CyRC Vulnerability Advisory: Stored XSS in Directus
CVE-2022-24814 is a stored XSS vulnerability that can lead to account compromise in the admin application of Directus. The post CyRC Vulnerability Advisory: Stored XSS in Directus appeared first on Software Integrity Blog ... Read More
CyRC Vulnerability Advisory: Denial of service vulnerability in Jetty web server
CVE-2020-27223 is a denial of service vulnerability discovered in the Eclipse Foundation’s popular Jetty web server. The post CyRC Vulnerability Advisory: Denial of service vulnerability in Jetty web server appeared first on Software Integrity Blog ... Read More
CyRC analysis: Authentication bypass vulnerability in Bouncy Castle
CVE-2020-28052 is an authentication bypass vulnerability discovered in Bouncy Castle’s OpenBSDBcrypt class. It allows attackers to bypass password checks. The post CyRC analysis: Authentication bypass vulnerability in Bouncy Castle appeared first on Software Integrity Blog ... Read More
CyRC Vulnerability Advisory: Authentication bypass vulnerabilities in multiple wireless router chipsets (CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991)
Read the Synopsys Cybersecurity Research Center’s (CyRC) analysis of CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991. The post CyRC Vulnerability Advisory: Authentication bypass vulnerabilities in multiple wireless router chipsets (CVE-2019-18989, CVE-2019-18990, and CVE-2019-18991) appeared first on Software Integrity Blog ... Read More
Are you ready for API security?
Modern systems rely on complex systems of APIs exposed through a variety of networks. What is API security, and how does it fit into your security program? The post Are you ready for API security? appeared first on Software Integrity Blog ... Read More
CyRC Vulnerability Advisory: CVE-2020-7958 biometric data disclosure vulnerability in OnePlus 7 Pro Android phone
Read the Synopsys Cybersecurity Research Center’s (CyRC) analysis of CVE-2020-7958, a biometric data disclosure vulnerability in the OnePlus 7 Pro Android phone. The post CyRC Vulnerability Advisory: CVE-2020-7958 biometric data disclosure vulnerability in OnePlus 7 Pro Android phone appeared first on Software Integrity Blog ... Read More
Synopsys Defensics R&D team places second in 5G Cyber Security Hack 2021 event
The Synopsys Defensics R&D team put the Defensics fuzz testing tool to the test in the 5G Cyber Security Hack event and placed second in the competition. The post Synopsys Defensics R&D team places second in 5G Cyber Security Hack 2021 event appeared first on Software Integrity Blog ... Read More
CyRC analysis: CVE-2018-18907 authentication bypass vulnerability in D-Link DIR-850L wireless router
This post is the Synopsys Cybersecurity Research Center’s (CyRC) analysis of CVE-2018-18907, an authentication bypass vulnerability in the D-Link DIR-850L wireless router. Overview CVE-2018-18907 refers to an authentication vulnerability with D-Link DIR-850L routers that allows clients to communicate with the router without completing the full WPA handshake. Successful exploitation of ... Read More
