IT Security Research
IT Security Advisories
The innovations for the future need
secure foundations today.
With information technology now embedded in all business activities, security is an enterprise concern.

Recent IT Security Advisories

Sense of Security publishes security advisories on vulnerabilities identified through our security research in accordance with our vulnerability disclosure policy. It is our way of giving something back to the security community.

We have identified vulnerabilities in products from major vendors such as IBM, Cisco, Google, Oracle, Sun, Apache, and Adobe.

2013

10-09-2013
SOS-13-003 - Juniper Junos J-Web Privilege Escalation Vulnerability

29-04-2013
SOS-13-002 - Mi-Token Enterprise Edition & API Edition – Brute-Force Vulnerability

03-04-2013
SOS-13-001 - Google AD Sync Tool - Exposure of Sensitive Information Vulnerability

2012

30-11-2012
SOS-12-011 - SilverStripe CMS Multiple Vulnerabilities

10-10-2012
SOS-12-010 - FileBound Privilege Escalation Vulnerability

05-09-2012
SOS-12-009 - Ektron CMS Multiple Vulnerabilities

24-08-2012
SOS-12-008 - Elcom CMS Community Manager Insecure File Upload Vulnerability

14-06-2012
SOS-12-007 - Squiz Matrix Multiple Vulnerabilities

13-06-2012
SOS-12-006 - QNAP Turbo NAS Multiple Vulnerabilities

03-05-2012
SOS-12-005 - NETGEAR WNDRMAC Exposure of Sensitive Information Vulnerability

12-03-2012
SOS-12-004 - Aurora WebOPAC SQL Injection Vulnerability

07-03-2012
SOS-12-003 - Iciniti Store SQL Injection Vulnerability

05-03-2012
SOS-12-002 - Symfony2 Local File Disclosure Vulnerability

23-02-2012
SOS-12-001 - Snom IP Phone Privilege Escalation and CSRF Vulnerability

2011

17-10-2011
SOS-11-012 - Wordpress Plugin BackWPUp 2.1.4 Remote/Local Code Execution Vulnerability

20-09-2011
SOS-11-011 - NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF Vulnerability

19-09-2011
SOS-11-010 - Cisco TelePresence Multiple Vulnerabilities

20-07-2011
SOS-11-009 - Oracle GlassFish Enterprise Server Stored XSS Vulnerability

06-06-2011
SOS-11-008 - Foxit Reader 4.3.1.0218 Multiple Memory Corruption Vulnerabilities

20-05-2011
SOS-11-007 - PHPCaptcha / Securimage Authentication Bypass Vulnerability

18-05-2011
SOS-11-006 - Cisco Unified Operations Manager Multiple Vulnerabilities

03-05-2011
SOS-11-005 - Proofpoint Protection Server Cross-Site Scripting Vulnerability

15-04-2011
SOS-11-004 - cPassMan v1.82 Arbitrary File Download Vulnerability

28-03-2011
SOS-11-003 - Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability

28-02-2011
SOS-11-002 - PHP Blog Insert Authentication Bypass Vulnerability

21-01-2011
SOS-11-001 - Adobe Reader 9.4.1 Infinite Loop Condition

2010

20-12-2010
SOS-10-004 - Elcom Technology's CommunityManager.NET Auth Bypass Vulnerability

06-10-2010
SOS-10-003 - Adobe Reader 9.3.4 Multiple Memory Corruption Vulnerabilities

05-03-2010
SOS-10-002 - Apache 2.2.14 mod_isapi Dangling Pointer Vulnerability

21-01-2010
SOS-10-001 - TheGreenBow VPN Client Local Stack Overflow Vulnerability

2009

30-10-2009
SOS-09-008 - SafeNet SoftRemote Local Buffer Overflow Vulnerability

17-08-2009
SOS-09-007 - Piwigo SQL Injection Vulnerability

12-08-2009
SOS-09-006 - Plume CMS Multiple SQL Injection Vulnerabilities

31-07-2009
SOS-09-005 - XOOPS Multiple Cross-Site Scripting Vulnerabilities

09-07-2009
SOS-09-004 - Lotus Sametime User Enumeration Vulnerability

23-05-2009 - Vendor notified 23-04-2009- Not publicly released
SOS-09-003 - Infor SCM SupplyWEB Multiple Vulnerabilities

24-02-2009
SOS-09-002 - Magento Multiple Cross-Site Scripting Vulnerabilities

23-02-2009
SOS-09-001 - Libero Cross-Site Scripting Vulnerability


Reset Font Size Increase Font Size Contact us via email form Share/Save/Bookmark

Telephone 1300 922 923.

For an engagement enquiry.
For an information request.