Sign-up

VARIoT news about IoT security

Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability

Trust: 5.25

Fetched: Sept. 20, 2023, 9:55 a.m., Published: Sept. 19, 2023, 9:30 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-36846, CVE-2023-36845, CVE-2023-36847, CVE-2023-36844

Maria Korolov - Author - Channel Asia

Trust: 3.0

Fetched: Sept. 20, 2023, 9:55 a.m., Published: Sept. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

Apple Security Advisory 2023-09-11-1 - Cyber Legion - IT Security Services

Trust: 4.25

Fetched: Sept. 20, 2023, 9:53 a.m., Published: Sept. 18, 2023, 1:28 p.m.
 Vulnerabilities: command injection
Affected productsExternal IDs
db: NVD ids: CVE-2020-11978

Apache Airflow 1.10.10 Remote Code Execution - Cyber Legion - IT Security Services

Trust: 3.0

Fetched: Sept. 20, 2023, 9:52 a.m., Published: Sept. 19, 2023, 4 p.m.
 Vulnerabilities: code execution, command injection
Affected productsExternal IDs
db: NVD ids: CVE-2020-11978

Apple’s iOS 16.6.1 Update & Pegasus Spyware

Trust: 4.5

Fetched: Sept. 20, 2023, 9:51 a.m., Published: Sept. 12, 2023, 6:12 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: ipad air
vendor: apple model: ipad
db: NVD ids: CVE-2023-41064

Thousands of Juniper Appliances Vulnerable to New Exploit - SecurityWeek

Trust: 5.25

Fetched: Sept. 20, 2023, 9:49 a.m., Published: Sept. 19, 2023, 11:45 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-36845

Maria Korolov - Author - Channel Asia

Trust: 3.0

Fetched: Sept. 20, 2023, 9:47 a.m., Published: Sept. 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: mesh model: mesh

What Are the Risks of Using Public Wi-Fi?

Trust: 3.25

Fetched: Sept. 20, 2023, 9:46 a.m., Published: March 24, 2021, 12:56 a.m.
 Vulnerabilities: session fixation, session hijacking
Affected productsExternal IDs
vendor: essential model: phone
vendor: google model: home
vendor: google model: android

Does CVE-2022-38023 have any impact to Data ONTAP 7-Mode - NetApp Knowledge Base

Trust: 3.75

Fetched: Sept. 20, 2023, 9:45 a.m., Published: Feb. 23, 2023, 9:50 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: netapp model: data ontap
vendor: netapp model: data ontap 7-mode
db: NVD ids: CVE-2022-38023

Multiple Security Vulnerability Notifications on Apple Products - Security Boulevard

Trust: 4.25

Fetched: Sept. 20, 2023, 9:42 a.m., Published: Sept. 8, 2023, 8:33 a.m.
 Vulnerabilities: buffer overflow, code execution
Affected productsExternal IDs
vendor: apple model: macos
vendor: apple model: watchos
db: NVD ids: CVE-2023-41064, CVE-2023-41061

About the security content of macOS Ventura 13.3 - Apple Support

Related entries in the VARIoT vulnerabilities database: VAR-202302-1169

Trust: 5.25

Fetched: Sept. 20, 2023, 9:42 a.m., Published: Sept. 13, 2023, midnight
 Vulnerabilities: memory corruption, use after free, memory initialization issue...
Affected productsExternal IDs
vendor: canary model: canary
vendor: trend micro model: security
vendor: apple model: webkit
vendor: apple model: safari
vendor: apple model: macos
vendor: apple model: icloud
vendor: trend model: security
db: NVD ids: CVE-2023-27966, CVE-2023-28212, CVE-2023-32358, CVE-2023-27968, CVE-2023-27932, CVE-2023-27947, CVE-2023-27963, CVE-2023-23526, CVE-2023-23535, CVE-2023-23538, CVE-2023-28199, CVE-2023-27956, CVE-2023-27949, CVE-2023-23537, CVE-2023-28211, CVE-2023-28190, CVE-2023-27948, CVE-2023-27961, CVE-2023-23523, CVE-2023-27928, CVE-2023-28213, CVE-2023-23532, CVE-2023-23542, CVE-2023-28214, CVE-2023-27935, CVE-2023-27941, CVE-2023-32370, CVE-2023-23527, CVE-2023-28181, CVE-2023-27953, CVE-2023-0288, CVE-2023-28200, CVE-2023-27955, CVE-2023-0512, CVE-2023-23534, CVE-2023-0051, CVE-2023-27965, CVE-2022-43552, CVE-2023-28195, CVE-2023-27937, CVE-2023-23533, CVE-2023-27950, CVE-2023-28198, CVE-2022-43551, CVE-2023-23514, CVE-2023-28201, CVE-2023-23536, CVE-2023-28209, CVE-2023-32356, CVE-2023-28179, CVE-2023-28188, CVE-2023-27931, CVE-2023-27952, CVE-2023-28189, CVE-2023-28178, CVE-2023-27943, CVE-2023-0054, CVE-2023-27951, CVE-2023-27936, CVE-2023-27939, CVE-2023-27944, CVE-2023-23525, CVE-2023-28215, CVE-2023-28187, CVE-2023-0433, CVE-2023-32435, CVE-2023-28180, CVE-2023-32426, CVE-2023-27957, CVE-2023-27933, CVE-2023-27958, CVE-2023-0049, CVE-2023-27954, CVE-2023-28182, CVE-2023-32362, CVE-2023-27962, CVE-2023-27969, CVE-2023-28210, CVE-2023-27946, CVE-2023-27934, CVE-2023-27942, CVE-2023-28192, CVE-2023-27929, CVE-2023-23543

The mystery of the CVEs that are not vulnerabilities

Trust: 4.75

Fetched: Sept. 20, 2023, 9:41 a.m., Published: Sept. 20, 2023, 8 a.m.
 Vulnerabilities: integer overflow
Affected productsExternal IDs
vendor: haxx model: curl
db: NVD ids: CVE-2020-19909

Security Policies: Protecting Your Computers & Network | Russ Harvey Consulting

Trust: 3.25

Fetched: Sept. 20, 2023, 9:40 a.m., Published: May 20, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: essential model: phone
vendor: trustwave model: secure web gateway
vendor: check point model: express
vendor: check point model: zonealarm
vendor: check point model: check point
vendor: google model: home
vendor: google model: google home
vendor: google model: wifi
vendor: google model: android
vendor: zoom model: client

Zero-Day Vulnerability | Breaking Cybersecurity News | The Hacker News

Trust: 3.0

Fetched: Sept. 20, 2023, 9:39 a.m., Published: Sept. 13, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: google chrome
vendor: google model: chrome

Apple Releases Emergency Security Updates

Trust: 3.5

Fetched: Sept. 20, 2023, 9:35 a.m., Published: Sept. 8, 2023, midnight
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: apple model: iphone
vendor: apple model: macos
vendor: apple model: watchos

CVE-2023-37758 - CVE.report

Related entries in the VARIoT vulnerabilities database: VAR-202307-1597

Trust: 4.75

Fetched: Sept. 20, 2023, 9:32 a.m., Published: -
 Vulnerabilities: buffer overflow
Affected productsExternal IDs
vendor: dlink model: dir-815
vendor: d-link model: dir-815
db: NVD ids: CVE-2023-37758

Zoom ZTP and AudioCodes Phones Vulnerable to Eavesdropping Attacks - CyberSec84 | Cybersecurity news.

Trust: 3.0

Fetched: Sept. 20, 2023, 9:31 a.m., Published: Aug. 12, 2023, 12:28 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: zoom model: client

CISA, Medtronic Urge Critical Patch of Cardiac Medical Device Tool Flaw - First Health Advisory

Trust: 3.75

Fetched: Sept. 20, 2023, 9:27 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Trust: 3.5

Fetched: Sept. 20, 2023, 9:26 a.m., Published: July 25, 2023, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

Samsung Smartphone Vulnerabilities Likely Exploited by Spyware Vendor Added to CISA ‘Must Patch’ List - VULNERA

Related entries in the VARIoT vulnerabilities database: VAR-202110-0167, VAR-202103-1332, VAR-202110-0169

Trust: 4.5

Fetched: Sept. 20, 2023, 9:22 a.m., Published: June 30, 2023, 12:42 p.m.
 Vulnerabilities: code execution, bounds access vulnerability, format string bug
Affected productsExternal IDs
vendor: d-link model: router
vendor: samsung model: samsung mobile
vendor: samsung model: mobile
vendor: google model: android
db: NVD ids: CVE-2021-25487, CVE-2021-25371, CVE-2021-25372, CVE-2023-21492, CVE-2021-25489, CVE-2021-25394, CVE-2021-25395