LabNews
Security Advisory for CleverReach
The analysts at usd HeroLab examined CleverReach as part of their security analyses. This revealed a vulnerability in the Authentication Bypass Using an Alternate Path or...
Security Advisories for CA Harvest
The analysts at usd HeroLab examined CA Harvest Software Change Manager as part of their security analyses. This revealed a vulnerability in the CSV export functionality, which...
Security Advisories for Vodafone Station
usd HeroLab analysts have identified vulnerabilities in the software of Vodafone station routers that allowed an unauthenticated user with access to the network to make changes...
Security Advisories for Apache Karaf <=4.3.2
The analysts at usd HeroLab examined the Apache Karaf software as part of their security analyses. This revealed a vulnerability in the deserialization of data, which was...
Write-up Registration Challenge Hackercontest Summer 22
Security Advisories for FileCloud < v21.3
The usd HeroLab analysts identified cross-site request forgery (CSRF) vulnerabilities in FileCloud's enterprise file sharing solution while conducting their security analyses. In...
Security Advisory for Micro Focus HPE Operations Agent 12.04.006
Our HeroLab analysts have performed a security analysis on the product HPE Operations Agent by Micro Focus. They identified an XXE (XML eXternal Entity) vulnerability in 2019....
Security Advisory for Zulip <= v4.7
Our HeroLab analysts have performed a security analysis on the open-source collaboration software Zulip. They identified a server-side request forgery vulnerability that in older...
Security Advisory for Thruk Monitoring < v2.46.3
Our analysts at usd HeroLab have examined the Thruk monitoring web interface for e.g. Naemon, Nagios or Icinga during their security analysis. A reflected Cross-site Scripting in...
Security Advisory for Grafana < v8.1.3
Our analysts at usd HeroLab discovered security vulnerabilities in Grafana's input validation while performing their pentests. Through these vulnerabilities it was possible to...
Security Advisory for VMware Workspace ONE Intelligent Hub
Our usd HeroLab pentesters have identified a vulnerability in VMware Workspace ONE Intelligent Hub software while conducting their security analyses. It is a Hidden Functionality...
Security Advisory 11/2021
The usd HeroLabs pentesters have identified vulnerabilities in various products of well-known manufacturers while conducting their security...
Security Advisory 10/2021
The usd HeroLabs pentesters have identified a vulnerability in the product of Microsofts Exchange Server 2016 while conducting their security analyses. Specifically, this is a...
Security Advisory 09/2021
The usd HeroLabs pentesters have identified a vulnerability in the products of the manufacturers Matrix42 and Themeco while conducting their security analyses. Specifically, this...
Security Advisory 08/2021
The usd HeroLabs pentesters have identified a vulnerability in the products of the manufacturer TIBCO while conducting their security analyses. Specifically, this is a...
Security Advisory 07/2021
The usd HeroLab pentesters identified vulnerabilities in products from ManageEngine and Red Hat while conducting their security analyses. In close cooperation with the...
Security Advisory 06/2021
The usd HeroLab pentesters identified vulnerabilities in products from Microsoft and RabbitMQ while conducting their security analyses. In close cooperation with the...
Security Advisory 05/2021
The usd HeroLab pentesters identified vulnerabilities in products from VMWare and Bitdefender while conducting their security analyses. In close cooperation with the...
Security Advisory 04/2021
The usd HeroLab pentesters identified a vulnerability in Microsoft Windows 10 while conducting their security analysis. The disclosure of vulnerabilities is made in accordance...
Security Advisory 03/2021
The usd HeroLab pentesters identified a vulnerability in Check Point’s Identity Agent for Microsoft Windows while conducting their security analysis. In cooperation with the...