VARIoT news about IoT security

Related entries in the VARIoT vulnerabilities database: VAR-201906-0815, VAR-202112-0566, VAR-202008-0248

Trust: 5.5

Fetched: June 1, 2022, 8:58 a.m., Published: June 15, 2022, midnight
Vulnerabilities: privilege escalation, code execution, security bypass...
Affected productsExternal IDs
vendor: qnap model: qnap qts
db: NVD ids: CVE-2021-26858, CVE-2021-34473, CVE-2018-13379, CVE-2021-26855, CVE-2021-34523, CVE-2021-44228, CVE-2021-40539, CVE-2021-26857, CVE-2019-11510, CVE-2021-31207, CVE-2020-1472, CVE-2021-27065

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: March 8, 2022, 11:30 a.m.
Vulnerabilities: buffer overflow, code execution, information disclosure...
Affected productsExternal IDs
db: NVD ids: CVE-2022-25248, CVE-2022-25247, CVE-2022-25246, CVE-2022-25251, CVE-2022-25250, CVE-2022-25249, CVE-2022-25252

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: Sept. 3, 2019, 7:33 a.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
Related entries in the VARIoT vulnerabilities database: VAR-202205-0858

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: June 9, 2022, midnight
Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-29591

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: June 1, 2022, midnight
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: essential model: phone
vendor: delegate model: delegate
Related entries in the VARIoT vulnerabilities database: VAR-202203-0090

Trust: 4.75

Fetched: June 1, 2022, 8:58 a.m., Published: March 1, 2022, midnight
Vulnerabilities: privilege escalation, denial of service, security feature bypass...
Affected productsExternal IDs
db: NVD ids: CVE-2022-21990, CVE-2022-24502, CVE-2022-22006, CVE-2022-24512, CVE-2022-24508, CVE-2022-24501, CVE-2022-23277, CVE-2022-24459

Trust: 4.75

Fetched: June 1, 2022, 8:58 a.m., Published: April 25, 2022, midnight
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: google model: android
vendor: check point model: check point

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: June 1, 2022, midnight
Vulnerabilities: code execution
Affected productsExternal IDs

Trust: 3.25

Fetched: June 1, 2022, 8:58 a.m., Published: May 28, 2022, 11:22 a.m.
Vulnerabilities: sql injection, injection attack
Affected productsExternal IDs
vendor: ring model: ring
vendor: google model: home
vendor: google model: android
vendor: wireshark model: wireshark
Related entries in the VARIoT vulnerabilities database: VAR-202203-0237

Trust: 5.25

Fetched: June 1, 2022, 8:58 a.m., Published: May 3, 2022, 10 a.m.
Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: aruba model: web management portal
vendor: palo model: networks
vendor: extremenetworks model: ers3500
db: NVD ids: CVE-2022-23677, CVE-2022-29861, CVE-2022-22805, CVE-2022-29860, CVE-2022-23676

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: May 12, 2022, 10:26 a.m.
Vulnerabilities: denial of service
Affected productsExternal IDs

Trust: 3.75

Fetched: June 1, 2022, 8:58 a.m., Published: March 17, 2022, 3:05 p.m.
Vulnerabilities: privilege escalation, denial of service
Affected productsExternal IDs
db: NVD ids: CVE-2022-26503, CVE-2022-26500, CVE-2022-26501

Trust: 5.0

Fetched: June 1, 2022, 8:58 a.m., Published: June 6, 2022, midnight
Vulnerabilities: use after free
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome
db: NVD ids: CVE-2022-1480

Trust: 5.5

Fetched: June 1, 2022, 8:58 a.m., Published: May 31, 2022, midnight
Vulnerabilities: default credentials, command injection, code injection
Affected productsExternal IDs
vendor: d-link model: router
vendor: netgear model: router
vendor: netgear model: dgn1000
vendor: google model: android
vendor: dbltek model: dbltek
db: NVD ids: CVE-2022-1388, CVE-2021-4039, CVE-2018-10823, CVE-2021-44228, CVE-2022-22954, CVE-2020-17456, CVE-2021-36356, CVE-2020-5902, CVE-2014-9118, CVE-2021-35064, CVE-2015-2051, CVE-2020-7961, CVE-2022-25075, CVE-2018-16763, CVE-2022-22947, CVE-2021-45046, CVE-2017-18368

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: May 20, 2022, 1:26 p.m.
Vulnerabilities: -
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security
vendor: google model: android
vendor: google model: pixel
vendor: google model: chrome
vendor: samsung model: samsung galaxy
vendor: samsung model: mobile
vendor: samsung model: galaxy
vendor: samsung model: samsung
db: NVD ids: CVE-2021-38003, CVE-2021-1048, CVE-2021-38000, CVE-2021-37973, CVE-2021-37976
Related entries in the VARIoT vulnerabilities database: VAR-202203-0236, VAR-202203-0237, VAR-202203-0235

Trust: 3.5

Fetched: June 1, 2022, 8:58 a.m., Published: March 7, 2022, midnight
Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-22806, CVE-2022-22805, CVE-2022-0715
Related entries in the VARIoT vulnerabilities database: VAR-202202-1281

Trust: 6.0

Fetched: June 1, 2022, 8:58 a.m., Published: April 12, 2022, 4:54 p.m.
Vulnerabilities: code execution
Affected productsExternal IDs
vendor: d-link model: dir-830l
vendor: d-link model: dir-810l
vendor: d-link model: router
vendor: d-link model: dir-820l
vendor: d-link model: dir-836l
vendor: d-link model: dir-826l
db: NVD ids: CVE-2021-45382

Trust: 3.0

Fetched: June 1, 2022, 8:58 a.m., Published: May 28, 2022, midnight
Vulnerabilities: -
Affected productsExternal IDs
vendor: zoom model: zoom

Trust: 4.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 27, 2022, 6:08 p.m.
Vulnerabilities: file reading vulnerability, memory corruption, security feature bypass...
Affected productsExternal IDs
vendor: zoho model: manageengine adselfservice plus
vendor: pulse secure model: pulse connect secure
vendor: pulse secure model: connect secure
vendor: pulse model: secure pulse connect secure
vendor: accellion model: accellion file transfer appliance
vendor: accellion model: file transfer appliance
Related entries in the VARIoT vulnerabilities database: VAR-201906-0815, VAR-202112-0566, VAR-202008-0248

Trust: 5.5

Fetched: June 1, 2022, 8:58 a.m., Published: April 29, 2022, 12:46 p.m.
Vulnerabilities: security bypass, security feature bypass, code execution...
Affected productsExternal IDs
vendor: pulse model: secure pulse connect secure
vendor: pulse secure model: pulse connect secure
vendor: pulse secure model: connect secure
db: NVD ids: CVE-2021-26858, CVE-2021-34473, CVE-2020-0688, CVE-2021-34523, CVE-2021-26855, CVE-2018-13379, CVE-2021-44228, CVE-2021-40539, CVE-2021-26857, CVE-2019-11510, CVE-2021-31207, CVE-2020-1472, CVE-2021-27065, CVE-2021-21972, CVE-2021-26084