Sign-up

VARIoT news about IoT security

CVE-2025-38300 - crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() - SecAlerts

Trust: 3.0

Fetched: July 13, 2025, 10:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-38300

Security Advisory for Unauthenticated Remote Code Execution on Some Routers, PSV-2016-0261 - NETGEAR Support

Related entries in the VARIoT vulnerabilities database: VAR-201705-3972

Trust: 5.75

Fetched: July 13, 2025, 10:19 a.m., Published: -
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: netgear model: router
vendor: netgear model: wnr2000v3
vendor: netgear model: wnr2000v4
vendor: netgear model: r2000
vendor: netgear model: wnr2000v5
db: NVD ids: CVE-2017-6862

Update Canonical Ubuntu Desktop: USN-7618-1: Linux kernel (OEM) vulnerabilities

Trust: 3.25

Fetched: July 13, 2025, 10:17 a.m., Published: Jan. 13, 7618, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: canonical model: ubuntu

Cisco Identity Services Stored Cross-Site Scripting Vulnerability - Cisco

Trust: 4.25

Fetched: July 13, 2025, 10:15 a.m., Published: July 8, 2025, 11:28 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

Cisco Spaces Connector Privilege Escalation Vulnerability - Cisco

Trust: 4.25

Fetched: July 13, 2025, 10:14 a.m., Published: July 2, 2025, 11:04 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Trust: 5.5

Fetched: July 13, 2025, 10:14 a.m., Published: July 4, 2025, 12:33 a.m.
 Vulnerabilities: code execution, command execution
Affected productsExternal IDs
vendor: hikvision model: hikvision
db: NVD ids: CVE-2025-34067

Hunt Electronic DVR Vulnerability Leaves Admin Credentials Unprotected

Trust: 3.0

Fetched: July 13, 2025, 10:14 a.m., Published: June 27, 2025, 11:30 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-65619, CVE-2025-6561

Qilin Leads in Exploiting Unpatched Fortinet Vulnerabilities

Trust: 4.5

Fetched: July 13, 2025, 10:13 a.m., Published: July 11, 2025, 4:41 p.m.
 Vulnerabilities: code execution, authentication bypass
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2024-57726, CVE-2024-55591, CVE-2024-21762

D-Link 0-click Vulnerability Allows Remote Attackers to Crash the Server

Related entries in the VARIoT vulnerabilities database: VAR-202507-0217

Trust: 5.75

Fetched: July 13, 2025, 10:06 a.m., Published: July 11, 2025, 10:36 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: d-link model: dir-825
vendor: d-link model: dir-825 rev.b
vendor: d-link model: router
db: NVD ids: CVE-2025-7206

PSA: If you have a Brother printer, change the password now - 9to5Mac

Trust: 3.75

Fetched: July 13, 2025, 10:05 a.m., Published: July 1, 2025, 11:37 a.m.
 Vulnerabilities: default password, authentication bypass, default administrator password
Affected productsExternal IDs
db: NVD ids: CVE-2024-51984, CVE-2024-51978

Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability

Trust: 4.25

Fetched: July 13, 2025, 10:05 a.m., Published: July 2, 2025, 3:57 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

Cisco Identity Services Stored Cross-Site Scripting Vulnerability

Trust: 4.25

Fetched: July 13, 2025, 10:04 a.m., Published: June 30, 2025, 3:08 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

Cisco Spaces Connector Privilege Escalation Vulnerability

Trust: 4.25

Fetched: July 13, 2025, 10:04 a.m., Published: July 2, 2025, 3:57 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Specific Ricoh MFP and Printer Products - Multiple vulnerabilities (CVE-2017-9765, CVE-2024-2169, CVE-2024-51977, CVE-2024-51979, CVE-2024-51980, CVE-2024-51981, CVE-2024-51982, CVE-2024-51983, CVE-2024-51984) | Ricoh Danmark

Trust: 3.25

Fetched: July 13, 2025, 10:04 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2017-9765, CVE-2024-51980, CVE-2024-51977, CVE-2024-51982, CVE-2024-51984, CVE-2024-2169, CVE-2024-51983, CVE-2024-51981, CVE-2024-51979

Cisco Identity Services Stored Cross-Site Scripting Vulnerability

Trust: 4.25

Fetched: July 13, 2025, 10:02 a.m., Published: June 30, 2025, 3:08 p.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs

Cisco ISE Vulnerability Allows Remote Attackers to Execute Malicious Command

Trust: 5.75

Fetched: July 13, 2025, 10:01 a.m., Published: June 26, 2025, 1:18 p.m.
 Vulnerabilities: input validation flaw
Affected productsExternal IDs
vendor: cisco model: network access control
vendor: cisco model: identity services engine
db: NVD ids: CVE-2025-20281, CVE-2025-20282

CVE-2024-51983 : Remote Code Execution Vulnerability in Brother Devices

Trust: 4.0

Fetched: July 13, 2025, 10:01 a.m., Published: June 25, 2025, 7:26 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-51983

Microsoft Patch Tuesday for July 2025 - Snort rules and prominent vulnerabilities

Trust: 5.5

Fetched: July 13, 2025, 10 a.m., Published: July 8, 2025, 8:29 p.m.
 Vulnerabilities: code execution, use after free, code injection...
Affected productsExternal IDs
vendor: snort model: snort
vendor: snort.org model: snort
db: NVD ids: CVE-2025-49698, CVE-2025-49701, CVE-2025-47980, CVE-2025-47981, CVE-2025-49703, CVE-2025-49697, CVE-2025-49724, CVE-2025-49695, CVE-2025-49704, CVE-2025-49717, CVE-2025-49702, CVE-2025-48822, CVE-2025-49735, CVE-2025-49696

Ruckus Networks security flaws left unpatched, putting thousands of devices at risk | TechRadar

Trust: 3.75

Fetched: July 13, 2025, 9:38 a.m., Published: July 11, 2025, 10:04 a.m.
 Vulnerabilities: command injection, path traversal, information leakage
Affected productsExternal IDs
db: NVD ids: CVE-2025-44957, CVE-2025-44960, CVE-2025-6243, CVE-2025-44958, CVE-2025-44954, CVE-2025-44961, CVE-2025-44963, CVE-2025-44962, CVE-2025-44955

Security Bulletins for HUAWEI Phones/Tablets, July 2025

Trust: 3.75

Fetched: July 13, 2025, 9:37 a.m., Published: July 1, 2025, 10:18 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: huawei
vendor: huawei model: emui
db: NVD ids: CVE-2025-26690, CVE-2025-0072, CVE-2025-27562, CVE-2025-26429, CVE-2025-21926, CVE-2025-24844, CVE-2025-32312, CVE-2024-40653, CVE-2025-26423, CVE-2025-22437, CVE-2025-26458, CVE-2025-21785, CVE-2025-25212, CVE-2024-49728, CVE-2024-49740, CVE-2025-26444, CVE-2025-24925, CVE-2025-0050, CVE-2025-21764, CVE-2025-26463, CVE-2025-22442, CVE-2025-26438, CVE-2025-26455, CVE-2025-22431, CVE-2025-26448, CVE-2025-0427, CVE-2025-21762, CVE-2025-21999, CVE-2025-26445