Sign-up

VARIoT news about IoT security

CVE-2025-26312 : CAPTCHA Bypass Vulnerability in SendQuick Entera Devices | SecurityVulnerability.io

Trust: 3.25

Fetched: March 16, 2025, 9:33 a.m., Published: March 14, 2025, 6:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-26312

Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware

Related entries in the VARIoT vulnerabilities database: VAR-202407-2448

Trust: 4.75

Fetched: March 16, 2025, 9:33 a.m., Published: March 14, 2025, 12:35 p.m.
 Vulnerabilities: default credentials, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-7214, CVE-2025-1316

Tenda AC7 Routers Vulnerability Let Attackers Gain Root Shell With Malicious Payload

Trust: 4.25

Fetched: March 16, 2025, 9:33 a.m., Published: March 13, 2025, 10:24 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: tenda model: router

Apache Tomcat Vulnerability Exposes Servers to RCE Attacks

Trust: 4.0

Fetched: March 16, 2025, 9:32 a.m., Published: March 11, 2025, 9:18 a.m.
 Vulnerabilities: privilege escalation, path traversal, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2024-56337, CVE-2024-50379, CVE-2025-24813

Apache Pinot Vulnerability Let Attackers Bypass Authentication

Trust: 5.5

Fetched: March 16, 2025, 9:32 a.m., Published: March 12, 2025, 12:24 a.m.
 Vulnerabilities: privilege escalation, script execution, authentication bypass...
Affected productsExternal IDs
vendor: trend model: security
vendor: trend micro model: security
db: NVD ids: CVE-2024-56325, CVE-2024-48721, CVE-2024-35253

Microsoft March 2025 Patch Tuesday: Fixes for 57 Vulnerabilities

Trust: 3.0

Fetched: March 16, 2025, 9:31 a.m., Published: March 12, 2025, 9:31 a.m.
 Vulnerabilities: security feature bypass, information disclosure, feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2025-24055, CVE-2025-24988, CVE-2025-21180, CVE-2025-24076, CVE-2025-26645, CVE-2025-24081, CVE-2025-25008, CVE-2025-24072, CVE-2025-24048, CVE-2025-24991, CVE-2025-26633, CVE-2025-24044, CVE-2025-24064, CVE-2025-24054, CVE-2025-24993, CVE-2025-24984, CVE-2025-24045, CVE-2025-24992, CVE-2025-26631, CVE-2025-24057, CVE-2025-24056, CVE-2025-25003, CVE-2025-24995, CVE-2025-24043, CVE-2025-24986, CVE-2025-24035, CVE-2025-24078, CVE-2025-24049, CVE-2025-24080, CVE-2025-24050, CVE-2025-24996, CVE-2025-24075, CVE-2025-24997, CVE-2025-24983, CVE-2025-24077, CVE-2025-24079, CVE-2025-24067, CVE-2025-24082, CVE-2025-24046, CVE-2025-24994, CVE-2025-24059, CVE-2025-24985, CVE-2025-26627, CVE-2025-26630, CVE-2025-24998, CVE-2025-21199, CVE-2025-24070, CVE-2025-21247, CVE-2025-24083, CVE-2025-24051, CVE-2025-24084, CVE-2025-24987, CVE-2025-24066, CVE-2025-24061, CVE-2025-26629, CVE-2024-9157, CVE-2025-24071

Google Patches Two Actively Exploited Zero-Day Flaws in Android

Trust: 5.0

Fetched: March 16, 2025, 9:19 a.m., Published: March 4, 2025, 9:34 a.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2024-43093, CVE-2024-50302

Dell Hybrid Client - pakiet dodatkowy z poprawkami dotyczącymi luki w zabezpieczeniach narzędzia polkit | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: March 16, 2025, 9:17 a.m., Published: March 1, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: latitude

CVE-2021-3438: 16 Years In Hiding - Millions of Printers Worldwide Vulnerable - SentinelLabs

Trust: 3.5

Fetched: March 16, 2025, 9:15 a.m., Published: Aug. 10, 2024, 3:28 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: printers
vendor: samsung model: printer
vendor: samsung model: note
vendor: samsung model: samsung
db: NVD ids: CVE-2021-3438

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Trust: 3.0

Fetched: March 16, 2025, 9:07 a.m., Published: March 11, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

03/05/25: Critical, 0-Day, and Other Vulnerabilities in Android Devices | UCSF IT

Trust: 5.25

Fetched: March 16, 2025, 9:07 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

BrakTooth Proof of Concept Tool Demonstrates Bluetooth Vulnerabilities | CISA

Trust: 3.25

Fetched: March 16, 2025, 9:06 a.m., Published: Aug. 16, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Critical Vulnerabilities in DrayTek Routers Exposes Devices to RCE Attack

Trust: 4.75

Fetched: March 16, 2025, 9:06 a.m., Published: March 7, 2025, 12:26 p.m.
 Vulnerabilities: memory corruption, buffer overflow, integer overflow...
Affected productsExternal IDs
vendor: draytek model: draytek routers
vendor: draytek model: vigor
vendor: draytek model: routers
db: NVD ids: CVE-2024-41336, CVE-2024-41338, CVE-2024-41334, CVE-2024-51139, CVE-2024-51138, CVE-2024-41340, CVE-2024-41335, CVE-2024-41339

LG Smart TV Vulnerabilities: 91K Devices At Root Access Risk

Trust: 3.75

Fetched: March 16, 2025, 9:05 a.m., Published: April 23, 2024, 7 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-6318, CVE-2023-6319, CVE-2023-6320, CVE-2023-6317

2025 March KB5053606 Windows 10 Patch And 7 Zero-Day Vulnerabilities And 57 Flaws HTMD Blog

Trust: 4.75

Fetched: March 16, 2025, 9:04 a.m., Published: March 11, 2025, 6:23 p.m.
 Vulnerabilities: security feature bypass, information disclosure, feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2025-24993, CVE-2025-24984, CVE-2025-26630, CVE-2025-24983, CVE-2025-24985, CVE-2025-24991, CVE-2025-26633

SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware

Trust: 4.75

Fetched: March 16, 2025, 9:03 a.m., Published: March 14, 2025, 5:36 a.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: palo alto networks model: palo alto networks globalprotect
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: palo alto networks model: networks globalprotect
vendor: palo model: palo alto networks globalprotect
vendor: palo model: networks
vendor: palo model: firewall
vendor: palo model: networks globalprotect
vendor: trend model: security
vendor: fortigate model: fortios
vendor: cisco model: series
db: NVD ids: CVE-2025-24472, CVE-2024-55591

Cisco IOS XR Software for ASR 9000 Series Routers IPv4 Unicast Packets Denial of Service Vulnerability

Trust: 4.75

Fetched: March 14, 2025, 9:19 a.m., Published: March 12, 2025, 3:54 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: ios xr software
vendor: cisco model: series routers
vendor: cisco model: routers
vendor: cisco model: cisco ios
vendor: cisco model: ios xr
vendor: cisco model: series
vendor: cisco model: cisco ios xr

Cisco IOS XR Software CLI Privilege Escalation Vulnerability

Trust: 3.75

Fetched: March 14, 2025, 9:19 a.m., Published: March 12, 2025, 3:54 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: cisco model: cisco ios
vendor: cisco model: ios xr software
vendor: cisco model: ios xr
vendor: cisco model: cisco ios xr

Cisco Nexus 3000 and 9000 Series Switches Command Injection Vulnerability

Trust: 5.0

Fetched: March 14, 2025, 9:18 a.m., Published: Feb. 26, 2025, 3:52 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: nx-os software
vendor: cisco model: nexus 9000 series
vendor: cisco model: nexus 9000
vendor: cisco model: series
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus 3000
vendor: cisco model: nexus 7000
vendor: cisco model: nx-os
vendor: cisco model: nexus

Cisco IOS XE Security Alert: Zero-Days Vulnerability Patched

Trust: 3.75

Fetched: March 14, 2025, 9:18 a.m., Published: Oct. 31, 2023, 7 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco ios xe
vendor: cisco model: cisco ios
vendor: cisco model: ios xe software
vendor: cisco model: ios xe
db: NVD ids: CVE-2023-20198, CVE-2023-20273