Sign-up

VARIoT news about IoT security

CVE-2023-36844 And Friends: RCE In Juniper Devices

Trust: 4.25

Fetched: Sept. 10, 2023, 10:08 a.m., Published: Aug. 25, 2023, 9:34 a.m.
 Vulnerabilities: command execution, injection attack, authentication error...
Affected productsExternal IDs
vendor: sonicwall model: switch
vendor: goahead model: webserver
db: NVD ids: CVE-2023-36844, CVE-2023-36846, CVE-2023-36845

About the security content of iOS 16.5 and iPadOS 16.5 - Apple Support

Trust: 4.25

Fetched: Sept. 10, 2023, 10:07 a.m., Published: Sept. 16, 2023, midnight
 Vulnerabilities: authorization issue, buffer overflow, code execution
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
vendor: apple model: webkit
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: ipad
db: NVD ids: CVE-2023-32409, CVE-2023-32402, CVE-2023-32390, CVE-2023-28204, CVE-2023-32423, CVE-2023-32372, CVE-2023-32389, CVE-2023-32352, CVE-2023-32384, CVE-2023-32368, CVE-2023-32399, CVE-2023-32391, CVE-2023-32422, CVE-2023-32385, CVE-2023-34352, CVE-2023-32388, CVE-2023-32392, CVE-2023-32373, CVE-2023-32420, CVE-2023-32425, CVE-2023-27930, CVE-2023-32408, CVE-2023-32407, CVE-2023-32415, CVE-2023-32371, CVE-2023-32413, CVE-2023-32357, CVE-2023-32367, CVE-2023-32404, CVE-2023-32403, CVE-2023-32354, CVE-2023-32432, CVE-2023-32437, CVE-2023-32365, CVE-2023-32394, CVE-2023-32398, CVE-2023-32428, CVE-2023-32400, CVE-2023-32376, CVE-2023-28191, CVE-2023-32411, CVE-2023-28202, CVE-2023-32419, CVE-2023-32412

Top Cyber Security Interview Questions and Answers (2023) - InterviewBit

Trust: 4.0

Fetched: Sept. 10, 2023, 10:06 a.m., Published: Sept. 4, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs

Web Application Security: Common Threats and Best Practices

Trust: 4.5

Fetched: Sept. 10, 2023, 10:05 a.m., Published: March 24, 2022, 10:47 a.m.
 Vulnerabilities: request forgery, injection attack, cross-site scripting...
Affected productsExternal IDs
vendor: node.js model: node.js

Weekly Vulnerability Recap - Sept 4, 2023 - Network Devices Hit

Related entries in the VARIoT vulnerabilities database: VAR-202303-1844, VAR-202303-1848

Trust: 5.25

Fetched: Sept. 10, 2023, 9:59 a.m., Published: Sept. 5, 2023, 11:59 p.m.
 Vulnerabilities: path traversal, code execution, authentication bypass
Affected productsExternal IDs
vendor: minio model: minio
vendor: cisco model: netscaler gateway
vendor: cisco model: routers
vendor: citrix model: gateway
vendor: citrix model: netscaler adc
vendor: citrix model: netscaler
vendor: citrix model: netscaler gateway
db: NVD ids: CVE-2023-34039, CVE-2023-36847, CVE-2023-3519, CVE-2023-36844, CVE-2023-32315, CVE-2023-28432, CVE-2023-36846, CVE-2023-36845, CVE-2023-33246, CVE-2023-20890, CVE-2023-28434

Threats to and Attacks on Routers - SCND - Cisco Certified Expert

Trust: 3.5

Fetched: Sept. 10, 2023, 9:59 a.m., Published: Sept. 4, 2023, 12:02 a.m.
 Vulnerabilities: session hijacking, password guessing, denial of service
Affected productsExternal IDs
vendor: cisco model: router
vendor: cisco model: routers

Securing Your Home Network: Essential Steps For A Safe Connected Environment

Trust: 5.5

Fetched: Sept. 10, 2023, 9:58 a.m., Published: Aug. 14, 2023, midnight
 Vulnerabilities: default password
Affected productsExternal IDs
vendor: netgear model: router

Cisco Secure Firewall Threat Defense Compatibility Guide - Cisco

Trust: 3.0

Fetched: Sept. 10, 2023, 9:56 a.m., Published: Sept. 7, 2023, 5:03 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: asa5545-x
vendor: cisco model: asa5516-x
vendor: cisco model: device manager
vendor: cisco model: asa5555-x
vendor: cisco model: asa5508-x
vendor: cisco model: asa5512-x
vendor: cisco model: firepower
vendor: cisco model: series
vendor: cisco model: asa5525-x
vendor: cisco model: asa5515-x

21 Top Cyber Attacks You Should Know in 2023

Trust: 4.5

Fetched: Sept. 10, 2023, 9:54 a.m., Published: Sept. 10, 2023, midnight
 Vulnerabilities: injection attack, brute force attack, denial of service...
Affected productsExternal IDs
vendor: avast model: antivirus

About the security content of iOS 16.3 and iPadOS 16.3 - Apple Support

Related entries in the VARIoT vulnerabilities database: VAR-202302-2240, VAR-202301-1717, VAR-202301-1718, VAR-202301-1708, VAR-202301-1710, VAR-202301-1704, VAR-202302-2045, VAR-202301-1715, VAR-202302-2044, VAR-202301-1703, VAR-202301-1713, VAR-202301-1706, VAR-202301-1707, VAR-202301-1711, VAR-202301-1721, VAR-202301-1722

Trust: 4.25

Fetched: Sept. 10, 2023, 9:52 a.m., Published: Sept. 16, 2023, midnight
 Vulnerabilities: information disclosure, code execution, memory corruption
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
vendor: apple model: ipad air
vendor: apple model: safari
vendor: apple model: ipad
vendor: apple model: webkit
vendor: apple model: iphone
db: NVD ids: CVE-2023-23531, CVE-2023-41990, CVE-2023-23503, CVE-2023-23518, CVE-2023-23512, CVE-2023-23504, CVE-2023-23496, CVE-2023-23530, CVE-2023-28208, CVE-2023-23519, CVE-2022-0108, CVE-2023-32438, CVE-2023-32393, CVE-2023-23520, CVE-2023-23517, CVE-2023-23505, CVE-2023-23500, CVE-2023-23498, CVE-2023-23511, CVE-2023-23502, CVE-2023-23499

Apple patches actively exploited vulnerabilities against Pegasus spyware - Techzine Europe

Trust: 5.0

Fetched: Sept. 10, 2023, 9:52 a.m., Published: Sept. 16, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: watch
vendor: apple model: macos
vendor: apple model: watchos
vendor: apple model: ipad
vendor: apple model: iphone
db: NVD ids: CVE-2023-41064, CVE-2023-41061

Update your iPhone: Apple just pushed out a significant security update - The Washington Post

Trust: 3.0

Fetched: Sept. 10, 2023, 9:51 a.m., Published: Sept. 8, 2023, 2:08 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone

Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269) - Help Net Security

Trust: 6.0

Fetched: Sept. 10, 2023, 9:50 a.m., Published: Sept. 8, 2023, 11 a.m.
 Vulnerabilities: brute force attack
Affected productsExternal IDs
vendor: cisco model: asa software
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: firepower threat defense
vendor: cisco model: cisco adaptive security appliance
vendor: cisco model: clientless ssl vpn
db: NVD ids: CVE-2023-20269

Ingram - Webcam Vulnerability Scanning Tool - System32

Trust: 3.0

Fetched: Sept. 10, 2023, 9:50 a.m., Published: Aug. 12, 2023, 9:44 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dahua model: camera

2237817 - (CVE-2023-39511) CVE-2023-39511 Cacti: Cross-Site Scripting vulnerability with Device Name when editing Graphs whilst managing Reports

Trust: 4.5

Fetched: Sept. 10, 2023, 9:48 a.m., Published: Sept. 7, 2023, 5:04 a.m.
 Vulnerabilities: cross-site scripting
Affected productsExternal IDs
db: NVD ids: CVE-2023-39511

Update Your Apple Devices ASAP

Trust: 5.0

Fetched: Sept. 10, 2023, 9:46 a.m., Published: Sept. 7, 2023, 9 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: ipad air
vendor: apple model: watch
vendor: apple model: watchos
vendor: apple model: ipad

The Hidden Dangers of Service Principal Names (SPNs)

Trust: 3.75

Fetched: Sept. 10, 2023, 9:43 a.m., Published: Aug. 28, 2023, 7:36 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Apple device ban at work not solving vulnerability problem - expert - Business & Economy - TASS

Trust: 3.0

Fetched: Sept. 10, 2023, 9:42 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

Can iPhones Be Hacked? Yes! How to Protect Yourself in 2023

Trust: 3.5

Fetched: Sept. 10, 2023, 9:41 a.m., Published: Sept. 10, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: avira model: antivirus
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: icloud
vendor: apple model: safari

CVE-2023-39982 - vulnerability database | Vulners.com

Trust: 3.0

Fetched: Sept. 10, 2023, 9:38 a.m., Published: Sept. 2, 2023, 1:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2023-39982