Sign-up

VARIoT news about IoT security

System BIOS komputerów Dell Inspiron 5415/5515 i Vostro 5415/5515 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Dec. 17, 2023, 10:17 a.m., Published: Dec. 12, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now

Related entries in the VARIoT vulnerabilities database: VAR-201703-0755

Trust: 5.0

Fetched: Dec. 17, 2023, 10:16 a.m., Published: Dec. 12, 2023, 5:23 a.m.
 Vulnerabilities: path traversal, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2023-50164, CVE-2017-5638

Samsung phones on high-risk security alert. What government advisory means for users

Trust: 3.0

Fetched: Dec. 17, 2023, 10:15 a.m., Published: Dec. 15, 2023, 4:55 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: samsung model: galaxy

Identify and remediate vulnerabilities for CVE-2022-27509

Related entries in the VARIoT vulnerabilities database: VAR-202207-2009

Trust: 3.0

Fetched: Dec. 17, 2023, 10:14 a.m., Published: Dec. 12, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2022-27509

Rising Security Weaknesses in the Automotive Industry and What It Can Do on the Road Ahead - Security News

Trust: 3.5

Fetched: Dec. 17, 2023, 10:12 a.m., Published: -
 Vulnerabilities: sql injection, integer overflow
Affected productsExternal IDs
vendor: trend micro model: security
vendor: trend model: security

Red Hat Keycloak - Security Vulnerabilities in 2023

Trust: 5.25

Fetched: Dec. 17, 2023, 10:11 a.m., Published: Dec. 17, 2023, midnight
 Vulnerabilities: authentication bypass, path traversal, replay attack...
Affected productsExternal IDs
vendor: nodejs model: node.js
vendor: node.js model: node.js
db: NVD ids: CVE-2020-1758, CVE-2019-10199, CVE-2019-3868, CVE-2021-3754, CVE-2019-10170, CVE-2018-14637, CVE-2022-1466, CVE-2019-14832, CVE-2022-3782, CVE-2020-35509, CVE-2021-3827, CVE-2020-14302, CVE-2020-14389, CVE-2019-10201, CVE-2022-4137, CVE-2020-10776, CVE-2020-1698, CVE-2018-14657, CVE-2020-1717, CVE-2022-0225, CVE-2021-3461, CVE-2019-10169, CVE-2020-1725, CVE-2020-10686, CVE-2019-14837, CVE-2019-10157, CVE-2021-20323, CVE-2020-27838, CVE-2020-10734, CVE-2018-14655, CVE-2018-10894, CVE-2020-1724, CVE-2019-14910, CVE-2022-1970, CVE-2023-0264, CVE-2022-1245, CVE-2021-20195, CVE-2021-20202, CVE-2020-1694, CVE-2019-14820, CVE-2019-3875, CVE-2020-14366, CVE-2020-1744, CVE-2022-3916, CVE-2020-27826, CVE-2020-10770, CVE-2020-10758, CVE-2020-14359, CVE-2019-14909, CVE-2022-4361, CVE-2020-1718, CVE-2018-14658, CVE-2020-1697, CVE-2018-10912, CVE-2021-3632, CVE-2021-4133, CVE-2021-3513, CVE-2023-4918, CVE-2022-2668, CVE-2021-20222, CVE-2020-1727, CVE-2020-1714, CVE-2020-1728, CVE-2021-3637, CVE-2017-12160, CVE-2022-1438, CVE-2021-3856, CVE-2021-20262, CVE-2022-1274, CVE-2023-1664

How Are DDoS Attacks Related to the Internet of Things | CitizenSide

Trust: 4.5

Fetched: Dec. 17, 2023, 10:10 a.m., Published: Dec. 12, 2023, 10:01 p.m.
 Vulnerabilities: denial of service, default credentials
Affected productsExternal IDs

Why has Indian govt issued high-risk warning against Samsung phones [Dos and Don'ts] - IBTimes India

Trust: 4.5

Fetched: Dec. 17, 2023, 10:08 a.m., Published: Dec. 14, 2023, 12:14 p.m.
 Vulnerabilities: memory corruption, integer overflow, improper access control
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: galaxy
vendor: samsung model: samsung galaxy
vendor: samsung model: knox

System BIOS do komputerów Alienware m15/m17 R4 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Dec. 17, 2023, 10:08 a.m., Published: Dec. 8, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

iOS 17.2 comes with these 10 important security fixes - 9to5Mac

Trust: 4.5

Fetched: Dec. 17, 2023, 10:07 a.m., Published: Dec. 11, 2023, 6:50 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: ipad air
vendor: apple model: watchos
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: ipad
vendor: apple model: safari
vendor: apple model: iphone
db: NVD ids: CVE-2023-42923, CVE-2023-42914, CVE-2023-42883, CVE-2023-42898, CVE-2023-42899, CVE-2023-42922, CVE-2023-42890, CVE-2023-42919, CVE-2023-42884, CVE-2023-42897, CVE-2023-42927

Government issues high-risk alert for Apple and Samsung products, cites multiple vulnerabilities | Technology News - The Indian Express

Trust: 4.75

Fetched: Dec. 17, 2023, 10:07 a.m., Published: Dec. 16, 2023, 8:27 a.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: samsung model: mobile
vendor: samsung model: samsung mobile
vendor: apple model: tvos
vendor: apple model: safari
vendor: apple model: watchos
vendor: apple model: macos

Apple's Emergency Updates Fix 2 New Zero-Day Vulnerabilities - Lansweeper

Trust: 5.5

Fetched: Dec. 17, 2023, 10:07 a.m., Published: Feb. 15, 2023, 7:39 a.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: apple model: ipad air
vendor: apple model: safari
vendor: apple model: webkit
vendor: apple model: macos
vendor: apple model: ipad
db: NVD ids: CVE-2023-42916, CVE-2023-42917

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Trust: 5.0

Fetched: Dec. 17, 2023, 10:06 a.m., Published: Dec. 12, 2023, 6:44 a.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: tvos
vendor: apple model: safari
vendor: apple model: watchos
vendor: apple model: iphone
vendor: apple model: webkit
vendor: apple model: macos
db: NVD ids: CVE-2023-42883, CVE-2023-45866, CVE-2023-42890, CVE-2023-42916, CVE-2023-42917

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201703-0755

Trust: 5.25

Fetched: Dec. 17, 2023, 10:06 a.m., Published: Dec. 15, 2023, midnight
 Vulnerabilities: path traversal, code execution
Affected productsExternal IDs
vendor: trend micro model: deep security
vendor: trend micro model: security
vendor: trend model: deep security
vendor: trend model: security
db: NVD ids: CVE-2023-50164, CVE-2017-5638

System BIOS komputera Dell XPS 15 7590 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: Dec. 17, 2023, 10:05 a.m., Published: Dec. 12, 2023, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Sierra:21 - Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks

Trust: 4.5

Fetched: Dec. 17, 2023, 10:05 a.m., Published: Dec. 6, 2023, 11:18 a.m.
 Vulnerabilities: code execution, cross-site scripting
Affected productsExternal IDs
vendor: sierra model: aleos
vendor: sierra wireless model: aleos

Cyber watchdog CERT-In issues hack alert on Apple, Samsung products - Times of India

Trust: 4.75

Fetched: Dec. 17, 2023, 10:04 a.m., Published: Dec. 15, 2023, 8:19 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: samsung model: note
vendor: apple model: apple tv
vendor: apple model: watch

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Related entries in the VARIoT vulnerabilities database: VAR-202312-0888

Trust: 6.0

Fetched: Dec. 17, 2023, 10:01 a.m., Published: Dec. 6, 2023, 5:23 a.m.
 Vulnerabilities: memory corruption, code execution
Affected productsExternal IDs
vendor: google model: android
db: NVD ids: CVE-2023-33107, CVE-2023-33063, CVE-2023-40088, CVE-2022-22071, CVE-2023-33106

Indian govt issues high risk warning against Samsung Galaxy S23 and other users, asks for urgent update - India Today

Trust: 4.5

Fetched: Dec. 17, 2023, 10:01 a.m., Published: Dec. 14, 2023, 3:57 a.m.
 Vulnerabilities: buffer overflow, memory corruption, integer overflow...
Affected productsExternal IDs
vendor: google model: android
vendor: samsung model: galaxy
vendor: samsung model: note
vendor: samsung model: mobile
vendor: samsung model: samsung galaxy
vendor: samsung model: samsung mobile
vendor: samsung model: knox

Configure Microsoft Defender for Endpoint in Microsoft Intune | Microsoft Learn

Trust: 3.0

Fetched: Dec. 17, 2023, 10 a.m., Published: Dec. 11, 2023, 9:11 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android