Recent IT Security Advisories

Sense of Security publishes security advisories on vulnerabilities identified through our security research in accordance with our vulnerability disclosure policy. It is our way of giving something back to the security community.

We have identified vulnerabilities in products from major vendors such as IBM, Cisco, Microsoft, Oracle, Sun, Apache, and Adobe.

2015

20-11-15

Sense of Security – Security Advisory – SOS-15-005 – Microsoft Skype for Business 2016 Unauthorised Script Execution Vulnerability

14-4-15

Sense of Security – Security Advisory – SOS-15-004 – ClickSoftware ClickSchedule Multiple Security Vulnerabilities

14-4-15

Sense of Security – Security Advisory – SOS-15-003 – ClickSoftware ClickMobile Multiple Security Vulnerabilities

2-2-15

Sense of Security – Security Advisory – SOS-15-002 – Splendid CRM XML External Entity Injection (XXE) Vulnerability

21-1-15

Sense of Security – Security Advisory – SOS-15-001 – tcpdump Memory Disclosure Vulnerability

2014

14-12-14

Sense of Security – Security Advisory – SOS-14-005 – SAP NetWeaver Business Client for HTML

14-12-14

Sense of Security – Security Advisory – SOS-14-004 – SAP Work Manager, SAP CRM Service Manager and iOS Client

30-11-14

Sense of Security – Security Advisory – SOS-14-003 – Cisco CUCDM Self Care Portal

30-11-14

Sense of Security – Security Advisory – SOS-14-002 – Cisco CUCDM Administration Portal

30-11-14

Sense of Security – Security Advisory – SOS-14-001 – Cisco CUCDM IP Phone Services – Security Advisory

2013

10-9-13

Sense of Security – Security Advisory – SOS-13-003 – Juniper Junos J-Web Privilege Escalation Vulnerability.

29-4-13

Sense of Security – Security Advisory – SOS-13-002 – Mi-Token Enterprise Edition and API Edition – Brute-Force Vulnerability

3-4-13

Sense of Security – Security Advisory – SOS-13-001 – Google Active Directory Sync Tool Vulnerability

2012

30-11-12

Sense of Security – Security Advisory – SOS-12-011 – SilverStripe CMS Multiple Vulnerabilities

10-10-12

Sense of Security – Security Advisory – SOS-12-010 – FileBound Privilege Escalation Vulnerability

5-9-12

Sense of Security – Security Advisory – SOS-12-009 – Ektron CMS Multiple Vulnerabilities

24-8-12

Sense of Security – Security Advisory – SOS-12-008 – Elcom CMS – Community Manager Insecure File Upload Vulnerability

14-6-12

Sense of Security – Security Advisory – SOS-12-007 – Squiz Matrix Multiple Vulnerabilities

13-6-12

Sense of Security – Security Advisory – SOS-12-006 – QNAP Turbo NAS Multiple Vulnerabilities

3-5-12

Sense of Security – Security Advisory – SOS-12-005 – Netgear WNDRMAC Exposure of Sensitive Information Vulnerability

12-3-12

Sense of Security – Security Advisory – SOS-12-004 – Aurora WebOPAC SQL Injection Vulnerability

7-3-12

Sense of Security – Security Advisory – SOS-12-003 – Iciniti Store SQL Injection Vulnerability

5-3-12

Sense of Security – Security Advisory – SOS-12-002 – Symfony2 Local File Disclosure Vulnerability

23-2-12

Sense of Security – Security Advisory – SOS-12-001 – Snom IP Phone Privilege Escalation and CSRF Vulnerability

2011

17-10-11

Sense of Security – Security Advisory – SOS-11-012 – WordPress Plugin BackWPUp 2.1.4 Remote/Local Code Execution Vulnerability

20-9-11

Sense of Security – Security Advisory – SOS-11-011 – NETGEAR Wireless Cable Modem Gateway CG814WG Auth Bypass and CSRF.

19-9-11

Sense of Security – Security Advisory – SOS-11-010 – Cisco TelePresence Multiple Vulnerabilities

20-7-11

Sense of Security – Security Advisory – SOS-11-009 – Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability

6-6-11

Sense of Security – Security Advisory – SOS-11-008 – Foxit Reader 4.3.1.0218 Multiple Memory Corruption Vulnerabilities

20-5-11

Sense of Security – Security Advisory – SOS-11-007 – PHPCaptcha / Securimage Authentication Bypass

18-5-11

Sense of Security – Security Advisory – SOS-11-006 – Cisco Unified Operations Manager Multiple Vulnerabilities

3-5-11

Sense of Security – Security Advisory – SOS-11-005 – Proofpoint Protection Server Cross-Site Scripting Vulnerability.

15-4-11

Sense of Security – Security Advisory – SOS-11-004 – cPassMan v1.82 Arbitrary File Download

28-3-11

Sense of Security – Security Advisory – SOS-11-003 – WordPress plugin BackWPup Remote and Local Code Execution.

28-2-11

Sense of Security – Security Advisory – SOS-11-002 – PHP Blog Insert Authentication Security Bypass

21-1-11

Sense of Security – Security Advisory – SOS-11-001 – Adobe Reader 9.4.1 Infinite Loop Condition

2010

20-12-10

Sense of Security – Security Advisory – SOS-10-004 – Elcom Technology’s CommunityManager.NET Auth Bypass Vulnerability

6-10-10

Sense of Security – Security Advisory – SOS-10-003 – Adobe Reader 9.3.4 Multiple Memory Corruption Vulnerabilities

5-3-10

Sense of Security – Security Advisory – SOS-10-002 – Apache 2.2.14 mod_isapi Dangling Pointer Vulnerability

21-1-10

Sense of Security – Security Advisory – SOS-10-001 – TheGreenBow VPN Client Local Stack Overflow

2009

30-10-09

Sense of Security – Security Advisory – SOS-09-008 – SafeNet SoftRemote Local Buffer Overflow Vulnerability

17-8-09

Sense of Security – Security Advisory – SOS-09-007 – Piwigo SQL Injection Vulnerability

12-8-09

Sense of Security – Security Advisory – SOS-09-006 – Plume CMS Multiple SQL Injection Vulnerabilities

21-7-09

Sense of Security – Security Advisory – SOS-09-005 – XOOPS Multiple Cross-Site Scripting Vulnerabilities

9-7-09

Sense of Security – Security Advisory – SOS-09-004 – Lotus Sametime User Enumeration Vulnerability

30-4-09

Sense of Security – Security Advisory – SOS-09-003 – Infor SCM SupplyWEB Multiple Vulnerabilities

24-2-09

Sense of Security – Security Advisory – SOS-09-002 – Magento Multiple Cross-Site Scripting Vulnerabilities

23-2-09

Sense of Security – Security Advisory – SOS-09-001 – Libero Cross-Site Scripting Vulnerability