Sign-up

VARIoT news about IoT security

Vulnerability discovered by Microsoft affects many Android applications - Droid News

Trust: 3.0

Fetched: May 31, 2024, 9:51 a.m., Published: May 6, 2024, 9:10 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Most Common WordPress Vulnerabilities (And How To Fix Them)

Trust: 3.5

Fetched: May 31, 2024, 9:46 a.m., Published: March 7, 2024, 2:20 p.m.
 Vulnerabilities: sql injection, cross-site scripting, brute force attack...
Affected productsExternal IDs

How To Secure the Linux Kernel

Related entries in the VARIoT vulnerabilities database: VAR-201801-1708

Trust: 3.5

Fetched: May 31, 2024, 9:44 a.m., Published: Aug. 16, 2024, midnight
 Vulnerabilities: information exposure, privilege escalation, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2016-10229, CVE-2014-2523, CVE-2016-10150, CVE-2017-18017, CVE-2015-8812

How to Perform Security Audits on IoT Devices | RunTime

Trust: 4.75

Fetched: May 31, 2024, 9:44 a.m., Published: May 27, 2024, 2:23 a.m.
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: wireshark model: wireshark

Govt raises alarm over critical vulnerability in TP-Link routers: How to protect your device | Mint

Trust: 3.75

Fetched: May 31, 2024, 9:43 a.m., Published: May 29, 2024, 1:23 p.m.
 Vulnerabilities: command injection, default credentials
Affected productsExternal IDs
vendor: tp-link model: routers

Surface Go 3 gets new firmware with Device Manager fixes and security patches - Neowin

Trust: 3.0

Fetched: May 31, 2024, 9:36 a.m., Published: May 3, 2024, midnight
 Vulnerabilities: privilege escalation, denial of service
Affected productsExternal IDs

Check Point Releases Security Hotfix for Exploited Zero-Day Vulnerability CVE-2024-24919 - NHS England Digital

Trust: 3.75

Fetched: May 31, 2024, 9:36 a.m., Published: May 31, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
db: NVD ids: CVE-2024-24919

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices | Microsoft Security Blog

Trust: 4.5

Fetched: May 31, 2024, 9:35 a.m., Published: May 30, 2024, 3:48 p.m.
 Vulnerabilities: default password, weak password
Affected productsExternal IDs
vendor: trend model: security
db: NVD ids: CVE-2023-6448

Towards a Safer Internet of Things-A Survey of IoT Vulnerability Data Sources - PMC

Related entries in the VARIoT vulnerabilities database: VAR-201202-0163, VAR-201202-0162, VAR-201202-0164

Trust: 4.5

Fetched: May 31, 2024, 9:31 a.m., Published: Nov. 30, 2020, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: paloaltonetworks model: pan-os
vendor: trend model: security
vendor: codesys model: codesys
vendor: codesys model: control
vendor: trend micro model: security
vendor: google model: android
vendor: google model: home
vendor: essential model: phone
vendor: cisco model: router
vendor: cisco model: routers
db: NVD ids: CVE-2011-4876, CVE-2010-1677, CVE-2011-4875, CVE-2011-4877

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965 | Microsoft Security Blog

Related entries in the VARIoT vulnerabilities database: VAR-202203-1506, VAR-202203-0233

Trust: 4.75

Fetched: May 31, 2024, 9:29 a.m., Published: April 5, 2022, 1:11 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2022-22965, CVE-2010-1622, CVE-2022-22963, CVE-2022-22947

CVE-2024-3273: D-Link NAS RCE Exploited in the Wild | GreyNoise Blog

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070, VAR-202404-0069

Trust: 4.5

Fetched: May 31, 2024, 9:28 a.m., Published: April 8, 2024, midnight
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-3273, CVE-2024-3272

D-Link critical vulnerabilities CVE-2024-3272 & CVE-2024-3273

Related entries in the VARIoT vulnerabilities database: VAR-202404-0070, VAR-202404-0069

Trust: 4.75

Fetched: May 31, 2024, 9:28 a.m., Published: April 10, 2024, 2:53 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
vendor: d-link model: dns-325
vendor: d-link model: dns-340l
vendor: dlink model: dns-320l
vendor: dlink model: dns-327l
vendor: dlink model: dns-325
vendor: dlink model: dns-340l
db: NVD ids: CVE-2024-3273, CVE-2024-3272

Critical Vulnerability in D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L Up to 2024-04-03 (CVE-2024-3272) | SecurityVulnerability.io - SecuirtyVulnerability.io

Related entries in the VARIoT vulnerabilities database: VAR-202404-0069

Trust: 6.0

Fetched: May 31, 2024, 9:16 a.m., Published: -
 Vulnerabilities: command execution
Affected productsExternal IDs
vendor: d-link model: dns-320l
vendor: d-link model: dns-327l
vendor: d-link model: dns-325
vendor: d-link model: dns-340l
db: NVD ids: CVE-2024-3272

CVE-2024-24919: Check Point Security Gateways Vulnerability Explained

Trust: 5.25

Fetched: May 31, 2024, 9:08 a.m., Published: May 30, 2024, midnight
 Vulnerabilities: directory traversal, file inclusion, information disclosure
Affected productsExternal IDs
vendor: check point model: check point
vendor: trend model: security
db: NVD ids: CVE-2024-24919

CVE-2024-24919: Check Point Security Gateway Information Disclosure Zero-Day Exploited in the Wild - Blog | Tenable®

Trust: 5.75

Fetched: May 31, 2024, 9:08 a.m., Published: May 29, 2024, 4:25 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: check point model: check point
vendor: check point model: security gateway
vendor: check point model: quantum security gateway
db: NVD ids: CVE-2024-24919

Cybersecurity Firm Identifies Vulnerabilities in Popular IoT Cameras - CEPRO

Trust: 5.75

Fetched: May 29, 2024, 9:59 a.m., Published: May 24, 2024, 1:17 p.m.
 Vulnerabilities: command execution, buffer overflow, code execution
Affected productsExternal IDs
vendor: roku model: roku
db: NVD ids: CVE-2023-6323, CVE-2023-6324, CVE-2023-6322, CVE-2023-6321

System BIOS komputera Dell Precision 5520 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: May 29, 2024, 9:58 a.m., Published: May 29, 5520, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: precision 5520
vendor: dell model: bios

Controlling user access to the features of Android devices

Trust: 3.0

Fetched: May 29, 2024, 9:57 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android

Newly identified botnet targets decade-old flaw in unpatched D-Link devices

Related entries in the VARIoT vulnerabilities database: VAR-201502-0201, VAR-202404-0070, VAR-202404-0069

Trust: 4.0

Fetched: May 29, 2024, 9:52 a.m., Published: May 2, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tp-link model: routers
db: NVD ids: CVE-2015-2051, CVE-2024-3273, CVE-2024-3272

CVE-2024-4810 - NULL pointer deference in register_device in ppdev in Linux kernel - SecAlerts

Trust: 3.0

Fetched: May 29, 2024, 9:50 a.m., Published: May 5, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-4810