XSS (Cross-site Scripting) vulnerability (CVE-2024-10385) has been found in DirectAdmin Evolution Skin software.

Incorrect Authorization vulnerability (CVE-2023-4617) has been found in Govee Home mobile application on Android and iOS.

CERT Polska has received a report about 2 vulnerabilities ( CVE-2024-4995 and CVE-2024-4996) found in Wapro ERP Desktop software from Asseco Business Solutions.

CERT Polska has received a report about 2 XSS (Cross-site Scripting) vulnerabilities (CVE-2024-7874 and CVE-2024-7875) found in Tungsten Automation (formerly Kofax) TotalAgility software.

Improper Verification of Intent by Broadcast Receiver vulnerability (CVE-2024-10576) allowing unauthorized factory reset has been found in Infinix Mobile preloaded application com.transsion.agingfunction.

Path Traversal vulnerability (CVE-2024-11136) has been found in TCL Camera software.

Reflected XSS vulnerability (CVE-2024-7124) has been found in Poznan Supercomputing and Networking Center's DInGO dLibra software.

Privilege escalation vulnerability (CVE-2023-42133) has been found in PAX Android based POS terminals.

Resource Injection vulnerability (CVE-2024-6051) has been found in Vercom S.A. Redlink SDK.

2 new vulnerabilities (CVE-2024-6662 and CVE-2024-6880) have been found in MegaBIP software.