Recent IT Security Advisories
Sense of Security publishes security advisories on vulnerabilities identified through our security research in accordance with our vulnerability disclosure policy. It is our way of giving something back to the security community.
We have identified vulnerabilities in products from major vendors such as IBM, Cisco, Microsoft, Oracle, Sun, Apache, and Adobe.
2019
23-10-192018
25-10-1829-3-18Sense of Security – Security Advisory – SOS-18-002 – CA Workload Automation AE SQL Injection
29-3-18Sense of Security – Security Advisory – SOS-18-001 – CA Workload Automation AE RCE
2017
23-10-17Security Advisory – BSD lpd Access Control Bypass
10-2-17Security Advisory – Emsisoft Anti-Malware Behavior Blocker Bypass
2015
20-11-15Security Advisory – Microsoft Skype for Business 2016 Unauthorised Script Execution Vulnerability
14-4-15Security Advisory – ClickSoftware ClickSchedule Multiple Security Vulnerabilities
14-4-15Security Advisory – ClickSoftware ClickMobile Multiple Security Vulnerabilities
2-2-15Security Advisory – Splendid CRM XML External Entity Injection (XXE) Vulnerability
21-1-15Sense of Security – Security Advisory – SOS-15-001 – tcpdump Memory Disclosure Vulnerability
2014
14-12-14Sense of Security – Security Advisory – SOS-14-005 – SAP NetWeaver Business Client for HTML
14-12-14Security Advisory – SAP Work Manager, SAP CRM Service Manager and iOS Client
30-11-14Sense of Security – Security Advisory – SOS-14-003 – Cisco CUCDM Self Care Portal
30-11-14Sense of Security – Security Advisory – SOS-14-002 – Cisco CUCDM Administration Portal
30-11-14Security Advisory – Cisco CUCDM IP Phone Services
2013
10-9-13Security Advisory – Juniper Junos J-Web Privilege Escalation Vulnerability
29-4-13Security Advisory – Mi-Token Enterprise Edition and API Edition – Brute-Force Vulnerability
3-4-13Security Advisory – Google Active Directory Sync Tool Vulnerability
2012
30-11-12Sense of Security – Security Advisory – SOS-12-011 – SilverStripe CMS Multiple Vulnerabilities
10-10-12Security Advisory – FileBound Privilege Escalation Vulnerability
5-9-12Sense of Security – Security Advisory – SOS-12-009 – Ektron CMS Multiple Vulnerabilities
24-8-12Security Advisory – Elcom CMS – Community Manager Insecure File Upload Vulnerability
14-6-12Sense of Security – Security Advisory – SOS-12-007 – Squiz Matrix Multiple Vulnerabilities
13-6-12Sense of Security – Security Advisory – SOS-12-006 – QNAP Turbo NAS Multiple Vulnerabilities
3-5-12Security Advisory – Netgear WNDRMAC Exposure of Sensitive Information Vulnerability
12-3-12Sense of Security – Security Advisory – SOS-12-004 – Aurora WebOPAC SQL Injection Vulnerability
7-3-12Sense of Security – Security Advisory – SOS-12-003 – Iciniti Store SQL Injection Vulnerability
5-3-12Security Advisory – Symfony2 Local File Disclosure Vulnerability
23-2-12Security Advisory – Snom IP Phone Privilege Escalation and CSRF Vulnerability
2011
17-10-11Security Advisory – WordPress Plugin BackWPUp 2.1.4 Remote/Local Code Execution Vulnerability
20-9-11Security Advisory – NETGEAR Wireless Cable Modem Gateway CG814WG Auth Bypass and CSRF.
19-9-11Security Advisory – Cisco TelePresence Multiple Vulnerabilities
20-7-11Security Advisory – Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability
6-6-11Security Advisory – Foxit Reader 4.3.1.0218 Multiple Memory Corruption Vulnerabilities
20-5-11Security Advisory – PHPCaptcha / Securimage Authentication Bypass
18-5-11Security Advisory – Cisco Unified Operations Manager Multiple Vulnerabilities
3-5-11Security Advisory – Proofpoint Protection Server Cross-Site Scripting Vulnerability
15-4-11Sense of Security – Security Advisory – SOS-11-004 – cPassMan v1.82 Arbitrary File Download
28-3-11Security Advisory – WordPress plugin BackWPup Remote and Local Code Execution
28-2-11Security Advisory – PHP Blog Insert Authentication Security Bypass
21-1-11Sense of Security – Security Advisory – SOS-11-001 – Adobe Reader 9.4.1 Infinite Loop Condition
2010
20-12-10Security Advisory – Elcom Technology’s CommunityManager.NET Auth Bypass Vulnerability
6-10-10Security Advisory – Adobe Reader 9.3.4 Multiple Memory Corruption Vulnerabilities
5-3-10Security Advisory – Apache 2.2.14 modisapi Dangling Pointer Vulnerability
21-1-10Security Advisory – TheGreenBow VPN Client Local Stack Overflow
2009
30-10-09Security Advisory – SafeNet SoftRemote Local Buffer Overflow Vulnerability
17-8-09Sense of Security – Security Advisory – SOS-09-007 – Piwigo SQL Injection Vulnerability
12-8-09Security Advisory- Plume CMS Multiple SQL Injection Vulnerabilities
21-7-09Security Advisory – XOOPS Multiple Cross-Site Scripting Vulnerabilities
9-7-09Security Advisory – Lotus Sametime User Enumeration Vulnerability
30-4-09Security Advisory – Infor SCM SupplyWEB Multiple Vulnerabilities
24-2-09Security Advisory – Magento Multiple Cross-Site Scripting Vulnerabilities
23-2-09Sense of Security – Security Advisory – SOS-09-001 – Libero Cross-Site Scripting Vulnerability