VARIoT latest news about IoT security

100+ Lenovo laptop models affected by UEFI BIOS vulnerabilities - NotebookCheck.net News Trust: 3.25 Fetched: June 1, 2022, 8:58 a.m., Published: June 10, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

lenovo

model:

bios

Samsung Device Vulnerability Archives - MobileSyrup Trust: 3.5 Fetched: June 1, 2022, 8:58 a.m., Published: May 31, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:

samsung

model:

samsung

Vulnerabilities in remote management agent impacts thousands of medical devices - Channel Asia Trust: 3.5 Fetched: June 1, 2022, 8:58 a.m., Published: June 1, 2022, midnight	Vulnerabilities: information leak, code execution, directory traversal...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-25248, CVE-2022-25247, CVE-2022-25246, CVE-2022-25251, CVE-2022-25250, CVE-2022-25249, CVE-2022-25252

Critical RCE Flaws Impact Medical Devices \| Decipher Trust: 4.5 Fetched: June 1, 2022, 8:58 a.m., Published: March 8, 2022, midnight	Vulnerabilities: code execution, information disclosure

Affected products

External IDs

db:

NVD

ids:

CVE-2022-25251, CVE-2022-25247, CVE-2022-25246

Zyxel security advisory for authentication bypass vulnerability of firewalls \| Zyxel Related entries in the VARIoT vulnerabilities database: VAR-202203-1898 Trust: 6.0 Fetched: June 1, 2022, 8:58 a.m., Published: May 27, 2022, 4:34 p.m.	Vulnerabilities: authentication bypass

Affected products

External IDs

vendor:

zyxel

model:

zywall

db:

NVD

ids:

CVE-2022-0342

HP Patches BIOS Vulnerabilities Affecting Over 200 Laptops, Workstations Trust: 3.25 Fetched: June 1, 2022, 8:58 a.m., Published: May 11, 2022, 8:15 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-3809, CVE-2021-3808

HP Patches BIOS Vulnerabilities Affecting Over 200 Laptops, Workstations \| PCMag Trust: 3.0 Fetched: June 1, 2022, 8:58 a.m., Published: -	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2021-3809, CVE-2021-3808

Google Reports 30 New Chrome Vulnerabilities, Releases Urgent Update Trust: 4.5 Fetched: June 1, 2022, 8:58 a.m., Published: May 11, 2022, 9:22 a.m.	Vulnerabilities: buffer overflow, use after free

Affected products

External IDs

vendor:	google	model:	google chrome
vendor:	google	model:	chrome

db:

NVD

ids:

CVE-2022-1477, CVE-2022-1478, CVE-2022-1481, CVE-2022-1479, CVE-2022-1480, CVE-2022-1482, CVE-2022-1483

Critical vulnerabilities discovered in millions of network switches \| TechRadar Trust: 4.0 Fetched: June 1, 2022, 8:58 a.m., Published: May 4, 2022, 2:57 p.m.	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-23676, CVE-2022-29861, CVE-2022-23677, CVE-2022-29860

OESIS Framework May 27, 2022 Release \| OPSWAT Related entries in the VARIoT vulnerabilities database: VAR-202010-1523 Trust: 3.75 Fetched: June 1, 2022, 8:58 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	apple inc.	model:	safari
vendor:	apple inc.	model:	itunes
vendor:	apple	model:	safari
vendor:	apple	model:	itunes

db:

NVD

ids:

CVE-2022-30013, CVE-2022-30959, CVE-2020-9983, CVE-2021-42704, CVE-2022-30965, CVE-2021-42700, CVE-2022-30958, CVE-2021-42702

'Dirty Pipe' Linux vulnerability discovered \| ZDNet Related entries in the VARIoT vulnerabilities database: VAR-201611-0386, VAR-202203-0043 Trust: 3.5 Fetched: June 1, 2022, 8:58 a.m., Published: June 5, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

vendor:	google	model:	android
vendor:	google	model:	pixel
vendor:	ring	model:	ring

db:

NVD

ids:

CVE-2016-5195, CVE-2022-0847

An In-Depth Look at ICS Vulnerabilities Part 1 Trust: 4.0 Fetched: June 1, 2022, 8:58 a.m., Published: March 30, 2022, midnight	Vulnerabilities: authentication bypass

Affected products

External IDs

db:

NVD

ids:

CVE-2021-30116

Java Spring vulnerabilities \| AT&T Alien Labs Related entries in the VARIoT vulnerabilities database: VAR-202203-1506 Trust: 4.75 Fetched: June 1, 2022, 8:58 a.m., Published: June 2, 2022, midnight	Vulnerabilities: code execution

Affected products

External IDs

db:

NVD

ids:

CVE-2022-22965, CVE-2022-22963

Record High Number of Zero-Day Vulnerabilities, Numbers May Be Owed to Improved Detection Says Mandiant and Google - CPO Magazine Trust: 3.5 Fetched: June 1, 2022, 8:58 a.m., Published: April 25, 2022, 6:19 a.m.	Vulnerabilities: memory corruption

Affected products

External IDs

vendor:	apple	model:	safari
vendor:	apple	model:	webkit
vendor:	google	model:	android

BIG-IP and BIG-IQ SCP vulnerability CVE-2022-26340 Related entries in the VARIoT vulnerabilities database: VAR-202205-0222 Trust: 3.25 Fetched: June 1, 2022, 8:58 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2022-26340

OESIS Framework May 25, 2022 Release \| OPSWAT Related entries in the VARIoT vulnerabilities database: VAR-201901-1456, VAR-202010-1520, VAR-202205-0624, VAR-202205-0625, VAR-202205-0841, VAR-202205-0904, VAR-202205-0626, VAR-202205-0900, VAR-202205-0896, VAR-202205-0417, VAR-201807-1618, VAR-202010-1499 Trust: 3.5 Fetched: June 1, 2022, 8:58 a.m., Published: -	Vulnerabilities: -

Affected products

External IDs

vendor:	node.js	model:	node.js
vendor:	check point	model:	check point
vendor:	check point	model:	zonealarm

db:

NVD

ids:

CVE-2020-8251, CVE-2022-28239, CVE-2022-28251, CVE-2022-28244, CVE-2021-23972, CVE-2022-28250, CVE-2022-28252, CVE-2022-28261, CVE-2022-28267, CVE-2019-0545, CVE-2020-8252, CVE-2021-23974, CVE-2022-28260, CVE-2020-9979, CVE-2022-23267, CVE-2022-28263, CVE-2020-8201, CVE-2022-28268, CVE-2022-28837, CVE-2022-28256, CVE-2021-37851, CVE-2022-29117, CVE-2022-28257, CVE-2022-28253, CVE-2021-36613, CVE-2022-29148, CVE-2021-3254, CVE-2022-28264, CVE-2022-28240, CVE-2022-23742, CVE-2022-28258, CVE-2022-28246, CVE-2022-28248, CVE-2022-28255, CVE-2022-29145, CVE-2022-30557, CVE-2022-28259, CVE-2022-29354, CVE-2021-27351, CVE-2022-28245, CVE-2021-21341, CVE-2022-29928, CVE-2022-29927, CVE-2019-10219, CVE-2022-23743, CVE-2022-28266, CVE-2022-28243, CVE-2022-28247, CVE-2022-28265, CVE-2021-36614, CVE-2022-28269, CVE-2022-29929, CVE-2021-43066, CVE-2018-8356, CVE-2022-28241, CVE-2022-28262, CVE-2022-28818, CVE-2020-9992, CVE-2021-3611, CVE-2022-28242, CVE-2022-28838, CVE-2022-28249, CVE-2022-28254

The Top 15 Most Routinely Exploited Vulnerabilities of 2021 Related entries in the VARIoT vulnerabilities database: VAR-201906-0815, VAR-202112-0566, VAR-202008-0248 Trust: 5.5 Fetched: June 1, 2022, 8:58 a.m., Published: June 15, 2022, midnight	Vulnerabilities: privilege escalation, code execution, security bypass...

Affected products

External IDs

vendor:

qnap

model:

qnap qts

db:

NVD

ids:

CVE-2021-26858, CVE-2021-34473, CVE-2018-13379, CVE-2021-26855, CVE-2021-34523, CVE-2021-44228, CVE-2021-40539, CVE-2021-26857, CVE-2019-11510, CVE-2021-31207, CVE-2020-1472, CVE-2021-27065

Critical "Access:7" Supply Chain Vulnerabilities Impact ATMs, Medical and IoT Devices - Patabook Technology Trust: 3.5 Fetched: June 1, 2022, 8:58 a.m., Published: March 8, 2022, 11:30 a.m.	Vulnerabilities: buffer overflow, code execution, information disclosure...

Affected products

External IDs

db:

NVD

ids:

CVE-2022-25248, CVE-2022-25247, CVE-2022-25246, CVE-2022-25251, CVE-2022-25250, CVE-2022-25249, CVE-2022-25252

9 Open Source Intelligence (OSINT) Tools for Penetration Testing Trust: 3.75 Fetched: June 1, 2022, 8:58 a.m., Published: Sept. 3, 2019, 7:33 a.m.	Vulnerabilities: -

Affected products

External IDs

vendor:

google

model:

chrome

CVE-2022-29591 Tenda TX9 Pro 22.03.02.10 devices have a SetNet... Related entries in the VARIoT vulnerabilities database: VAR-202205-0858 Trust: 3.25 Fetched: June 1, 2022, 8:58 a.m., Published: June 9, 2022, midnight	Vulnerabilities: -

Affected products

External IDs

db:

NVD

ids:

CVE-2022-29591

VARIoT news about IoT security