🔵Prestashop'id_product' SQL injection vulnerability (DC: 195-2021)
https://dailycve.com/prestashopidproduct-sql-injection-vulnerability
https://dailycve.com/prestashopidproduct-sql-injection-vulnerability
Dailycve
Prestashop'id_product' SQL injection vulnerability | CVE
Details:
PrestaShop is a free open source e-commerce solution, fully featured and cross-platform, built for web2.0.0.
SQL injection vulnerability of Prestashop'id product '. Vulnerabilities may be exploited by attackers to access personal information…
🔵Combodo iTop cross-site scripting vulnerability (DC- 194-2021):
https://dailycve.com/combodo-itop-cross-site-scripting-vulnerability
https://dailycve.com/combodo-itop-cross-site-scripting-vulnerability
Dailycve
Combodo iTop cross-site scripting vulnerability | CVE
Details:
Combodo iTop is free software for hardware, software and associated resources management.
Combodo iTop 2.7.2 and releases previous to 3.0.0 have bugs around cross-site scripting. This vulnerability can be abused by attackers to execute cross…
It's not possible to charge MacBook Pro, netizens collectively fry pot, Apple responds: device issue.
#Bugs
MORE DETAILS - https://undercodenews.com/its-not-possible-to-charge-macbook-pro-netizens-collectively-fry-pot-apple-responds-device-issue/16/01/2021/
#Bugs
MORE DETAILS - https://undercodenews.com/its-not-possible-to-charge-macbook-pro-netizens-collectively-fry-pot-apple-responds-device-issue/16/01/2021/
Microsoft patches odd defects in the successful execution of malware in Windows Defender.
#Vulnerabilities
MORE DETAILS - https://undercodenews.com/microsoft-patches-odd-defects-in-the-successful-execution-of-malware-in-windows-defender/16/01/2021/
#Vulnerabilities
MORE DETAILS - https://undercodenews.com/microsoft-patches-odd-defects-in-the-successful-execution-of-malware-in-windows-defender/16/01/2021/
🔵Nagios XI remote code execution vulnerability:
https://dailycve.com/nagios-xi-remote-code-execution-vulnerability
https://dailycve.com/nagios-xi-remote-code-execution-vulnerability
Dailycve
Nagios XI remote code execution vulnerability | CVE
Details:
Nagios XI, including dashboards, web-based setup, advanced reporting and rich data visualization, is a market monitoring solution built on Nagios Core.
The "Manage Plug-in" page in Nagios XI 5.8.0 or earlier has a remote code execution flaw.…
🔵IBM Security Guardium Insights Information Disclosure Vulnerability:
https://dailycve.com/ibm-security-guardium-insights-information-disclosure-vulnerability
https://dailycve.com/ibm-security-guardium-insights-information-disclosure-vulnerability
Dailycve
IBM Security Guardium Insights Information Disclosure Vulnerability | CVE
Details:
IBM Security Guardium Insights is a digital data security hybrid cloud center developed to offer a reliable view of the data security and enforcement status of an enterprise.
IBM Encryption Guardium Insights 2.0.2 has a flaw in privacy disclosure.…
The Russian authorities want licenses to be enforced for calls via Skype, Viber, WhatsApp
#International
MORE DETAILS - https://undercodenews.com/the-russian-authorities-want-licenses-to-be-enforced-for-calls-via-skype-viber-whatsapp/16/01/2021/
#International
MORE DETAILS - https://undercodenews.com/the-russian-authorities-want-licenses-to-be-enforced-for-calls-via-skype-viber-whatsapp/16/01/2021/
In the US, Xiaomi has fallen out of favour. Now, along with Huawei, she is on the "black list"
#Technologies
MORE DETAILS - https://undercodenews.com/in-the-us-xiaomi-has-fallen-out-of-favour-now-along-with-huawei-she-is-on-the-black-list/16/01/2021/
#Technologies
MORE DETAILS - https://undercodenews.com/in-the-us-xiaomi-has-fallen-out-of-favour-now-along-with-huawei-she-is-on-the-black-list/16/01/2021/
🔵Unpatched weak password vulnerability exists in the firewall gateway management system:
https://dailycve.com/unpatched-weak-password-vulnerability-exists-firewall-gateway-management-system
https://dailycve.com/unpatched-weak-password-vulnerability-exists-firewall-gateway-management-system
Dailycve
Unpatched weak password vulnerability exists in the firewall gateway management system | CVE
Details:
Youyou is a registered trademark of Shenzhen Hechen Technology Communication Co., Ltd. In 1998, the company was founded. Mailgard Youyou series mail server, mail archive, spam filtering gateway, mail gateway, global mail gateway, gateway for…
🔵Unpatched Information disclosure vulnerability exists in DedeCMSV6:
https://dailycve.com/unpatched-information-disclosure-vulnerability-exists-dedecmsv6
https://dailycve.com/unpatched-information-disclosure-vulnerability-exists-dedecmsv6
Dailycve
Unpatched Information disclosure vulnerability exists in DedeCMSV6 | CVE
Details:
DedeCMSV6 is developed based on PHP7.x, is extensible, and is completely open source.
DedeCMSV6 has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information
Affected Version:
DEDECMSV6 6.0.2…
Xiaomi: The folding smartphone of the giant appeared in some pictures.
#Technologies
MORE DETAILS - https://undercodenews.com/xiaomi-the-folding-smartphone-of-the-giant-appeared-in-some-pictures/16/01/2021/
#Technologies
MORE DETAILS - https://undercodenews.com/xiaomi-the-folding-smartphone-of-the-giant-appeared-in-some-pictures/16/01/2021/
We were compelled by the pandemic to spend even more time at home, on steam.
#Analytiques
MORE DETAILS - https://undercodenews.com/we-were-compelled-by-the-pandemic-to-spend-even-more-time-at-home-on-steam/16/01/2021/
#Analytiques
MORE DETAILS - https://undercodenews.com/we-were-compelled-by-the-pandemic-to-spend-even-more-time-at-home-on-steam/16/01/2021/
🔵Discourse security vulnerability (DC: 200 -2021)
https://dailycve.com/discourse-security-vulnerability
https://dailycve.com/discourse-security-vulnerability
Dailycve
Discourse security vulnerability | CVE
Details:
Discourse is a dialogue forum for an open source culture. Apps such as group, email and chat rooms are included in the platform. Discourse 2.7.0 by beta1 has a security weakness resulting from the dependency of 2FA on such rate-limit types.
…
AI chatbot'Iruda' DB and deep learning conversation model discards from Scatter Lab.
#Updates
MORE DETAILS - https://undercodenews.com/ai-chatbotiruda-db-and-deep-learning-conversation-model-discards-from-scatter-lab/16/01/2021/
#Updates
MORE DETAILS - https://undercodenews.com/ai-chatbotiruda-db-and-deep-learning-conversation-model-discards-from-scatter-lab/16/01/2021/
Amazon will allow other businesses to grow Alexa voice assistants from closed to open.
#International
MORE DETAILS - https://undercodenews.com/amazon-will-allow-other-businesses-to-grow-alexa-voice-assistants-from-closed-to-open/16/01/2021/
#International
MORE DETAILS - https://undercodenews.com/amazon-will-allow-other-businesses-to-grow-alexa-voice-assistants-from-closed-to-open/16/01/2021/
🔵Unpatched! All-around video format converter has dll hijacking vulnerability:
https://dailycve.com/unpatched-all-around-video-format-converter-has-dll-hijacking-vulnerability
https://dailycve.com/unpatched-all-around-video-format-converter-has-dll-hijacking-vulnerability
Dailycve
Unpatched! All-around video format converter has dll hijacking vulnerability | CVE
Details:
Jiajia Universal Video Format Converter is a video format converter that is professional, simple to run and insightful.
The Jiajia Universal Video Format Converter is vulnerable to DLL hijacking. The loaded DLL is not signed and checked until…
The Chrome browser want to uninstall the PWA application status bar.
#Updates
MORE DETAILS - https://undercodenews.com/the-chrome-browser-want-to-uninstall-the-pwa-application-status-bar/18/01/2021/
#Updates
MORE DETAILS - https://undercodenews.com/the-chrome-browser-want-to-uninstall-the-pwa-application-status-bar/18/01/2021/
