Sign-up

VARIoT news about IoT security

Netgear Nighthawk R6700 Multiple Vulnerabilities - Research Advisory | TenableĀ®

Related entries in the VARIoT vulnerabilities database: VAR-202112-2039, VAR-202112-2043, VAR-202112-2038, VAR-202112-2044, VAR-202112-2042, VAR-202112-2041

Trust: 4.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Dec. 30, 2021, 4:37 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: netgear model: router
vendor: netgear model: r6700v3
vendor: netgear model: r6700
vendor: jquery model: jquery
db: NVD ids: CVE-2021-45077, CVE-2021-20174, CVE-2021-45732, CVE-2021-20173, CVE-2021-20175, CVE-2021-23147

Microsoft warns of macOS privacy bug, urges users to update - MSPoweruser

Related entries in the VARIoT vulnerabilities database: VAR-202108-1285

Trust: 4.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 11, 2022, 8:43 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
db: NVD ids: CVE-2021-30970

Apple releases 15.2.1 update for iOS and iPadOS to fix bugs - CNET

Trust: 5.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Feb. 15, 2001, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: apple model: icloud
vendor: apple model: iphone
vendor: apple model: ipad

Log4J Detector Tool - Praetorian

Trust: 3.75

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 7, 2022, 6:56 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: ansible model: ansible

Malsmoke targets nine-year-old Windows vulnerability - Tech Monitor

Related entries in the VARIoT vulnerabilities database: VAR-202109-1909

Trust: 4.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 6, 2022, 5:50 p.m.
 Vulnerabilities: signature validation vulnerability
Affected productsExternal IDs
vendor: palo model: palo alto networks
vendor: palo model: networks
vendor: palo alto networks model: palo alto networks
vendor: palo alto networks model: networks
vendor: check point model: check point
db: NVD ids: CVE-2021-40444

SonicWall SMA 100 appliances beset by multiple vulnerabilities

Related entries in the VARIoT vulnerabilities database: VAR-202112-0389, VAR-202112-0361, VAR-202112-0732, VAR-202112-0730, VAR-202112-0731

Trust: 5.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: command injection, code execution, path traversal...
Affected productsExternal IDs
vendor: sonicwall model: secure mobile access
vendor: sonicwall model: sma 100
db: NVD ids: CVE-2021-20039, CVE-2021-20038, CVE-2021-20040, CVE-2021-20042, CVE-2021-20041

Log4J2 CVE-2021-44228 Vulnerability - UPDATED 12/21/2021 - Knowledge Center

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566

Trust: 4.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228

Microsoft Advises to Patch AD Privilege Escalation Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-202111-0660

Trust: 4.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Dec. 21, 2021, 9:52 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2021-42287, CVE-2021-42278

KCodes NetUSB Vulnerability Exposes Routers to Remote Code Execution Attacks | Cyware Alerts - Hacker News

Trust: 4.25

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 11, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: kcodes model: netusb

Top Healthcare Cybersecurity Threats of 2021 - Medigate Blog

Trust: 3.75

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Dec. 21, 2021, 1:35 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Zyxel security advisory for OS command injection vulnerabilities of GS1900, XGS1210, and XGS1250 series switches | Zyxel

Related entries in the VARIoT vulnerabilities database: VAR-202112-2079, VAR-202112-2078

Trust: 4.75

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 5, 2022, 10:21 a.m.
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2021-35031, CVE-2021-35032

Log4j attacks: All you need to know about new-found software flaw | Special-reports - Gulf News

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: macos
vendor: checkpoint model: check point
vendor: cisco model: technical support
vendor: check point model: check point
db: NVD ids: CVE-2021-44228

How SASE protects from Log4j - Check Point Software

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Dec. 23, 2021, 11 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2021-44228

TLP-WHITE: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities | AHA

Related entries in the VARIoT vulnerabilities database: VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: March 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Micron Statement on Potential Industry Vulnerability in Optional ATA Interface Command

Trust: 3.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 1, 2022, midnight
 Vulnerabilities: authorization issue
Affected productsExternal IDs

Top Five Vulnerabilities Attackers Use Against Browsers | IT Business Edge

Trust: 3.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 12, 2022, 7:06 p.m.
 Vulnerabilities: sql injection, brute force attack, cross-site scripting...
Affected productsExternal IDs
vendor: serve model: serve

Log4j vulnerability explained and how to respond - OpenText Blogs

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562, VAR-202112-2011, VAR-202112-1782

Trust: 4.0

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Dec. 22, 2021, 9:38 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-45046, CVE-2021-44832, CVE-2021-4104, CVE-2021-45105

Researcher discloses alleged zero-day vulnerabilities in NUUO NVRmini2 recording device - Hard News Hard Hitting News Source Global Political News

Trust: 5.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: command injection, path traversal, code execution
Affected productsExternal IDs
vendor: nuuo model: network video recorder
vendor: nuuo model: nvrmini2
db: NVD ids: CVE-2011-5325

Vulnerability CVE-2022-23178

Trust: 3.25

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-23178

Top 50 Interview Questions & Answers | Penetration Testing [Updated 2022] - All About Testing

Trust: 4.5

Fetched: Jan. 18, 2022, 11:14 a.m., Published: Oct. 30, 2017, 3:36 p.m.
 Vulnerabilities: cross-site scripting, directory traversal, denial of service...
Affected productsExternal IDs
vendor: wireshark model: wireshark