Sign-up

VARIoT news about IoT security

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-202004-1861, VAR-202111-1609, VAR-201802-1268, VAR-201606-0245, VAR-202111-1616, VAR-202104-1839, VAR-202111-1610, VAR-202104-1824, VAR-202111-1607, VAR-202208-2220, VAR-202004-1862, VAR-202104-1827, VAR-202205-0542, VAR-201802-1267, VAR-202111-1614, VAR-202111-1613, VAR-202104-1825, VAR-202212-1327, VAR-202111-1612, VAR-202104-1826, VAR-202111-1605, VAR-202102-1448, VAR-201802-1266, VAR-201710-1427, VAR-202111-1606, VAR-202109-0404, VAR-201710-1428, VAR-202210-0537, VAR-202111-1608, VAR-201506-0242, VAR-202111-1611, VAR-201102-0181, VAR-201804-1289, VAR-202111-1615, VAR-201906-0899, VAR-201606-0244, VAR-202104-1829, VAR-202111-1604

Trust: 5.25

Fetched: July 27, 2024, 6:23 p.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: cross-site request forgery, information leak, denial of service...
Affected productsExternal IDs
vendor: canary model: canary
vendor: scada model: bacnet opc client
vendor: scada model: engine bacnet opc client
vendor: kmc controls model: bac-5051e
vendor: scada engine model: bacnet opc client
vendor: scada engine model: engine bacnet opc client
vendor: carel model: pcoweb
vendor: lutron model: quantum bacnet integration
vendor: siemens model: pxc00-e.d
vendor: siemens model: climatix bacnet/ip
vendor: siemens model: simotics connect 400
vendor: siemens model: pxc200-e.d
vendor: siemens model: apogee pxc
vendor: siemens model: pxc128-u
vendor: siemens model: nucleus readystart
vendor: siemens model: vstar
vendor: siemens model: apogee pxc compact
vendor: siemens model: apogee mbc
vendor: siemens model: pxm20-e
vendor: siemens model: pxc001-e.d
vendor: siemens model: pxc00-u
vendor: siemens model: pxc100-e.d
vendor: siemens model: pxc22.1-e.d
vendor: siemens model: pxc64-u
vendor: siemens model: apogee mec
vendor: siemens model: talon tc modular
vendor: siemens model: pxc50-e.d
vendor: siemens model: nucleus source code
vendor: siemens model: talon tc bacnet automation controllers
vendor: siemens model: simotics connect
vendor: siemens model: talon tc
vendor: siemens model: nucleus
vendor: siemens model: pxc36.1-e.d
vendor: siemens model: desigo pxm20
vendor: siemens model: talon tc compact
vendor: siemens model: nucleus net
vendor: siemens model: apogee pxc modular
db: NVD ids: CVE-2020-7574, CVE-2021-31882, CVE-2018-7278, CVE-2016-4495, CVE-2021-31888, CVE-2020-15795, CVE-2015-0980, CVE-2024-4511, CVE-2021-31881, CVE-2020-27738, CVE-2021-31884, CVE-2022-37122, CVE-2020-7575, CVE-2020-27009, CVE-2021-41545, CVE-2018-7277, CVE-2021-31890, CVE-2021-31344, CVE-2020-27737, CVE-2022-45937, CVE-2021-31345, CVE-2020-27736, CVE-2015-0981, CVE-2018-10238, CVE-2021-31886, CVE-2020-28388, CVE-2018-7276, CVE-2015-0979, CVE-2017-9946, CVE-2023-51773, CVE-2021-31885, CVE-2019-12480, CVE-2023-38405, CVE-2021-27391, CVE-2020-7233, CVE-2017-9947, CVE-2022-38371, CVE-2021-31883, CVE-2015-4174, CVE-2024-4292, CVE-2021-31346, CVE-2010-4740, CVE-2018-8880, CVE-2021-31889, CVE-2018-18878, CVE-2024-4791, CVE-2016-4494, CVE-2021-25677, CVE-2021-31887

Secure by Design Alert: Eliminating OS Command Injection Vulnerabilities | CISA

Trust: 3.75

Fetched: July 27, 2024, 6:22 p.m., Published: July 27, 2023, midnight
 Vulnerabilities: command injection, os command injection
Affected productsExternal IDs
db: NVD ids: CVE-2024-21887, CVE-2024-3400, CVE-2024-20399

CVE - Search Results

Related entries in the VARIoT vulnerabilities database: VAR-202101-0325, VAR-202106-0636, VAR-202103-0536, VAR-201306-0111, VAR-202012-0618, VAR-202012-0619, VAR-201411-0377, VAR-201106-0111, VAR-202106-0637, VAR-200901-0408, VAR-202103-0767, VAR-201106-0113, VAR-202103-0766, VAR-200706-0412, VAR-202103-0535, VAR-202207-0737, VAR-202103-0529, VAR-201708-1444, VAR-202012-0621, VAR-202012-0620

Trust: 5.25

Fetched: July 27, 2024, 6:21 p.m., Published: Aug. 24, 2030, midnight
 Vulnerabilities: denial of service, improper validation, information disclosure...
Affected productsExternal IDs
vendor: willcom model: wi-fi application
vendor: samsung model: mobile
vendor: samsung model: note
vendor: samsung model: mobile phones
vendor: samsung model: mobile devices
vendor: softbank model: wi-fi application
vendor: softbank model: wi-fi spot configuration software
vendor: softbank model: wisprclient
vendor: huawei model: mobile partner
vendor: huawei model: huawei
vendor: cisco model: jabber
vendor: cisco model: cisco anyconnect secure mobility client
vendor: cisco model: cisco jabber
vendor: cisco model: access points
vendor: cisco model: anyconnect vpn client
vendor: cisco model: anyconnect secure mobility client
vendor: cisco model: vpn client
vendor: cisco model: routers
db: NVD ids: CVE-2020-26085, CVE-2018-6968, CVE-2020-1204, CVE-2021-1569, CVE-2007-0111, CVE-2022-23167, CVE-2021-1417, CVE-2013-2310, CVE-2007-0878, CVE-2020-0989, CVE-2020-27127, CVE-2021-24084, CVE-2020-27132, CVE-2014-8359, CVE-2010-2990, CVE-2020-1372, CVE-2011-2039, CVE-2007-3445, CVE-2021-43880, CVE-2024-30001, CVE-2021-1570, CVE-2020-1330, CVE-2024-30012, CVE-2017-10168, CVE-2008-4540, CVE-2007-0685, CVE-2024-30003, CVE-2024-4944, CVE-2024-30004, CVE-2024-30021, CVE-2009-0244, CVE-2006-4614, CVE-2019-1314, CVE-2024-30000, CVE-2007-2883, CVE-2006-6902, CVE-2021-1471, CVE-2020-0854, CVE-2011-2041, CVE-2006-6908, CVE-2024-29997, CVE-2022-47577, CVE-2021-1469, CVE-2023-38186, CVE-2007-3351, CVE-2015-0925, CVE-2024-30005, CVE-2021-1411, CVE-2022-33711, CVE-2016-3302, CVE-2008-4295, CVE-2021-1418, CVE-2024-29998, CVE-2024-29999, CVE-2007-5460, CVE-2024-31215, CVE-2007-3362, CVE-2024-26220, CVE-2022-21992, CVE-2017-9247, CVE-2020-27134, CVE-2005-0324, CVE-2020-8948, CVE-2020-27133, CVE-2024-30002, CVE-2020-1405, CVE-2007-5493, CVE-2007-0674

CVE-2024-3912 Certain models of ASUS routers have an arbitrary...

Trust: 4.0

Fetched: July 27, 2024, 6:16 p.m., Published: July 9, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: routers
vendor: asus model: asus
db: NVD ids: CVE-2024-3912

CVE-2024-3080 Certain ASUS router models have authentication b...

Trust: 4.0

Fetched: July 27, 2024, 6:09 p.m., Published: July 9, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: router
db: NVD ids: CVE-2024-3080

PKfail Vulnerability Allows Hackers to Install UEFI Malware

Trust: 3.5

Fetched: July 27, 2024, 6:06 p.m., Published: July 26, 2024, 8:42 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: lenovo model: bios
vendor: lenovo model: updates
vendor: lenovo model: system
vendor: dell model: bios

Vulnerabilities in Longse Technology devices | CERT Polska

Trust: 3.75

Fetched: July 27, 2024, 6:04 p.m., Published: July 9, 2024, midnight
 Vulnerabilities: default credentials, default password
Affected productsExternal IDs
db: NVD ids: CVE-2024-5633, CVE-2024-5632, CVE-2024-5634, CVE-2024-5631

Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica

Trust: 3.0

Fetched: July 27, 2024, 6:04 p.m., Published: July 25, 2024, 6 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Specific Ricoh MFP and Printer Products - Buffer overflow vulnerability (CVE-2024-39927) | Ricoh Europe

Trust: 5.0

Fetched: July 12, 2024, 9:44 a.m., Published: -
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-39927

Vulnerabilities on Sensor Net Connect and Thermoscan IP Could Allow Admin Privileges Over Medical Data Systems

Trust: 3.5

Fetched: July 12, 2024, 9:43 a.m., Published: July 12, 2024, midnight
 Vulnerabilities: request forgery, denial of service, buffer overflow...
Affected productsExternal IDs
db: NVD ids: CVE-2024-31201, CVE-2024-31203, CVE-2024-3083, CVE-2024-3082, CVE-2024-31200, CVE-2024-31202, CVE-2024-31199

New Vulnerability Discovered in Android Devices Sparks Security Concerns

Trust: 3.75

Fetched: July 12, 2024, 9:42 a.m., Published: June 23, 2024, 11:51 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32896, CVE-2024-54321

More than two dozen Android vulnerabilities fixed • The Register

Trust: 4.5

Fetched: July 12, 2024, 9:42 a.m., Published: -
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
vendor: xiaomi model: miui
db: NVD ids: CVE-2021-0600, CVE-2024-0017, CVE-2023-20963

GitLab update addresses pipeline execution vulnerability

Trust: 3.0

Fetched: July 12, 2024, 9:41 a.m., Published: July 11, 2024, 1:05 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-6385, CVE-2024-2880, CVE-2024-5528, CVE-2024-5470, CVE-2024-5257, CVE-2024-6595

[AL-050] Multiple Vulnerabilities in VMWare Workstation and Fusion

Trust: 4.25

Fetched: July 12, 2024, 9:39 a.m., Published: July 12, 2024, midnight
 Vulnerabilities: information disclosure
Affected productsExternal IDs
db: NVD ids: CVE-2024-22268, CVE-2024-22267, CVE-2024-22270, CVE-2024-22269

15 vulnerabilities discovered in software development kit for wireless routers

Trust: 5.5

Fetched: July 12, 2024, 9:38 a.m., Published: July 10, 2024, 4 p.m.
 Vulnerabilities: arbitrary command execution, request forgery, cross-site request forgery...
Affected productsExternal IDs
vendor: snort model: snort
vendor: snort.org model: snort
vendor: cisco model: ip phone
vendor: cisco model: soho
vendor: cisco model: series
vendor: cisco model: router
vendor: cisco model: routers
db: NVD ids: CVE-2023-46685, CVE-2024-32937, CVE-2023-45742, CVE-2023-50383, CVE-2023-34435, CVE-2023-50382, CVE-2023-50381, CVE-2023-47677, CVE-2023-49593, CVE-2024-21778

Kaspersky identifies significant security risks in widely used Cinterion modems | Kaspersky

Trust: 4.75

Fetched: July 12, 2024, 9:38 a.m., Published: May 16, 2024, 2:02 p.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-47610, CVE-2023-47616, CVE-2023-47611

alpitronic Hypercharger EV Charger | CISA

Trust: 4.75

Fetched: July 12, 2024, 9:37 a.m., Published: July 12, 2023, midnight
 Vulnerabilities: default password, default credentials
Affected productsExternal IDs
db: NVD ids: CVE-2024-4622

What is the OpenSSH regreSSHion vulnerability (CVE-2024-6387)?

Trust: 3.75

Fetched: July 12, 2024, 9:36 a.m., Published: July 3, 2024, midnight
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2006-5051, CVE-2024-6387

Connecting the Dots: Darktrace’s Detection of the Exploitation of the ConnectWise ScreenConnect Vulnerabilities | Darktrace Blog

Trust: 4.25

Fetched: July 12, 2024, 9:35 a.m., Published: July 15, 2024, midnight
 Vulnerabilities: privilege escalation, authentication bypass
Affected productsExternal IDs
vendor: trendmicro model: security
vendor: paloaltonetworks model: networks
db: NVD ids: CVE-2024-1708, CVE-2024-22245, CVE-2024-17091, CVE-2024-1709, CVE-2024-1597, CVE-2024-17091116, CVE-2024-1709124780657328783

Pwn2Own: WAN-to-LAN Exploit Showcase | Claroty

Trust: 6.25

Fetched: July 12, 2024, 9:34 a.m., Published: July 9, 2024, midnight
 Vulnerabilities: buffer overflow, buffer overrun, improper validation...
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: synology model: dns server
db: NVD ids: CVE-2024-5243, CVE-2024-5242, CVE-2024-5244