The usd HeroLab analysts examined the multimedia application Jellyfin while conducting their security analyses. Two cross-site scripting...
Security Research
Security Advisory for GitLab
The usd HeroLab analysts examined GitLab, a service for version management of software projects, while conducting their security analyses. In the...
Security Advisory for Acronis Cyber Protect
The analysts at usd HeroLab examined Acronis Cyber Protect application as part of their security analyses. This revealed a vulnerability that...
Security Advisories for Filerun
The analysts at usd HeroLab examined Filerun as part of their security analyses. This revealed two vulnerabilities that allowed the deletion of...
Deploying Files via Group Policies or How Group Policy Updates Can Ruin Your Day
During a workstation assessment at the beginning of 2021, usd HeroLab analysts identified a trivial privilege escalation vulnerability occurring...
Security Advisories for CA Harvest
The analysts at usd HeroLab examined the CA Harvest Software Change Manager as part of their security analyses. This revealed a vulnerability in the...
35 Vulnerabilities Discovered in Open Source Software: Hacker Contest Successfully Concluded
In the winter semester 2021/2022, the popular course "Hacker Contest" was again held at the Technical University (TU) Darmstadt. This year, the...
Security Advisory for Thruk Monitoring < v2.46.3
Our analysts at usd HeroLab have examined the Thruk monitoring web interface for e.g. Naemon, Nagios or Icinga during their security analysis. A...
Security Advisory for Grafana < v8.1.3
Our analysts at usd HeroLab discovered security vulnerabilities in Grafana's input validation while performing their pentests. Through these...
Security Advisory for VMware Workspace ONE Intelligent Hub
Our usd HeroLab pentesters have identified a vulnerability in VMware Workspace ONE Intelligent Hub software while conducting their security...
Security Advisory 11/2021
The usd HeroLabs pentesters have identified vulnerabilities in various products of well-known manufacturers while conducting their security...
Security Advisory 10/2021
The usd HeroLabs pentesters have identified a vulnerability in the product of Microsofts Exchange Server 2016 while conducting their security...