Weak password vulnerability in Lantern Fruit routers

Shenzhen Zhizhi High-tech Development Co., Ltd. was founded in September 2013, is a high-tech enterprise with independent intellectual property rights, specializing in research and development, production and sales of intelligent home. Lantern Fruit router has a weak password vulnerability,...

SQL Injection Vulnerability in GNSS Web Server of Guangzhou Nanfang Satellite Navigation Instrument Co.

Guangzhou Nanfang Satellite Navigation Instrument Co., Ltd Nanfang Satellite Navigation, belonging to Nanfang Surveying and Mapping Group, is a high-tech industrial company dedicated to the research and development, production and sales of global positioning and navigation satellite GNSS...

Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w)

According to its self-reported version, Cisco Application Services Engine affected by multiple Unauthorized Access Vulnerabilities. - A vulnerability in Cisco Application Services Engine could allow an unauthenticated, remote attacker to access a privileged service on an affected device. The...

French Spyware Executives Are Indicted for Aiding Torture

The managers are accused of selling tech to Libya and Egypt that was used to identify activists, read private messages, and kidnap, torture, or kill them...

SQL Injection Vulnerability in Shenzhen Zhengye Jiu Kun Information Technology Co.

Shenzhen Zhengye Jiu Kun Information Technology Co., Ltd. is a national high-tech enterprise engaged in intelligent manufacturing overall program planning and design, integrated application and industrial Internet platform development. Ltd. building system there is a SQL injection vulnerability,...

Unauthorized Access Vulnerability in Wireless Signal Extender of Shenzhen Jixiang Tengda Technology Co.

Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating independent research and development, production and sales of network equipment. Shenzhen Jixiang Tengda Technology Co., Ltd Wireless Signal Extender has an unauthorized access vulnerability that can be exploited b...

Arbitrary File Download Vulnerability in Flying FishStar Next-Generation Firewall Security Gateway

Chengdu Flying Fish Star Technology Co., Ltd. is one of the few local enterprises in the industry with independent intellectual property rights and independent R & D capabilities, focusing on the digital communication industry, the Internet of Things industry product innovation and research and...

Logic flaws and vulnerabilities in the government procurement transaction system of Hangzhou Pinming Information Technology Co.

Hangzhou Pinming Information Technology Co., Ltd. is a high-tech enterprise dedicated to building a domestic leading public resource transaction informationization field. A logic flaw vulnerability exists in the government procurement transaction system of Hangzhou Pinming Information Technology...

Logic flaw vulnerability in the lock group management system of Jiangsu Esso Electronic Technology Co.(CNVD-2021-45710)

Ltd. is specialized in substation video monitoring system, passive intelligent lock group management system development, power intelligent auxiliary monitoring system, distribution room monitoring system, intelligent access control system, production and sales of high-tech enterprises. Ltd. lock...

Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. "FLoC is premised on a compelling...

SQL Injection Vulnerability in Website Building System of Wuhan Dongxin Tongbang Information Technology Co.

Wuhan Dongxin Tongbang Information Technology Co., Ltd ETAH is a high-tech enterprise with a number of highly independent core intellectual property rights. There is a SQL injection vulnerability in the website building system of Wuhan Dongxin Tongbang Information Technology Co. Attackers can...

Command Execution Vulnerability in NETSYS of Shenzhen Netland Technology Co.

Ltd. was founded in 2004, is a high-tech enterprise specializing in the development of computer network security equipment. Shenzhen NETSYS Technology Co., Ltd NETSYS has a command execution vulnerability that can be exploited by attackers to execute arbitrary commands...

Command Execution Vulnerability in TOTOLINK T10 Router (CNVD-2021-43461)

TOTOLINK is a brand held by Gion Electronics Shenzhen Co., Ltd, founded in 1999, is a Hong Kong-listed high-tech foreign-funded enterprises stock code: HK.8287, one of the world's leading network equipment suppliers. A command execution vulnerability exists in the TOTOLINK T10 router, which can b...

Arbitrary File Download Vulnerability in NETSYS of Shenzhen NetSys Technology Co.

Ltd. was founded in 2004, is a high-tech enterprise specializing in the development of computer network security equipment. Shenzhen NETSYS Technology Co., Ltd NETSYS has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive information...

Unauthorized Access Vulnerability in Network Video Surveillance System of Tianmai Technology

Tianmai Technology is a national high-tech enterprise focusing on the field of intelligent public transportation. The company's main business is to provide comprehensive solutions for urban bus operation, management and service based on Telematics technology. There is an unauthorized access...

SQL Injection Vulnerability in BuildingEasy™, a Comprehensive Management Information System of Shanghai Jinhui Software Co.

Shanghai Jinhui Software Co., Ltd. is a double-soft certified enterprise and high-tech enterprise recognized by Shanghai. A SQL injection vulnerability exists in BuildingEasy™, a comprehensive management information system of Shanghai Jinhui Software Co. An attacker can exploit this vulnerability...

ATOM-Smart life App 信任管理问题漏洞

ATOM tech ATOM-Smart life App is a smart life application from ATOM tech, Japan. ATOM-Smart life App 1.8.0 suffers from a trust management issue vulnerability that originates from improper server certificate validation. A remote attacker can exploit this vulnerability to conduct a MitM attack on...

JVN#64064138: ATOM - Smart life App vulnerable to improper server certificate verification

ATOM - Smart life App provided by ATOM tech Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update the application to the latest version...

RebornCore library remote code execution vulnerability

RebornCore library is a library of mods for Tech Reborn, including Tech Reborn, Quantum Storage, Fluxed Redstone, Hardcore Map Reset, and more. A remote code execution vulnerability exists in versions of the RebornCore library prior to 4.7.3, which can be exploited by an attacker to remotely...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10-FP70 and Version 8 SR6-FP15 used by IBM Tivoli Application Dependency Discovery Manager TADDM. These issues were disclosed as part of the IBM Java SDK updates in Oct2020. Vulnerability Details CVEID:...