Sign-up

VARIoT news about IoT security

Apple Vision Pro at risk! Govt. issues high-severity alert against vulnerabilities: How to protect your device | Mint

Trust: 3.75

Fetched: June 16, 2024, 9:50 a.m., Published: June 14, 2024, midnight
 Vulnerabilities: denial of service, memory corruption
Affected productsExternal IDs
vendor: apple model: webkit

Re: Vulnerability within photoshop - Adobe Community - 14681733

Trust: 3.0

Fetched: June 16, 2024, 9:45 a.m., Published: June 14, 2024, 4:24 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2018-18284

CVE-2023-3938 Bypassing ZkTeco-based OEM devices/ZKTeco biom... - vulnerability database | Vulners.com

Trust: 5.0

Fetched: June 16, 2024, 9:43 a.m., Published: May 21, 2024, 9:32 a.m.
 Vulnerabilities: sql injection
Affected productsExternal IDs
db: NVD ids: CVE-2023-3938

Zyxel Releases Patches for Firmware Vulnerabilities in EoL N... - vulnerability database | Vulners.com

Trust: 4.5

Fetched: June 16, 2024, 9:42 a.m., Published: June 5, 2024, 7:10 a.m.
 Vulnerabilities: privilege escalation, privilege management vulnerability, command injection...
Affected productsExternal IDs
vendor: zyxel model: nas326
vendor: zyxel model: nas542
db: NVD ids: CVE-2024-29976, CVE-2024-29975, CVE-2024-29974, CVE-2024-29972, CVE-2024-29973

linux, linux-gcp, linux-gcp-6.5, linux-lowlatency, linux-low... - vulnerability database | Vulners.com

Trust: 4.75

Fetched: June 16, 2024, 9:42 a.m., Published: June 7, 2024, 8:18 p.m.
 Vulnerabilities: denial of service, pointer dereference vulnerability, system crash
Affected productsExternal IDs
db: NVD ids: CVE-2023-52587, CVE-2024-26585, CVE-2023-52627, CVE-2023-52697, CVE-2024-26634, CVE-2023-52612, CVE-2023-52686, CVE-2024-26671, CVE-2024-26610, CVE-2024-26645, CVE-2023-52696, CVE-2023-52444, CVE-2024-26586, CVE-2023-52491, CVE-2023-52679, CVE-2023-6535, CVE-2023-52486, CVE-2023-52443, CVE-2023-52692, CVE-2023-52677, CVE-2023-52457, CVE-2023-52619, CVE-2023-52675, CVE-2023-6356, CVE-2023-52676, CVE-2024-26595, CVE-2024-26607, CVE-2023-52497, CVE-2023-52468, CVE-2024-26627, CVE-2024-26638, CVE-2023-52621, CVE-2023-52469, CVE-2023-52455, CVE-2024-26620, CVE-2023-52674, CVE-2023-52447, CVE-2023-52472, CVE-2023-52690, CVE-2023-52470, CVE-2023-52681, CVE-2023-52450, CVE-2023-52583, CVE-2023-52608, CVE-2024-26633, CVE-2023-52448, CVE-2023-52685, CVE-2024-26608, CVE-2024-26616, CVE-2023-52456, CVE-2023-52458, CVE-2024-35835, CVE-2024-26646, CVE-2023-52593, CVE-2023-52617, CVE-2023-52633, CVE-2023-52453, CVE-2023-52618, CVE-2023-52694, CVE-2024-26669, CVE-2024-35839, CVE-2023-52666, CVE-2023-6536, CVE-2024-26583, CVE-2023-52664, CVE-2024-26647, CVE-2023-52465, CVE-2023-52614, CVE-2023-52584, CVE-2023-52669, CVE-2023-52462, CVE-2023-52489, CVE-2024-26641, CVE-2024-26631, CVE-2023-52594, CVE-2023-52687, CVE-2023-52610, CVE-2024-35841, CVE-2023-52498, CVE-2024-26673, CVE-2023-52452, CVE-2024-26649, CVE-2023-52494, CVE-2023-52588, CVE-2024-35842, CVE-2023-52449, CVE-2023-52698, CVE-2023-52451, CVE-2023-52622, CVE-2023-52682, CVE-2024-26625, CVE-2024-26623, CVE-2023-52693, CVE-2024-26632, CVE-2023-52446, CVE-2024-24860, CVE-2024-26582, CVE-2024-26636, CVE-2023-52683, CVE-2024-26640, CVE-2023-52487, CVE-2023-52672, CVE-2023-52667, CVE-2024-23849, CVE-2023-52670, CVE-2024-26615, CVE-2024-35840, CVE-2023-52598, CVE-2023-52626, CVE-2024-26629, CVE-2023-52493, CVE-2024-35837, CVE-2023-52488, CVE-2023-52609, CVE-2024-26670, CVE-2023-52473, CVE-2024-26592, CVE-2023-52623, CVE-2024-26598, CVE-2023-52635, CVE-2023-52589, CVE-2023-52463, CVE-2023-52678, CVE-2024-26618, CVE-2023-52611, CVE-2024-26612, CVE-2024-26668, CVE-2023-52490, CVE-2023-52607, CVE-2024-26808, CVE-2024-26644, CVE-2023-52454, CVE-2024-26584, CVE-2023-52445, CVE-2023-52606, CVE-2023-52467, CVE-2023-52599, CVE-2023-52495, CVE-2023-52591, CVE-2023-52595, CVE-2023-52691, CVE-2023-52597, CVE-2023-52492, CVE-2023-52632, CVE-2023-52464, CVE-2024-35838, CVE-2023-52616, CVE-2024-26594, CVE-2023-52680, CVE-2024-21823

Frontiers | Threat modelling in Internet of Things (IoT) environments using dynamic attack graphs

Related entries in the VARIoT vulnerabilities database: VAR-202206-1951, VAR-201707-0956, VAR-202208-2200

Trust: 5.75

Fetched: June 16, 2024, 9:38 a.m., Published: April 10, 2024, midnight
 Vulnerabilities: information leak
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2017-0785, CVE-2021-41635, CVE-2017-6753, CVE-2022-30318, CVE-2017-1000251, CVE-2009-2446, CVE-2017-8628

Top 100 Vulnerabilities in Cybersecurity - Tech Hyme

Trust: 4.5

Fetched: June 16, 2024, 9:37 a.m., Published: June 11, 2024, 4:38 p.m.
 Vulnerabilities: account lockout, command injection, local file inclusion...
Affected productsExternal IDs

Google Urgently Fixes a Zero Day Vulnerability - ZAM

Trust: 5.5

Fetched: June 16, 2024, 9:35 a.m., Published: June 15, 2024, 7:59 a.m.
 Vulnerabilities: privilege escalation, code execution
Affected productsExternal IDs
vendor: google model: android
vendor: google model: pixel
db: NVD ids: CVE-2024-32899, CVE-2024-32898, CVE-2024-32896, CVE-2024-32897

Cisco Firepower Management Center Software Object Group Acce... - vulnerability database | Vulners.com

Trust: 3.0

Fetched: June 16, 2024, 9:35 a.m., Published: June 14, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: firepower management center
vendor: cisco model: firepower
vendor: cisco model: cisco firepower management center

CVE-2024-36949: Vulnerability in linux-libc-dev - Kernel: amd/amdkfd: Sync All Devices to Wait All Processes Being Evicted

Trust: 3.0

Fetched: June 16, 2024, 9:35 a.m., Published: May 30, 2024, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2024-36949

20 Best Security Testing Tools In 2024 - The CTO Club

Trust: 3.5

Fetched: June 16, 2024, 9:34 a.m., Published: June 14, 2024, 6:46 p.m.
 Vulnerabilities: cross-site scripting, sql injection
Affected productsExternal IDs

CVE-2024-31163 ASUS Download Master - Buffer Overflow - vulnerability database | Vulners.com

Trust: 5.25

Fetched: June 16, 2024, 9:29 a.m., Published: June 14, 2024, 6:52 a.m.
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: asus model: asus
db: NVD ids: CVE-2024-31163

Siemens SIMATIC S7-200 SMART Devices - vulnerability database | Vulners.com

Related entries in the VARIoT vulnerabilities database: VAR-202406-0059

Trust: 3.5

Fetched: June 16, 2024, 9:27 a.m., Published: June 13, 2024, noon
 Vulnerabilities: -
Affected productsExternal IDs
vendor: siemens model: simatic s7-200 smart cpu st40
vendor: siemens model: simatic s7-200 smart
vendor: siemens model: simatic s7-200
vendor: siemens model: simatic s7-200 smart cpu sr30
vendor: siemens model: simatic s7-200 smart cpu
vendor: siemens model: simatic
vendor: siemens model: simatic s7-200 smart cpu sr40
vendor: siemens model: simatic s7-200 smart cpu sr60
vendor: siemens model: simatic s7-200 smart cpu cr60
vendor: siemens model: simatic s7-200 smart cpu st30
vendor: siemens model: s7-200 smart
vendor: siemens model: simatic s7-200 smart cpu sr20
vendor: siemens model: simatic s7-200 smart cpu cr40
vendor: siemens model: simatic s7-200 smart cpu st20
vendor: siemens model: simatic s7-200 smart cpu st60
db: NVD ids: CVE-2024-35292

Response to vulnerabilities in OKI’s digital multi-function peripherals | 2024 | Security Bulletins | OKI Europe Ltd

Trust: 3.75

Fetched: June 16, 2024, 9:27 a.m., Published: June 16, 2024, midnight
 Vulnerabilities: os command injection, authentication bypass, default credentials...
Affected productsExternal IDs
db: NVD ids: CVE-2024-3497, CVE-2024-27154, CVE-2024-27164, CVE-2024-27156, CVE-2024-27146, CVE-2024-27153, CVE-2024-27171, CVE-2024-27144, CVE-2024-27142, CVE-2024-27169, CVE-2024-27143, CVE-2024-27147, CVE-2024-27157, CVE-2024-7145, CVE-2024-27180, CVE-2024-3498, CVE-2024-27167, CVE-2024-27173, CVE-2024-27163, CVE-2024-27178, CVE-2024-27161, CVE-2024-27168, CVE-2024-27165, CVE-2024-27150, CVE-2024-27175, CVE-2024-27176, CVE-2024-27152, CVE-2024-27166, CVE-2024-3496, CVE-2024-27160, CVE-2024-27158, CVE-2024-27141, CVE-2024-27149, CVE-2024-27159, CVE-2024-27162, CVE-2024-27151, CVE-2024-27174, CVE-2024-27170, CVE-2024-27148, CVE-2024-27155, CVE-2024-27179, CVE-2024-27172

Beware! Zero-click RCE Exploit for iMessage Circulating

Trust: 5.25

Fetched: June 16, 2024, 9:26 a.m., Published: April 25, 2024, 1:15 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone

Cisco Releases Critical Security Updates to Fix Firewall 0-Days

Trust: 4.5

Fetched: June 16, 2024, 9:25 a.m., Published: April 25, 2024, 7:42 a.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
vendor: cisco model: firepower threat defense
vendor: cisco model: adaptive security appliance
vendor: cisco model: firepower
vendor: cisco model: device manager
vendor: cisco model: asa series
vendor: cisco model: series
vendor: cisco model: firepower management center
vendor: cisco model: asa software
db: NVD ids: CVE-2024-20358, CVE-2024-20359, CVE-2024-20353

10 Best Web Vulnerability Scanners for Continuous Security | Geekflare

Trust: 3.5

Fetched: June 16, 2024, 9:24 a.m., Published: Jan. 28, 2017, 12:45 p.m.
 Vulnerabilities: os command injection, code execution, file inclusion...
Affected productsExternal IDs

Samsung Mobile Flaw Let Attackers Execute Arbitrary Code

Trust: 5.5

Fetched: June 16, 2024, 9:24 a.m., Published: May 7, 2024, 10:09 a.m.
 Vulnerabilities: memory corruption, code execution, authentication bypass...
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
vendor: samsung model: mobile devices
vendor: google model: android
db: NVD ids: CVE-2024-20865, CVE-2024-20861, CVE-2024-20866, CVE-2024-20862, CVE-2024-20856, CVE-2024-20864, CVE-2024-20855

Cisco IOS Vulnerability Allows DOS Attacks via Malicious Traffic

Trust: 5.75

Fetched: June 16, 2024, 9:23 a.m., Published: April 8, 2024, 2:21 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: catalyst 6000
vendor: cisco model: cisco catalyst 6000 series
vendor: cisco model: catalyst 6000 series
vendor: cisco model: ios software
vendor: cisco model: catalyst
vendor: cisco model: series switches
vendor: cisco model: cisco ios
vendor: cisco model: catalyst 6500 series
vendor: cisco model: routers
vendor: cisco model: supervisor engine
vendor: cisco model: series
vendor: cisco model: catalyst 6500
vendor: cisco systems model: catalyst 6000
vendor: cisco systems model: cisco catalyst 6000 series
vendor: cisco systems model: catalyst 6000 series
vendor: cisco systems model: ios software
vendor: cisco systems model: catalyst
vendor: cisco systems model: series switches
vendor: cisco systems model: cisco ios
vendor: cisco systems model: catalyst 6500 series
vendor: cisco systems model: routers
vendor: cisco systems model: supervisor engine
vendor: cisco systems model: series
vendor: cisco systems model: catalyst 6500
db: NVD ids: CVE-2024-20276

Fortinet Hacks Led To 20,000 FortiGate Devices Breached: Report

Related entries in the VARIoT vulnerabilities database: VAR-202212-1132

Trust: 5.25

Fetched: June 14, 2024, 9:47 a.m., Published: June 11, 2024, 1:24 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: fortigate model: fortios
db: NVD ids: CVE-2022-42475