-
Several vulnerabilities in PAX payment terminals
CERT Poland has received a report about 5 vulnerabilities found in PAX POS (Point Of Sale) devices.
Read more -
Vulnerabilities in Hongdian Router H8951-4G-ESP software
10 vulnerabilities (from CVE-2023-49253 to CVE-2023-49262) has been found in Hongdian Router H8951-4G-ESP software.
Read more -
Vulnerability in Kofax Capture software
Stored XSS vulnerability (CVE-2023-5118) has been found in Kofax Capture software.
Read more -
Vulnerability in TCExam software
A vulnerability has been found in the TCExam open source software (CVE-2023-6554).
Read more -
Vulnerability in TasmoAdmin software
An open redirect vulnerability has been found in the TasmoAdmin open source software (CVE-2023-6552).
Read more -
Vulnerability in PrestaShop Google Integrator software
CERT Poland has received a report about a SQL injection vulnerability in the PrestaShop Google Integrator software and assigned it the number CVE-2023-6921.
Read more -
Vulnerability in class.upload.php open source library
Stored XSS vulnerability has been found in class.upload.php open source library (CVE-2023-6551).
Read more -
Vulnerability in CoolKit Technology eWeLink mobile application (Android & iOS)
CERT Poland has received a report about a vulnerability in the CoolKit Technology eWeLink mobile application (Android & iOS) and assigned it the number CVE-2023-6998.
Read more -
Vulnerability in MegaBIP and SmodBIP software
Stored XSS vulnerability has been found in SmodBIP and MegaBIP software (CVE-2023-5378).
Read more -
Russian Foreign Intelligence Service (SVR) Cyber Actors Use JetBrains TeamCity CVE in Global Targeting
CERT Polska, Polish Military Counterintelligence Service (SKW), and external partners assess Russian Foreign Intelligence Service (SVR) cyber actors, also known as APT 29, the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard, are exploiting CVE-2023-42793 at a large scale.
Read more