-
Vulnerability in PrestaShop Google Integrator software
CERT Poland has received a report about a SQL injection vulnerability in the PrestaShop Google Integrator software and assigned it the number CVE-2023-6921.
Read more -
Vulnerability in class.upload.php open source library
Stored XSS vulnerability has been found in class.upload.php open source library (CVE-2023-6551).
Read more -
Vulnerability in CoolKit Technology eWeLink mobile application (Android & iOS)
CERT Poland has received a report about a vulnerability in the CoolKit Technology eWeLink mobile application (Android & iOS) and assigned it the number CVE-2023-6998.
Read more -
Vulnerability in MegaBIP and SmodBIP software
Stored XSS vulnerability has been found in SmodBIP and MegaBIP software (CVE-2023-5378).
Read more -
Russian Foreign Intelligence Service (SVR) Cyber Actors Use JetBrains TeamCity CVE in Global Targeting
CERT Polska, Polish Military Counterintelligence Service (SKW), and external partners assess Russian Foreign Intelligence Service (SVR) cyber actors, also known as APT 29, the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard, are exploiting CVE-2023-42793 at a large scale.
Read more -
Vulnerability in SAS 9.4 software
Reflected XSS vulnerability (CVE-2023-4932) has been found in SAS 9.4 software.
Read more -
Vulnerability in Apereo CAS software
CERT Poland has received a report about vulnerability in the Apereo CAS software and assigned it the number CVE-2023-4612.
Read more -
Vulnerability in SmodBIP software
Cross-Site Request Forgery vulnerability has been found in SmodBIP software (CVE-2023-4837).
Read more -
Vulnerability in UptimeDC software
CERT Poland has received a report about vulnerability in the UptimeDC software and assigned it the number CVE-2023-4997.
Read more -
Vulnerability in lua-http library
CERT Poland has received a report about vulnerability in the lua-http Library and assigned it the number CVE-2023-4540.
Read more