: cisco model: guard
vendor: cisco model: meeting
vendor: cisco model: routers
vendor: cisco model: router
vendor: netgear model: router
vendor: netgear model: netgear router
vendor: google model: chrome
vendor: google model: android
vendor: google model: home
vendor: google model: wifi
vendor: samsung model: mobile
vendor: samsung model: notes
vendor: samsung model: note
vendor: samsung model: printer
vendor: samsung model: mobile phones
vendor: trend model: password manager
vendor: trend model: security
vendor: asus model: asus
vendor: asus model: routers
vendor: asus model: router
vendor: sophos model: mobile
vendor: microtik model: routers
vendor: microtik model: router
vendor: apple model: iphone
vendor: palo model: firewall
vendor: palo model: networks
vendor: orange model: web server
vendor: lenovo model: edge
vendor: lenovo model: system
vendor: lenovo model: updates

Cyber Security Today, May 6, 2022 - Hacking helped by infected removable storage devices, corporate espionage, and more | IT World Canada News

Trust: 3.0

Fetched: June 9, 2022, 12:56 p.m., Published: May 6, 2022, 11:53 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canary model: canary

Latest Windows 10, Windows 11 Cumulative Updates Break Down the Event Viewer

Related entries in the VARIoT vulnerabilities database: VAR-202205-0799

Trust: 3.25

Fetched: June 9, 2022, 12:56 p.m., Published: May 10, 2022, 9:58 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-26925

HC3 TLP White: Monthly Cybersecurity Vulnerability Bulletin May 6, 2022 | AHA

Trust: 3.0

Fetched: June 9, 2022, 12:56 p.m., Published: May 6, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Project Zero

Trust: 3.25

Fetched: June 9, 2022, 12:55 p.m., Published: May 10, 2022, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs

Decade-old vulnerabilities discovered in Avast and AVG antivirus

Trust: 4.0

Fetched: June 9, 2022, 12:54 p.m., Published: May 5, 2022, 5:27 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: avast model: antivirus
db: NVD ids: CVE-2022-26522, CVE-2022-26523

Multiple Vulnerabilities in SonicWall SSLVPN SMA1000 Series Could Allow for Authentication Bypass | New York State Office of Information Technology Services

Trust: 4.25

Fetched: June 9, 2022, 12:50 p.m., Published: May 16, 2022, 4:46 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
vendor: sonicwall model: sma1000

Critical flaw in Zyxel firewalls grants access to corporate networks (CVE-2022-30525) - Help Net Security

Related entries in the VARIoT vulnerabilities database: VAR-202205-0957

Trust: 3.0

Fetched: June 9, 2022, 12:47 p.m., Published: May 13, 2022, 11:37 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-30525

Patch warning issued for Avaya, Aruba switches | IT World Canada News

Related entries in the VARIoT vulnerabilities database: VAR-202203-0237

Trust: 5.5

Fetched: June 9, 2022, 12:46 p.m., Published: May 3, 2022, 7:50 p.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: extreme networks model: ers3500
vendor: extreme model: ers3500
db: NVD ids: CVE-2022-22805, CVE-2022-29860, CVE-2022-23676, CVE-2022-23677, CVE-2022-29861

Vulnerability in QVR - Security Advisory | QNAP (US)

Trust: 3.25

Fetched: June 9, 2022, 12:45 p.m., Published: May 6, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27588

Some Android Devices May Have Media File Security Vulnerability | Computer Technologies

Related entries in the VARIoT vulnerabilities database: VAR-202112-0901

Trust: 5.0

Fetched: June 9, 2022, 12:44 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2021-0675, CVE-2021-30351, CVE-2021-0674

Intel reveals a whole load of hardware security issues, so patch now | TechRadar

Trust: 3.25

Fetched: June 6, 2022, 1:14 p.m., Published: May 14, 2022, 3:05 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs

Unpatched DNS Vulnerability Affecting Millions of IoT Devices and Routers | New Jersey Cybersecurity & Communications Integration Cell

Trust: 3.0

Fetched: June 6, 2022, 1:13 p.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: axis model: communications

Micorosoft has warned of dangerous vulnerabilities in pre-installed applications on millions of Android devices

Trust: 3.75

Fetched: June 6, 2022, 1:13 p.m., Published: May 30, 2022, 6:29 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2021-42599, CVE-2021-42600, CVE-2021-42601, CVE-2021-42598

Some Android Devices May Have Media File Security Vulnerability | Computer Breakthrough

Related entries in the VARIoT vulnerabilities database: VAR-202112-0901

Trust: 5.0

Fetched: June 6, 2022, 1:13 p.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2021-30351, CVE-2021-0674, CVE-2021-0675

Hackers have found a new way to smuggle malware onto your device | TechRadar

Trust: 3.0

Fetched: June 6, 2022, 1:11 p.m., Published: May 23, 2022, 12:26 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2017-11882

Multiple Vulnerabilities in QTS, QuTS hero, and QuTScloud - Security Advisory | QNAP

Trust: 4.75

Fetched: June 6, 2022, 1:11 p.m., Published: May 6, 2022, midnight
 Vulnerabilities: open redirect vulnerability, command injection, cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2021-44053, CVE-2021-44051, CVE-2021-44052, CVE-2021-44054

The May 2022 Patch Tuesday addresses 10 LDAP Remote Code Execution vulnerabilities (Critical, CVSSv3 9.8) - The things that are better left unspoken

Trust: 4.25

Fetched: June 6, 2022, 1:10 p.m., Published: May 10, 2022, 5:58 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-22012, CVE-2022-29137, CVE-2022-29141, CVE-2022-22013, CVE-2022-29129, CVE-2022-22014, CVE-2022-29130, CVE-2022-29131, CVE-2022-29128, CVE-2022-29139

Zyxel warns of vulnerabilities in firewalls, AP controllers and access points (May 24, 2022) | Born's Tech and Windows World

Related entries in the VARIoT vulnerabilities database: VAR-202205-1788, VAR-202205-1787, VAR-202205-1789, VAR-202205-1790

Trust: 5.75

Fetched: June 6, 2022, 1:10 p.m., Published: May 25, 2022, 2:19 p.m.
 Vulnerabilities: authentication bypass, command injection, cross-site scripting...
Affected productsExternal IDs
vendor: zyxel model: usg40
db: NVD ids: CVE-2022-0734, CVE-2022-0910, CVE-2022-26532, CVE-2022-26531

Government Agency Flags Several Vulnerabilities In Chrome Browser, Advises Update

Trust: 3.75

Fetched: June 6, 2022, 1:09 p.m., Published: May 2, 2022, 6:31 p.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome