Sign-up

VARIoT news about IoT security

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution | Threatpost

Trust: 3.25

Fetched: Jan. 18, 2022, 11:24 a.m., Published: Nov. 30, 2021, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs

NVD - CVE-2021-20121

Trust: 3.0

Fetched: Jan. 18, 2022, 11:24 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-20121

Uniscan Vulnerability Scanner: Installation Guide and Examples

Trust: 3.5

Fetched: Jan. 18, 2022, 11:24 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: sql injection, remote file inclusion, file inclusion...
Affected productsExternal IDs

Senior Security Vulnerability Researcher - Stellen-ID: 1828569 | Amazon.jobs

Trust: 3.75

Fetched: Jan. 18, 2022, 11:23 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: memory corruption, privilege escalation
Affected productsExternal IDs
vendor: wireshark model: wireshark

Zero-day exploit lands for Windows privilege-escalation bug • The Register

Related entries in the VARIoT vulnerabilities database: VAR-202111-0697

Trust: 4.0

Fetched: Jan. 18, 2022, 11:22 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-42321, CVE-2021-41379

Vulnerabilities - Zephyr Project Documentation

Related entries in the VARIoT vulnerabilities database: VAR-202006-0258

Trust: 5.5

Fetched: Jan. 18, 2022, 11:21 a.m., Published: Jan. 4, 2022, midnight
 Vulnerabilities: information leak, code execution, information leakage...
Affected productsExternal IDs
vendor: mesh model: mesh
db: NVD ids: CVE-2021-3581, CVE-2020-10068, CVE-2020-13598, CVE-2020-10058, CVE-2020-10024, CVE-2021-3433, CVE-2021-3432, CVE-2021-3454, CVE-2020-10061, CVE-2020-10059, CVE-2020-10064, CVE-2020-10023, CVE-2020-10063, CVE-2020-13600, CVE-2020-10027, CVE-2020-10060, CVE-2021-3431, CVE-2021-3323, CVE-2021-3435, CVE-2020-10066, CVE-2020-10028, CVE-2021-3430, CVE-2020-10022, CVE-2020-13599, CVE-2020-13603, CVE-2020-10069, CVE-2020-10062, CVE-2020-13601, CVE-2021-3434, CVE-2020-10071, CVE-2021-3625, CVE-2021-3436, CVE-2021-3319, CVE-2021-3455, CVE-2021-3510, CVE-2020-10136, CVE-2020-10019, CVE-2020-10065, CVE-2020-10021, CVE-2021-3320, CVE-2020-10070, CVE-2021-3321, CVE-2020-13602, CVE-2020-10072, CVE-2020-10067

Eavesdropping flaws found in MediaTek-powered Android phones • The Register

Trust: 3.75

Fetched: Jan. 18, 2022, 11:21 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: check point model: check point
vendor: xiaomi model: redmi
db: NVD ids: CVE-2021-0661, CVE-2021-0673, CVE-2021-0663, CVE-2021-0662

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | NewsRadio 630 WLAP

Trust: 3.0

Fetched: Jan. 18, 2022, 11:21 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | 1290 WJNO

Trust: 3.0

Fetched: Jan. 18, 2022, 11:21 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | Real Radio 104.1

Trust: 3.0

Fetched: Jan. 18, 2022, 11:20 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Absolute Security Bulletin: Log4j2 Remote Code Execution (RCE) Vulnerability (CVE-2021-44228, CVE-2021-45046, CVE2021-45105 and CVE-2021-4104)

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566, VAR-202112-0562

Trust: 4.25

Fetched: Jan. 18, 2022, 11:20 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228, CVE-2021-4104, CVE-2021-45046

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | NewsRadio 840 WHAS

Trust: 3.0

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 15, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | Newsradio WTAM 1100

Trust: 3.0

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Nearly 100 TCP/IP Stack Vulnerabilities Found During 18-Month Research Project | SecurityWeek.Com

Trust: 4.0

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: treck model: tcp/ip stack

Hundreds Of Millions Of Devices At Risk From New Software Vulnerability | NewsRadio 560 WHYN

Trust: 3.0

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 14, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: apple model: icloud

Apache Log4J Vulnerability Daily Update | TIBCO Software

Related entries in the VARIoT vulnerabilities database: VAR-202112-2011, VAR-202112-1782, VAR-202112-0566, VAR-202112-0562

Trust: 3.5

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: tibco model: tibco enterprise message service
vendor: tibco model: rendezvous
vendor: tibco model: tibco rendezvous
vendor: tibco model: api exchange gateway
vendor: tibco model: enterprise message service
vendor: tibco software model: tibco enterprise message service
vendor: tibco software model: rendezvous
vendor: tibco software model: tibco rendezvous
vendor: tibco software model: api exchange gateway
vendor: tibco software model: enterprise message service
db: NVD ids: CVE-2021-44832, CVE-2021-45105, CVE-2021-44228, CVE-2021-45046

Update: Notice on potential impact of Apache Log4j vulnerability towards Ricoh products and services | Ricoh Europe

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 5.25

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices

Trust: 4.5

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 13, 2022, midnight
 Vulnerabilities: buffer overflow, directory traversal, code execution
Affected productsExternal IDs
vendor: snort.org model: snort
vendor: snort model: snort
db: NVD ids: CVE-2021-21905, CVE-2021-21904, CVE-2021-21901, CVE-2021-21909, CVE-2021-21907, CVE-2021-21908, CVE-2021-21906, CVE-2021-21903, CVE-2021-21902

30M Dell Devices at Risk for Remote BIOS Attacks, RCE | Threatpost

Trust: 3.0

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 18, 2022, 10:49 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Over 100 GE Healthcare Devices Affected by Critical Vulnerability | SecurityWeek.Com

Trust: 4.0

Fetched: Jan. 18, 2022, 11:19 a.m., Published: Jan. 18, 2022, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: ge healthcare model: xeleris
db: NVD ids: CVE-2020-25179