Sign-up

VARIoT news about IoT security

DSA-2022-143: Dell Wyse Management Suite Security Update for Multiple Vulnerabilities. | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202206-1979, VAR-202206-2069

Trust: 5.5

Fetched: Aug. 20, 2023, 9:16 a.m., Published: March 6, 2001, midnight
 Vulnerabilities: path traversal, information disclosure, request forgery...
Affected productsExternal IDs
vendor: jquery model: jquery
db: NVD ids: CVE-2022-29097, CVE-2022-29096, CVE-2021-41184

Apple MDM Solutions: MDM for Mac, iPhone, iPad | Kandji

Trust: 3.0

Fetched: Aug. 20, 2023, 9:16 a.m., Published: Aug. 20, 2023, 2 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad

Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerability

Trust: 3.25

Fetched: Aug. 20, 2023, 9:16 a.m., Published: Aug. 3, 2023, 2:03 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: email security appliance

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

Trust: 3.25

Fetched: Aug. 20, 2023, 9:15 a.m., Published: Aug. 17, 2023, 9:54 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability

Trust: 3.0

Fetched: Aug. 20, 2023, 9:15 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: cisco umbrella virtual appliance
vendor: cisco model: umbrella virtual appliance
vendor: cisco model: umbrella

Vulnerability in QVPN Device Client for Windows - Security Advisory | QNAP

Trust: 3.25

Fetched: Aug. 20, 2023, 9:14 a.m., Published: May 6, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27595

Lenovo UDC Vulnerability - Lenovo Support US

Trust: 5.75

Fetched: Aug. 20, 2023, 9:14 a.m., Published: -
 Vulnerabilities: search path vulnerability, privilege escalation, uncontrolled search path
Affected productsExternal IDs
vendor: lenovo model: updates
vendor: lenovo model: system
db: NVD ids: CVE-2023-3078

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

Trust: 4.25

Fetched: Aug. 18, 2023, 9:13 a.m., Published: Aug. 17, 2023, 10 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs

ClamAV HFS+ File Scanning Infinite Loop Denial of Service Vulnerability

Trust: 4.75

Fetched: Aug. 18, 2023, 9:13 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability

Trust: 5.0

Fetched: Aug. 18, 2023, 9:12 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: cisco model: cisco identity services engine
vendor: cisco model: identity services engine

ClamAV AutoIt Module Denial of Service Vulnerability

Trust: 4.75

Fetched: Aug. 18, 2023, 9:12 a.m., Published: Aug. 16, 2023, 3:59 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

ClamAV AutoIt Module Denial of Service Vulnerability - Cisco

Trust: 4.75

Fetched: Aug. 18, 2023, 9:11 a.m., Published: Aug. 16, 2023, 11:10 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: clamav
vendor: clamav model: clamav

DSA-2023-270: Dell Wyse Device Agent Security Update for a Zlib Vulnerability | Dell Polska

Related entries in the VARIoT vulnerabilities database: VAR-202203-1690

Trust: 3.25

Fetched: Aug. 16, 2023, 9:12 a.m., Published: June 14, 2007, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2018-25032

A Comprehensive Guide to Medical Device Vulnerability Management

Trust: 3.0

Fetched: Aug. 16, 2023, 9:12 a.m., Published: Aug. 4, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs

Ford says it’s safe to drive the cars with a WiFi vulnerability

Trust: 3.75

Fetched: Aug. 16, 2023, 9:12 a.m., Published: Aug. 15, 2023, 8:52 a.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2023-29468

Cybersecurity Analysis of Wearable Devices: Smartwatches Passive Attack - PMC

Trust: 4.25

Fetched: Aug. 15, 2023, 9:24 a.m., Published: June 15, 2023, midnight
 Vulnerabilities: default credentials, denial of service
Affected productsExternal IDs
vendor: samsung model: galaxy
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: note
vendor: essential model: phone
vendor: apple model: watch
vendor: huawei model: huawei

Researchers uncover data center risks from CyberPower, Dataprobe products | SC Media

Trust: 4.25

Fetched: Aug. 15, 2023, 9:23 a.m., Published: Aug. 14, 2023, 7:47 p.m.
 Vulnerabilities: code injection
Affected productsExternal IDs

Mass Exploitation of MOVEit Transfer Critical Vulnerability - Forescout

Trust: 4.75

Fetched: Aug. 15, 2023, 9:23 a.m., Published: June 13, 2023, 5 p.m.
 Vulnerabilities: sql injection, privilege escalation
Affected productsExternal IDs
db: NVD ids: CVE-2023-34362

CVE-2023-34034 Spring WebFlux Security Bypass Write-up & PoC

Trust: 3.75

Fetched: Aug. 15, 2023, 9:20 a.m., Published: Aug. 8, 2023, 2:58 p.m.
 Vulnerabilities: authentication bypass, security bypass, access control vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2023-34034

Major vulnerabilities discovered in data center solutions - Help Net Security

Trust: 4.0

Fetched: Aug. 15, 2023, 9:19 a.m., Published: Aug. 14, 2023, 10:02 a.m.
 Vulnerabilities: authentication bypass, code injection, os command injection...
Affected productsExternal IDs
db: NVD ids: CVE-2023-3262, CVE-2023-3260, CVE-2023-3259, CVE-2023-3267, CVE-2023-3264, CVE-2023-3266, CVE-2023-3263, CVE-2023-3261, CVE-2023-3265