SECURITY BULLETINS & ADVISORIES

SecureAuth Version 9.3

Jun 19, 2020 5:00:00 AM | By Chris Davis Robert Punnett

ADVISORY SUMMARY One low-risk vulnerability was discovered within the SecureAuth IdP v9.3 application. This vulnerability could allow malicious... continue reading

DigDash Enterprise: Versions 2018R2-2020R1

Jun 15, 2020 5:00:00 AM | By Florian Nivette

ADVISORY SUMMARY The following document describes three identified vulnerabilities (one high-risk, one medium-risk, one low-risk) in the DigDash... continue reading

OOB to RCE: Exploitation of the Hobbes Functional Interpreter

Jun 12, 2020 7:52:27 AM | By Jake Miller

ADVISORY SUMMARY CVE-2020-13656: In Hobbes through 2020-05-21, the array implementation lacks bounds checking, allowing exploitation of an... continue reading

Twisted Version 19.10.0

Mar 11, 2020 5:00:00 AM | By Jake Miller

ADVISORY SUMMARY The following document describes identified vulnerabilities in the Twisted application version 19.10.0. continue reading

From Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains

Mar 4, 2020 8:35:55 AM | By Matt Hamilton

ADVISORY SUMMARY Security researcher Matt Hamilton (a Bishop Fox alumnus, now with Soluble) published a new security advisory about homograph... continue reading

ConnectWise Control 19.3.25270.7185 - Eight Vulnerabilities, Including Critical

Jan 22, 2020 4:00:00 AM | By Daniel Wood

INTRODUCTION Bishop Fox takes security seriously. In accordance with our Vulnerability Disclosure Policy, we follow the industry-standard... continue reading

Big Monitoring Fabric Application

Dec 30, 2019 10:26:22 AM | By Chris Davis

ADVISORY SUMMARY The following document describes identified vulnerabilities in the Big Monitoring Fabric application. Two high-risk... continue reading

Dradis Pro Version 3.4.1

Dec 30, 2019 10:25:01 AM | By Florian Nivette

ADVISORY SUMMARY This advisory describes an identified vulnerability in the Dradis Pro application Version 3.4.1. One medium-risk vulnerability... continue reading

Solismed Version 3.3SP1

Dec 9, 2019 7:00:00 AM | By Chris Davis

ADVISORY SUMMARY Nine vulnerabilities were identified within the Solismed application. The following document describes identified vulnerabilities... continue reading

OpenEMR 5.0.1(6) - RCE and XSS

Sep 10, 2019 5:43:00 AM | By Chris Davis

ADVISORY SUMMARY OpenEMR is a widely used open source medical records management tool. The latest version at the time of this research was... continue reading

SECURITY BULLETINS & ADVISORIES

SecureAuth Version 9.3

DigDash Enterprise: Versions 2018R2-2020R1

OOB to RCE: Exploitation of the Hobbes Functional Interpreter

Twisted Version 19.10.0

From Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains

ConnectWise Control 19.3.25270.7185 - Eight Vulnerabilities, Including Critical

Big Monitoring Fabric Application

Dradis Pro Version 3.4.1

Solismed Version 3.3SP1

OpenEMR 5.0.1(6) - RCE and XSS

CONSULTING SERVICES

CONSULTING SERVICES

PARTNER PROGRAMS

LABS | RESEARCH & RESOURCES

CAREERS

COMPANY

COMMUNITY

CONTACT

ADDRESS

SECURITY BULLETINS & ADVISORIES

FIND OUT FIRST

CONSULTING SERVICES

CONSULTING SERVICES

PARTNER PROGRAMS

LABS | RESEARCH & RESOURCES

CAREERS

COMPANY

COMMUNITY

CONTACT

ADDRESS