Sign-up

VARIoT news about IoT security

A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions

Trust: 4.25

Fetched: Dec. 4, 2024, 9:26 a.m., Published: Jan. 4, 2023, midnight
 Vulnerabilities: code execution, cross-site scripting, buffer overflow...
Affected productsExternal IDs
vendor: essential model: phone
vendor: apple model: macos
vendor: google model: home
vendor: google model: android
vendor: century model: router
vendor: trend model: antivirus
vendor: trend model: security
vendor: symantec model: antivirus
vendor: symantec model: web security
vendor: symantec model: scan engine
vendor: rising model: antivirus
vendor: wireshark model: wireshark
vendor: orange model: web server
vendor: rapid model: scada

Huawei lists EMUI and HarmonyOS November 2024 security patch details - Huawei Central

Related entries in the VARIoT vulnerabilities database: VAR-202409-0013

Trust: 3.75

Fetched: Dec. 4, 2024, 9:23 a.m., Published: Nov. 5, 2024, noon
 Vulnerabilities: -
Affected productsExternal IDs
vendor: huawei model: emui
vendor: huawei model: huawei
db: NVD ids: CVE-2024-33049, CVE-2024-51510, CVE-2024-51512, CVE-2024-51511, CVE-2024-51516, CVE-2024-43892, CVE-2024-51514, CVE-2024-42283, CVE-2024-51529, CVE-2024-33069, CVE-2024-46798, CVE-2024-42305, CVE-2024-40673, CVE-2024-51526, CVE-2024-51515, CVE-2024-51530, CVE-2024-51525, CVE-2024-44987, CVE-2024-6119, CVE-2024-51522, CVE-2024-51582, CVE-2024-51523, CVE-2024-42312, CVE-2024-51518, CVE-2024-34737, CVE-2024-43882, CVE-2024-33060, CVE-2024-38399, CVE-2024-51524, CVE-2024-42292, CVE-2024-51520, CVE-2024-45448, CVE-2024-51521, CVE-2024-51513, CVE-2024-51527, CVE-2024-51517

Fortinet の RCE 脆弱性 CVE-2024-23113:日本におけるインターネット露出は 5,100台 - IoT OT Security News

Trust: 4.25

Fetched: Dec. 4, 2024, 9:21 a.m., Published: Oct. 12, 2024, 10:14 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2024-23113

Several QNAP vulnerabilities addressed | SC Media

Trust: 4.75

Fetched: Dec. 3, 2024, 10:13 a.m., Published: June 11, 2024, 5 p.m.
 Vulnerabilities: request forgery, os command injection, command execution...
Affected productsExternal IDs
db: NVD ids: CVE-2024-38644, CVE-2024-38643, CVE-2024-38645, CVE-2024-38646, CVE-2024-48861, CVE-2024-48860

Axis Devices Detection (SNMP) - vulnerability database | Vulners.com

Trust: 3.25

Fetched: Dec. 3, 2024, 10:12 a.m., Published: Nov. 27, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: axis model: axis

CVE-2021-30731 - "Apple macOS USB Device Capture Vulnerability"

Related entries in the VARIoT vulnerabilities database: VAR-202109-1345

Trust: 3.5

Fetched: Dec. 3, 2024, 10:12 a.m., Published: Sept. 8, 2021, 2:15 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: mac_os_x
vendor: apple model: macos
vendor: apple model: mac_os
db: NVD ids: CVE-2021-30731

D-Link says replace vulnerable routers or risk pwnage • The Register

Trust: 3.5

Fetched: Dec. 3, 2024, 10:12 a.m., Published: -
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: d-link model: router

CVE-2024-50359 - Exploits & Severity - Feedly

Trust: 4.25

Fetched: Dec. 3, 2024, 10:11 a.m., Published: Nov. 26, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-50359

ZDI-24-1457: Delta Electronics InfraSuite Device Master _gExtraInfo Deserialization Of Untrusted Data Remote Code Execution Vulnerability - CYBERSECURITY THREATS

Trust: 4.25

Fetched: Dec. 3, 2024, 10:10 a.m., Published: Nov. 7, 2024, 11:48 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-10456

Hackers Exploiting ProjectSend Authentication Vulnerability In The Wild

Trust: 3.0

Fetched: Dec. 3, 2024, 10:09 a.m., Published: Nov. 27, 2024, 12:05 p.m.
 Vulnerabilities: authentication vulnerability
Affected productsExternal IDs
db: NVD ids: CVE-2024-11680

Cybersecurity Threat Research Feed - Latest Intelligence Updates

Related entries in the VARIoT vulnerabilities database: VAR-202008-0248

Trust: 4.25

Fetched: Dec. 3, 2024, 10:06 a.m., Published: Oct. 31, 2024, 9:58 p.m.
 Vulnerabilities: code insertion, sql injection, privilege escalation...
Affected productsExternal IDs
vendor: palo alto networks model: pan-os
vendor: palo alto networks model: networks
vendor: palo alto networks model: firewall
vendor: trend micro model: security
vendor: trend micro model: antivirus
vendor: avast model: antivirus
vendor: palo model: pan-os
vendor: palo model: networks
vendor: palo model: firewall
vendor: check point model: check point
vendor: paloaltonetworks model: pan-os
vendor: paloaltonetworks model: networks
vendor: paloaltonetworks model: firewall
vendor: trend model: security
vendor: trend model: antivirus
vendor: cpanel model: cpanel
vendor: blackberry model: blackberry
vendor: blackberry model: link
vendor: tp-link model: routers
vendor: checkpoint model: check point
vendor: google model: home
vendor: google model: google chrome
vendor: google model: android
vendor: google model: chrome
vendor: google model: wifi
vendor: essential model: phone
vendor: trendmicro model: security
vendor: trendmicro model: antivirus
vendor: ahnlab model: engine
vendor: cisco model: guard
vendor: cisco model: catalyst
vendor: cisco model: umbrella
vendor: cisco model: series
vendor: cisco model: routers
vendor: cisco model: 4351
db: NVD ids: CVE-2020-1472, CVE-2024-0012, CVE-2024-9680, CVE-2023-27532, CVE-2024-49039, CVE-2024-11667, CVE-2024-4351, CVE-2024-9474, CVE-2024-43451

TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands

Trust: 4.5

Fetched: Dec. 3, 2024, 10:04 a.m., Published: Dec. 3, 2024, 8:48 a.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
vendor: tp-link model: routers
vendor: qemu model: qemu
db: NVD ids: CVE-2024-53375

Android Zero-Day Vulnerabilities Actively Exploited In Attacks, Patch Now!

Trust: 4.75

Fetched: Dec. 3, 2024, 10:03 a.m., Published: Nov. 5, 2024, 7:58 a.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: motorola model: motorola
vendor: motorola model: android
vendor: oneplus model: oneplus
vendor: google model: android
vendor: samsung model: mobile devices
vendor: samsung model: samsung
vendor: samsung model: mobile
db: NVD ids: CVE-2024-43047, CVE-2024-43093

October security patch fixes serious vulnerability in Samsung phones - SamMobile

Trust: 3.75

Fetched: Dec. 3, 2024, 10:03 a.m., Published: Oct. 4, 2019, 12:20 p.m.
 Vulnerabilities: privilege escalation
Affected productsExternal IDs
vendor: samsung model: mobile devices
vendor: samsung model: galaxy s8
vendor: samsung model: galaxy s9
vendor: samsung model: galaxy
vendor: samsung model: galaxy s10
vendor: samsung model: galaxy s7
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: google model: android
vendor: google model: chrome
vendor: google model: pixel

CERT-In updates: Keep your Android and Apple devices safe | TechGig

Trust: 4.5

Fetched: Dec. 3, 2024, 10:03 a.m., Published: Nov. 28, 2024, 12:33 p.m.
 Vulnerabilities: code execution, memory corruption, information exposure...
Affected productsExternal IDs
vendor: google model: android
vendor: apple model: iphone
vendor: apple model: icloud
vendor: apple model: macos

CISA, NSA, and Partners Issue Annual Report on Top Exploited Vulnerabilities > National Security Agency/Central Security Service > Press Release View

Trust: 3.25

Fetched: Dec. 3, 2024, 10:02 a.m., Published: Nov. 12, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: security

WordPress L Squared Hub WP plugin <= 1.0 - SQL Injection vulnerability - Patchstack

Trust: 3.25

Fetched: Dec. 3, 2024, 10:02 a.m., Published: Dec. 1, 2024, midnight
 Vulnerabilities: sql injection
Affected productsExternal IDs

Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

Trust: 5.25

Fetched: Dec. 3, 2024, 10:02 a.m., Published: Dec. 2, 2024, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: android

Samsung monthly updates: November 2024 security patch detailed - SamMobile

Trust: 4.0

Fetched: Dec. 3, 2024, 10:02 a.m., Published: Nov. 5, 2024, 1:44 a.m.
 Vulnerabilities: memory corruption
Affected productsExternal IDs
vendor: samsung model: exynos
vendor: samsung model: samsung
vendor: samsung model: galaxy

CVE-2024-8938: Echelon Network Device Vulnerability - DEC Solutions Group

Trust: 3.0

Fetched: Dec. 3, 2024, 10:01 a.m., Published: Nov. 13, 2024, 5:31 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-8938