Sign-up

VARIoT news about IoT security

System BIOS komputera Alienware Aurora Ryzen Edition | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Jan. 24, 2023, 9:51 a.m., Published: Jan. 16, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Apple fixes actively exploited iOS zero-day on older iPhones, iPads - Security & Privacy News - Nsane Forums

Related entries in the VARIoT vulnerabilities database: VAR-202212-1751

Trust: 4.75

Fetched: Jan. 24, 2023, 9:51 a.m., Published: Jan. 23, 2023, 7:48 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: watchos
vendor: apple model: ipod touch
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: macos
vendor: apple model: iphone
vendor: apple model: webkit
vendor: apple model: safari
db: NVD ids: CVE-2022-42856

Vulnerabilities in the web interface of Juniper network devices shipped with JunOS | ValeurBit Infosec

Related entries in the VARIoT vulnerabilities database: VAR-202210-0918, VAR-202210-1013, VAR-202210-0898, VAR-202210-0815, VAR-202210-0849

Trust: 3.0

Fetched: Jan. 24, 2023, 9:50 a.m., Published: Jan. 19, 2023, 7:04 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2022-22242, CVE-2022-22241, CVE-2022-22246, CVE-2022-22243, CVE-2022-22245

Chinese hackers exploit zero-day vulnerabilities in networking devices | Radarr Africa

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.25

Fetched: Jan. 24, 2023, 9:49 a.m., Published: Jan. 23, 2023, 7:23 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: google model: nexus
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

End-of-life Cisco VPN Routers Open for RCE Attacks

Trust: 3.0

Fetched: Jan. 24, 2023, 9:48 a.m., Published: Jan. 23, 2023, 5:16 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: small business
vendor: cisco model: router
vendor: cisco model: routers
vendor: cisco model: cisco small business

All Samsung Galaxy owners must have the most recent version of the Galaxy Store installed on their devices - Bollyinside

Related entries in the VARIoT vulnerabilities database: VAR-202302-0598, VAR-202302-0502

Trust: 3.75

Fetched: Jan. 24, 2023, 9:47 a.m., Published: Jan. 23, 2023, 7:22 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: google chrome
vendor: google model: chrome
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: samsung model: notes
db: NVD ids: CVE-2023-21433, CVE-2023-21434

Chinese hackers exploit zero-day vulnerabilities in networking devices

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.25

Fetched: Jan. 24, 2023, 9:47 a.m., Published: Jan. 22, 2023, 12:31 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: google model: nexus
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

Cisco Patches High-Severity SQL Injection Vulnerability in Unified CM - SecurityWeek

Related entries in the VARIoT vulnerabilities database: VAR-202301-1643

Trust: 4.5

Fetched: Jan. 24, 2023, 9:47 a.m., Published: Jan. 22, 2023, 7:15 p.m.
 Vulnerabilities: sql injection, injection attack
Affected productsExternal IDs
vendor: cisco model: small business
vendor: cisco model: webex
vendor: cisco model: expressway
vendor: cisco model: asyncos software
vendor: cisco model: jabber
vendor: cisco model: telepresence video communication server
vendor: cisco model: email security appliance
vendor: cisco model: telepresence
vendor: cisco model: asyncos
vendor: cisco model: routers
vendor: cisco model: series
vendor: cisco model: expressway series
vendor: cisco model: unified communications
vendor: cisco model: unified communications manager
vendor: cisco model: unified communications manager session management edition
db: NVD ids: CVE-2023-20010

Chinese hackers exploit zero-day vulnerabilities in networking devices, Telecom News, ET Telecom

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 4.25

Fetched: Jan. 24, 2023, 9:46 a.m., Published: Jan. 22, 2023, 12:53 p.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: google model: nexus
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475

21 Best Network Scanning Tools and Softwares (Jan 2023)

Trust: 4.5

Fetched: Jan. 24, 2023, 9:44 a.m., Published: Sept. 12, 2022, 4:13 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
vendor: paessler model: prtg network monitor
vendor: solarwinds model: network performance monitor

Many ICS flaws remain unpatched as attacks against critical infrastructure rise - ARN

Trust: 3.5

Fetched: Jan. 24, 2023, 9:44 a.m., Published: Jan. 24, 2023, midnight
 Vulnerabilities: denial of service, memory corruption, sql injection...
Affected productsExternal IDs
vendor: trend model: security

Many ICS flaws remain unpatched as attacks against critical infrastructure rise | CSO Online

Trust: 3.5

Fetched: Jan. 24, 2023, 9:43 a.m., Published: Jan. 19, 2023, midnight
 Vulnerabilities: denial of service, memory corruption, sql injection...
Affected productsExternal IDs
vendor: trend model: security

Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874) - Help Net Security

Trust: 4.75

Fetched: Jan. 24, 2023, 9:43 a.m., Published: Jan. 18, 2023, 2 p.m.
 Vulnerabilities: authentication bypass, buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-4874, CVE-2022-4873

Technical Advisory - Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) - NCC Group Research

Related entries in the VARIoT vulnerabilities database: VAR-202302-0598, VAR-202302-0502

Trust: 4.5

Fetched: Jan. 24, 2023, 9:43 a.m., Published: Jan. 20, 2023, 2:48 p.m.
 Vulnerabilities: improper access control
Affected productsExternal IDs
vendor: google model: android
vendor: google model: google chrome
vendor: google model: chrome
vendor: samsung model: galaxy
db: NVD ids: CVE-2023-21433, CVE-2023-21434

Samsung patches vulnerabilities that exposed Galaxy Store to attackers - SiliconANGLE

Related entries in the VARIoT vulnerabilities database: VAR-202302-0598, VAR-202302-0502

Trust: 5.75

Fetched: Jan. 24, 2023, 9:42 a.m., Published: Jan. 24, 2023, 12:31 a.m.
 Vulnerabilities: input validation issue
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: google model: android
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2023-21433, CVE-2023-21434

InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks - SecurityWeek

Trust: 3.5

Fetched: Jan. 24, 2023, 9:42 a.m., Published: Jan. 22, 2023, 2:28 a.m.
 Vulnerabilities: code execution, information disclosure
Affected productsExternal IDs
vendor: cisco model: router
vendor: cisco model: routers
vendor: cisco model: series
vendor: cisco model: industrial router

OpenSSL vulnerability CVE-2022-3602 (Remote Code Execution) and CVE-2022-3786 (Denial of Service) Check Point Research Update - Check Point Software

Trust: 5.5

Fetched: Jan. 24, 2023, 9:41 a.m., Published: Nov. 1, 2022, 4:51 p.m.
 Vulnerabilities: buffer overflow, denial of service, code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2022-3786, CVE-2022-3602

INTEL-SA-00752

Related entries in the VARIoT vulnerabilities database: VAR-202211-0906, VAR-202211-0705, VAR-202211-0788, VAR-202211-0823, VAR-202211-0787

Trust: 3.75

Fetched: Jan. 24, 2023, 9:40 a.m., Published: Nov. 4, 2022, 6:53 p.m.
 Vulnerabilities: denial of service, improper access control
Affected productsExternal IDs
db: NVD ids: CVE-2022-26124, CVE-2022-32569, CVE-2022-36370, CVE-2022-37334, CVE-2022-37345, CVE-2022-33176, CVE-2021-33164, CVE-2022-38099, CVE-2022-35276, CVE-2022-36789, CVE-2022-36349, CVE-2022-21794, CVE-2022-34152

Time is Ticking on a New OpenSSL Vulnerability - Armis

Related entries in the VARIoT vulnerabilities database: VAR-201609-0352

Trust: 4.75

Fetched: Jan. 24, 2023, 9:39 a.m., Published: Oct. 29, 2022, 5:40 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: cisco model: routers
db: NVD ids: CVE-2016-6309

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

Related entries in the VARIoT vulnerabilities database: VAR-202211-0095

Trust: 5.75

Fetched: Jan. 24, 2023, 9:39 a.m., Published: Nov. 4, 2022, 10:01 a.m.
 Vulnerabilities: file upload issue, code execution, path traversal...
Affected productsExternal IDs
vendor: nokia model: impact
db: NVD ids: CVE-2022-41607, CVE-2022-3703, CVE-2022-2483, CVE-2022-2482, CVE-2022-2484, CVE-2022-40981, CVE-2022-2969