You are here:
Here you will find reports, interviews and news. We give you an insight into our work and report on 0day (zero-day) vulnerabilities discovered by our staff on customer projects or in their research time.
Page 11 of 13
Stephan Sekula identified vulnerabilities in the OfficeSpace facility management software.
Thierry Viaccoz identified an incorrectly designed access control in Homeputer CL Studio for HomeMatic.
Lukasz D. identified an HTTP header injection vulnerability in Vert.x Framework.
Nicolas Heiniger identified vulnerabilities in totemomail Encryption Gateway.
Stephan Sekula has identified a design vulnerability in Microsoft Intune that may allow getting access to confidential information.
Stephan Sukula identified a design vulnerability in Microsoft Intune that allows bypassing the app PIN protection.
Damian Pfammatter and Alessandro Zala identified an XSS vulnerability in Zimbra Collaboration Suite.
Sylvain Heiniger identified an XSS vulnerability in GitLab CE+EE
Nicolas Heiniger identified vulnerabilities in MyTy.
Benjamin Bruppbacher identified an XML External Entity Attack in the iText PDF Library.
In recent months, Compass Security has supervised two scientific projects by students at the University of Applied Sciences Rapperswil HSR.
Dobin Rutishauser identified a stack based buffer overflow in the Mongoose Embedded Web Server Library.
Introduction As you may know, Compass Security participated in the 2023 edition of the Pwn2Own contest in Toronto and was able to successfully…
SINDEX is the leading Swiss exhibition for industrial automation. The industry meeting place presents the trends, innovations and key technologies of…
