NCC Group Research Blog
The ABCs of NFC chip security
2 years ago
Testing Infrastructure-as-Code Using Dynamic Tooling
2 years ago
Testing Two-Factor Authentication
2 years ago
Testing HTTP/2 only web services
2 years ago
Technical Advisory: Unauthenticated Remote Command Execution through Multiple Vulnerabilities in Virgin Media Hub 3.0
2 years ago
Technical Advisory: Unauthenticated SQL Injection in Lansweeper
2 years ago
Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call
2 years ago
Technical Advisory: SQL Injection and Reflected Cross-Site Scripting (XSS) Vulnerabilities in Oracle Communications Diameter Signaling Router (CVE-2020-14787, CVE-2020-14788)
2 years ago
Technical Advisory: Stored and Reflected XSS Vulnerability in Nagios Log Server (CVE-2021-35478,CVE-2021-35479)
2 years ago
Technical Advisory: Shell Injection in SourceTree
2 years ago
Technical Advisory: SMB Hash Hijacking and User Tracking in MS Outlook
2 years ago
Technical Advisory: Ruby on Rails – Possible XSS Vulnerability in ActionView tag helpers (CVE-2022-27777)
2 years ago
Technical Advisory: Shell Injection in MacVim mvim URI Handler
2 years ago
Technical Advisory: Pulse Connect Secure – RCE via Uncontrolled Gzip Extraction (CVE-2020-8260)
2 years ago
Technical Advisory: Reflected Cross-Site Scripting (XSS) vulnerability in Jenkins Delivery Pipeline plugin
2 years ago
Technical advisory: Remote shell commands execution in ttyd
2 years ago
Technical Advisory: Pulse Connect Secure – Arbitrary File Read via Logon Message (CVE-2020-8255)
2 years ago
Technical Advisory: Pulse Connect Secure – RCE via Uncontrolled Archive Extraction – CVE-2021-22937 (Patch Bypass)
2 years ago
Technical Advisory: OS Command Injection in Silver Peak EdgeConnect Appliances (CVE-2020-12148, CVE-2020-12149)
2 years ago
Checked
2 hours 50 minutes ago
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
NCC Group Research Blog feed