The usd HeroLab pentesters identified vulnerabilities in products from Microsoft and RabbitMQ while conducting their security analyses. In close cooperation with the manufacturers, usd AG supports the successful elimination of the security vulnerabilities. Specifically, the vulnerability categories are as follows: …
Security Advisory 05/2021
The usd HeroLab pentesters identified vulnerabilities in products from VMWare and Bitdefender while conducting their security analyses. In close cooperation with the manufacturers, the security vulnerabilities were successfully closed. Specifically, the vulnerability categories are as follows: Cross-site Scripting Improper Input …
Security Advisory 04/2021
The usd HeroLab pentesters identified a vulnerability in Microsoft Windows 10 while conducting their security analysis. The disclosure of vulnerabilities is made in accordance with usd HeroLabs Responsible Disclosure Policy. For detailed technical information about the identified security vulnerability, please refer …
Security Advisory 03/2021
The usd HeroLab pentesters identified a vulnerability in Check Point’s Identity Agent for Microsoft Windows while conducting their security analysis. In cooperation with the manufacturer’s security response team, the vulnerability was successfully fixed and a corresponding patch was deployed. The …
Security Advisory 02/2021
During security analyses usd HeroLab penetration testers have identified two vulnerabilites in the online shop management system Zen Cart and in a specially developed plugin. In cooperation with the responsible developers and manufacturers, the following security vulnerabilities were successfully fixed: …
Security Advisory 01/2021
usd HeroLab penetration testers have identified a path traversal vulnerability during security analyses. This vulnerability affects the product Mailoptimizer. In accordance with usd HeroLabs Responsible Disclosure Policy, the vendor has been notified of the existence of this vulnerability. In the …
Security Advisories 10/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products OScommerce Phoenix CE, NeoPost Mail Accounting Software und SQL Server Management Studio. The following vulnerability classes were identified: Authenticated Remote Code Execution Cross …
Security Advisory 09/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products Gophish and Net-SNMP. The following vulnerability classes were identified: Stored Cross-Site Scripting Non-persistent Self Cross-Site Scripting Clickjacking CSV Injection Insufficient Session Expiration Elevation …
Hack The Box: Fatty Writeup
A full walkthrough of the Hack The Box “Fatty” machine, written by the machine maker (qtc).
Hack The Box: Oouch Writeup
A full walkthrough of the Hack The Box “Oouch” machine, written by the machine maker (qtc).