Sign-up

VARIoT news about IoT security

CVE-2025-5095 : Password Change Vulnerability in Burk Technology ARC Solo Device

Trust: 3.0

Fetched: Aug. 12, 2025, 10:07 a.m., Published: Aug. 8, 2025, 5:24 p.m.
 Vulnerabilities: authentication bypass
Affected productsExternal IDs
db: NVD ids: CVE-2025-5095

Test and Pentesting Methods for Identifying Vulnerabilities in IoT Devices: A Systematic Review | SpringerLink

Trust: 3.5

Fetched: Aug. 12, 2025, 10:06 a.m., Published: Aug. 12, 2025, midnight
 Vulnerabilities: -

4G vs 5G Phone Security: Network, Privacy & Vulnerabilities

Trust: 3.5

Fetched: Aug. 12, 2025, 10 a.m., Published: Aug. 12, 2025, 7:37 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs

Critical Android System Component Vulnerability Let Attackers Execute Remote Code without User Interaction

Trust: 6.0

Fetched: Aug. 12, 2025, 9:54 a.m., Published: Aug. 5, 2025, 7:48 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2025-48530

Critical Android System Component Vulnerability Allows Remote Code

Trust: 5.5

Fetched: Aug. 12, 2025, 9:53 a.m., Published: Aug. 11, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: check point model: check point
vendor: google model: android
db: NVD ids: CVE-2025-48530

CVE-2025-30027 - Input Validation - SecAlerts

Trust: 5.75

Fetched: Aug. 12, 2025, 9:53 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: axis model: axis
db: NVD ids: CVE-2025-30027

Secure Updates Protecting Your Devices Against Vulnerabilities | RedOracle

Trust: 3.75

Fetched: Aug. 12, 2025, 9:52 a.m., Published: Aug. 2, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: safari
vendor: apple model: macos
vendor: google model: chrome
db: NVD ids: CVE-2025-6558, CVE-2025-4664

CVE-2025-6693: Critical Memory Corruption Vulnerability in RT-Thread - Cybersecurity Exploit Tracker by Ameeba

Trust: 5.25

Fetched: Aug. 12, 2025, 9:50 a.m., Published: Nov. 30, 0001, midnight
 Vulnerabilities: memory corruption
Affected productsExternal IDs
db: NVD ids: CVE-2025-6693

Active Exploitation of Microsoft SharePoint Vulnerabilities

Trust: 4.25

Fetched: Aug. 12, 2025, 9:48 a.m., Published: July 31, 2025, 3:30 p.m.
 Vulnerabilities: code execution, bypass certificate, command execution...
Affected productsExternal IDs
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo model: networks
vendor: palo model: firewall
db: NVD ids: CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771

Ubiquiti UniFi Devices Vulnerability Allows Attackers To Inject Malicious Commands - Cybernoz - Cybersecurity News

Trust: 4.75

Fetched: Aug. 12, 2025, 9:42 a.m., Published: July 18, 2025, 1:20 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: ubiquiti model: unifi
db: NVD ids: CVE-2025-27212

Android Security Bulletin-August 2025 | Android Open Source Project

Trust: 5.25

Fetched: Aug. 12, 2025, 9:42 a.m., Published: Aug. 12, 2025, midnight
 Vulnerabilities: denial of service, information disclosure, code execution
Affected productsExternal IDs
vendor: samsung model: notes
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: google model: pixel
vendor: google model: android
vendor: motorola model: android
vendor: motorola model: motorola
vendor: huawei model: huawei
db: NVD ids: CVE-2025-22441, CVE-2025-48533, CVE-2025-0932, CVE-2025-21479, CVE-2025-48530, CVE-2025-27038

SSL/TLS authentication setup for webmail client / Roundcubemail 1.6.2

Trust: 3.0

Fetched: Aug. 12, 2025, 9:36 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dovecot model: dovecot

MyTF1 "Un problème technique est survenu"

Trust: 3.0

Fetched: Aug. 12, 2025, 9:12 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

Impossible de regarder My TF1 replay [Résolu]

Trust: 3.0

Fetched: Aug. 12, 2025, 9:11 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome

CVE-2025-8635 - (0Day) Kenwood DMX958XR Firmware Update Command Injection Vulnerability - SecAlerts

Trust: 3.25

Fetched: Aug. 10, 2025, 10:49 a.m., Published: -
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2025-8635

Critical RCE Vulnerability Discovered in SonicWall SMA 100 Series Devices - Critical Path Security

Related entries in the VARIoT vulnerabilities database: VAR-202505-1415

Trust: 4.75

Fetched: Aug. 10, 2025, 10:49 a.m., Published: July 24, 2025, 1:05 p.m.
 Vulnerabilities: code execution, cross-site scripting
Affected productsExternal IDs
vendor: sonicwall model: sma 100
db: NVD ids: CVE-2025-32819, CVE-2025-40599

7 Top Vulnerable Websites For Mastering Web Security [2025]

Related entries in the VARIoT vulnerabilities database: VAR-201703-0755

Trust: 5.25

Fetched: Aug. 10, 2025, 10:46 a.m., Published: July 24, 2025, 12:40 a.m.
 Vulnerabilities: privilege escalation, code execution, session hijacking...
Affected productsExternal IDs
vendor: google model: android
vendor: wireshark model: wireshark
vendor: notion model: bridge
db: NVD ids: CVE-2017-5638

Packet Power EMX and EG | CISA

Trust: 3.0

Fetched: Aug. 10, 2025, 10:45 a.m., Published: Aug. 1, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-8284

Top 10 Internet of Things (IoT) Security Best Practices - GeeksforGeeks

Trust: 3.5

Fetched: Aug. 10, 2025, 10:45 a.m., Published: April 30, 2024, 4:13 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: checkpoint model: endpoint security

About the security content of macOS Sequoia 15.6 - Apple Support

Trust: 5.25

Fetched: Aug. 10, 2025, 10:44 a.m., Published: Aug. 15, 2025, midnight
 Vulnerabilities: heap corruption, integer overflow, authorization issue...
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: icloud
vendor: apple model: safari
vendor: trend micro model: security
vendor: trend model: security
db: NVD ids: CVE-2025-43257, CVE-2025-43246, CVE-2025-43215, CVE-2025-43232, CVE-2025-43202, CVE-2025-43221, CVE-2025-43219, CVE-2025-43216, CVE-2025-31243, CVE-2025-43198, CVE-2025-43218, CVE-2025-7424, CVE-2025-43275, CVE-2025-43189, CVE-2025-43220, CVE-2025-43273, CVE-2025-43267, CVE-2025-43252, CVE-2025-43213, CVE-2025-43270, CVE-2025-43251, CVE-2025-43188, CVE-2025-43241, CVE-2025-43254, CVE-2025-43236, CVE-2025-43227, CVE-2025-43276, CVE-2025-31279, CVE-2025-43260, CVE-2025-31280, CVE-2025-43277, CVE-2025-43224, CVE-2025-43268, CVE-2025-43233, CVE-2025-43239, CVE-2025-43186, CVE-2025-6558, CVE-2025-43250, CVE-2025-43193, CVE-2025-43195, CVE-2025-43199, CVE-2025-43225, CVE-2025-43230, CVE-2025-43256, CVE-2025-43249, CVE-2025-31275, CVE-2025-43234, CVE-2025-43243, CVE-2025-43244, CVE-2025-43191, CVE-2025-43247, CVE-2025-43222, CVE-2025-43187, CVE-2025-43238, CVE-2025-43266, CVE-2025-43253, CVE-2025-43196, CVE-2025-31281, CVE-2025-43255, CVE-2025-43274, CVE-2025-43223, CVE-2025-31278, CVE-2025-43194, CVE-2025-43264, CVE-2025-43185, CVE-2025-43235, CVE-2025-43209, CVE-2025-24188, CVE-2025-43210, CVE-2025-43206, CVE-2025-43214, CVE-2025-31273, CVE-2025-43237, CVE-2025-43245, CVE-2025-43211, CVE-2025-43240, CVE-2025-43248, CVE-2025-7425, CVE-2025-43229, CVE-2025-43259, CVE-2025-43226, CVE-2025-43192, CVE-2025-43212, CVE-2025-43261, CVE-2025-43265, CVE-2025-31277, CVE-2025-43197