Security Advisory 2109-01
Trovent Security GmbH discovered an SQL injection vulnerability in the search function of the calendar module.
Log4j Schwachstelle: Was ist jetzt zu tun?
Die Log4j Schwachstelle (CVE-2021-44228) hat viel Aufmerksamkeit erhalten. Wir zeigen auf, wie Sie sich schützen können.
Podcast: Eine Frage der Sicherheit
Trovent gibt es ab sofort auch zu hören! Im Podcast-Gespräch beantworten wir wichtige Fragen zum Thema Anomalieerkennung.
Security Advisory 2106-01
Trovent Security GmbH discovered that the Dolibarr application does not escape “greater than” and “smaller than” characters if they are reflected in one of the small pop-up windows with details of the object.
Security Advisory 2106-01
Trovent Security discovered that the Dolibarr application on default settings allows remote code execution in the website builder module.
Security Advisory 2105-02
Trovent Security GmbH discovered that the Dolibarr application does not escape "greater than" and "smaller than" characters if they are reflected in one of the small pop-up windows with details of the object.
Security Advisory 2104-03
Trovent Security GmbH discovered an inconsistency between the API and the client of HealthForYou & Sanitas HealthCoach.
Security Advisory 2105-01
Trovent Security GmbH discovered that the VeryFitPro mobile application performs all communication with the backend API via cleartext HTTP.
Security Advisory 2104-01
Trovent Security GmbH discovered a vulnerability in the server API of the mobile apps Sanitas HealthCoach and HealthForYou
Security Advisory 2104-02
Trovent Security GmbH discovered a critical vulnerability in the server API of the mobile apps Sanitas HealthCoach and HealthForYou.
Security Advisory 2103-02
Trovent Security GmbH discovered multiple Cross-Site-Scripting vulnerabilities in ERPNext 13.0.0/12.18.0
Security Advisory 2103-01
Trovent Security GmbH discovered an SQL Injection vulnerability in ERPNext 13.0.0/12.18.0