Sign-up

VARIoT news about IoT security

AppArmor vulnerability fixes available | Ubuntu

Trust: 4.75

Fetched: March 18, 2026, 10:18 a.m., Published: March 12, 2026, midnight
 Vulnerabilities: privilege escalation, denial of service, information leak
Affected productsExternal IDs
vendor: canonical model: ubuntu

GitHub - automate-it0/qualcomm-vulnerability-scanner: A tool to scan Android devices for the recently exploited Qualcomm flaw CVE-2026-21385, providing a simple and efficient way to identify vulnerable devices and apply necessary patches. · GitHub

Trust: 3.0

Fetched: March 18, 2026, 10:18 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-21385

Fixing Log4j 2.25 Vulnerabilities: A 2025 Retrospective Guide | Markaicode

Trust: 3.75

Fetched: March 18, 2026, 10:17 a.m., Published: March 18, 2025, midnight
 Vulnerabilities: code execution, denial of service, information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2025-21385, CVE-2025-21384, CVE-2025-21386

CVE-2026-4187 Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication

Trust: 3.5

Fetched: March 18, 2026, 10:17 a.m., Published: July 17, 2000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-4187

Hackers Exploit Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT

Trust: 4.5

Fetched: March 18, 2026, 10:16 a.m., Published: Feb. 20, 2026, 6:56 a.m.
 Vulnerabilities: service disruption, command execution, parameter injection...
Affected productsExternal IDs
vendor: palo model: networks
vendor: palo alto networks model: networks
db: NVD ids: CVE-2024-12356, CVE-2026-1731

If You Have One of These Older Apple Devices, Update It ASAP | Lifehacker

Trust: 5.75

Fetched: March 18, 2026, 10:09 a.m., Published: March 12, 2026, 10:30 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: iphone
db: NVD ids: CVE-2023-43000, CVE-2023-41974, CVE-2024-23222, CVE-2023-43010

Microsoft Releases Emergency Windows 11 Hotpatch to Fix Remote Code Execution Flaw - gHacks Tech News

Trust: 4.25

Fetched: March 18, 2026, 10:04 a.m., Published: March 15, 2026, 9:39 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2026-25172, CVE-2026-25173, CVE-2026-26111

Android's March 2026 security patch fixes over 100 flaws, one under targeted exploitation - Help Net Security

Trust: 5.75

Fetched: March 18, 2026, 10:03 a.m., Published: March 3, 2026, 9:38 a.m.
 Vulnerabilities: code execution, privilege escalation, information disclosure
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2026-0030, CVE-2026-0031, CVE-2026-0037, CVE-2025-48631, CVE-2026-0028, CVE-2026-0038, CVE-2026-0047, CVE-2024-43859, CVE-2026-21385, CVE-2026-0006, CVE-2026-0027

CVE-2026-4197 - D-Link Multiple NAS Devices Command…

Related entries in the VARIoT vulnerabilities database: VAR-202603-1781

Trust: 4.25

Fetched: March 18, 2026, 9:55 a.m., Published: March 6, 2026, midnight
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2026-4197

Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit

Trust: 5.25

Fetched: March 18, 2026, 9:50 a.m., Published: March 12, 2026, 9:58 a.m.
 Vulnerabilities: code execution, memory corruption
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: ipod touch
vendor: apple model: iphone
db: NVD ids: CVE-2023-41974, CVE-2023-38606, CVE-2024-23222, CVE-2023-43000, CVE-2023-32434, CVE-2023-43010

Is Your Android Device Secure? New Vulnerability Allows Hac

Trust: 3.25

Fetched: March 18, 2026, 9:42 a.m., Published: March 18, 2013, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

CVE-2026-22317 Phoenix Contact FL SWITCH 2005, FL SWITCH 2... CVETodo

Trust: 5.75

Fetched: March 18, 2026, 9:41 a.m., Published: March 18, 2005, midnight
 Vulnerabilities: denial of service, privilege escalation, command execution...
Affected productsExternal IDs
vendor: phoenix model: contact fl switch
db: NVD ids: CVE-2026-22317

Is your Android device secure? A new vulnerability allows hackers to steal your phone's data in just 1 minute, raising concerns among users | NewsCrab

Trust: 4.0

Fetched: March 18, 2026, 9:40 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Security Advisory - Vulnerability found in Dahua NVR/XVR device - Zhejiang Dahua Technology Co., Ltd.

Trust: 3.0

Fetched: March 18, 2026, 9:36 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-31703

Ledger's Warning: Critical Firmware Flaw Threatens Mobile Crypto Security | Cryptodamus

Trust: 3.5

Fetched: March 18, 2026, 9:35 a.m., Published: March 11, 2026, 2:39 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs
vendor: google model: android
vendor: trend model: security
vendor: essential model: phone

Dangerous Security Flaw Affects Millions of Android Smartphones - Yahoo News UK

Trust: 3.0

Fetched: March 18, 2026, 9:24 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2026-20435

Product and Support News | WatchGuard Technologies

Trust: 3.0

Fetched: March 17, 2026, 10:14 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: watchguard model: firebox
vendor: watchguard model: fireware

‎m17 R2, BIOS installer blocked, vulnerable driver amifldrv64.sys | DELL Technologies

Trust: 3.25

Fetched: March 17, 2026, 10:13 a.m., Published: March 1, 2026, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Industrial Control System Vulnerabilities Hit Record Highs - Infosecurity Magazine

Trust: 3.0

Fetched: March 17, 2026, 10:04 a.m., Published: Feb. 19, 2026, 1 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: rapid model: scada

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)

Trust: 5.25

Fetched: March 17, 2026, 9:48 a.m., Published: Feb. 18, 2026, midnight
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
vendor: canary model: canary
vendor: grandstream model: gxp1610
vendor: grandstream model: gxp1628
vendor: grandstream model: gxp1615
vendor: grandstream model: gxp1625
vendor: grandstream model: gxp1630
vendor: grandstream model: gxp1620
vendor: grandstream model: gxp1600
db: NVD ids: CVE-2026-2329