As part of our ongoing research and consulting efforts, we frequently discover vulnerabilities in third-party products. Committed to enhancing the security of the digital ecosystem, we publish detailed security advisories according our vulnerability disclosure policy. You can find the full security advisories with complete details in our Github repository.
Below is an overview of our latest security advisories:
-
Teltonika RUT9XX – Reflected Cross-Site Scripting (XSS) (CVE-2018-17532)
October 12, 2018 -
Smarty – Trusted-Directory Bypass via Path Traversal (CVE-2018-13982)
September 18, 2018 -
phpWhois – PHP Code Injection (CVE-2015-5243)
August 2, 2018 -
RXTEC RXAdmin – SQL Injection Vulnerability (CVE-2015-8298)
May 13, 2015 -
Polycom BToE Connector – Privilege Escalation Vulnerability (CVE-2015-8300)
May 13, 2015 -
KNX management software ETS – remote code execution vulnerability (CVE-2015-8299)
January 1, 2015