Sorry, not available in this language yet

English
日本語
简体中文

AI-generated code | Harness the power of AI coding assistants while managing the risks.
API Security Testing | Manage software risks with a holistic API security testing program.
AppSec Program Consolidation | Simplify your application security program.
Application Security Testing | Solutions to address security risks at all stages of the application life cycle.
DevSecOps | Solutions to help shift security left without slowing down your development teams.
Software Supply Chain Security | Solutions to identify and manage software supply chain risks end-to-end.
Manage Enterprise AppSec Risk | Scale your application security program without increasing complexity or adding friction.
Cloud & Container Security | Optimize your applications for secure deployment and operation in the cloud.
Open Source License Compliance | Effective solutions for ensuring open source license compliance.
M&A Due Diligence | Identify software risks that could negatively impact the value of acquired IP.
Quality and Security Standards Compliance | Ensure your software complies with the standards critical to customers and regulators.

Static Analysis (SAST) | Analyzing code for security vulnerabilities without executing it.
Software Composition Analysis (SCA) | Analyzing software components for security and license compliance.
Dynamic Analysis (DAST) | Testing running applications for security vulnerabilities.
Interactive Analysis (IAST) | Real-time security testing during application execution.
Penetration Testing | Simulated cyberattacks to identify vulnerabilities.
Mobile Application Security Testing (MAST) | Ensuring the security of mobile applications.
Application Security Posture Management (ASPM) | Managing and improving application security posture.
Fuzz Testing Solutions | Identifying vulnerabilities by inputting random data to applications.

Automotive | Security solutions for automotive industry applications.
Financial Services | Security solutions tailored for financial services.
IoT & Embedded | Security for Internet of Things and embedded systems.
Medical Devices | Security solutions for medical devices.
Public Sector | Security solutions for government and public sector organizations.

Dev and DevOps Teams | Security tools and practices for development and DevOps teams.
Security Teams | Solutions and support for dedicated security teams.
Legal Teams | Resources and compliance tools for legal teams.

Vulnerabilities Found at CyRC

CVE
BDSA
Product
Researcher
Tool
References
Notes

CVE-2023-32353		iTunes	Zeeshan Shaikh		Black Duck advisory
CVE-2023-25827		OpenTSDB	Jamie Harris		Black Duck advisory
CVE-2023-25826		OpenTSDB	Jamie Harris		Black Duck advisory
CVE-2023-25828		Pluck CMS	Matthew Hogg		Black Duck advisory
CVE-2023-23846	BDSA-2023-0197	Open5GS	Tommi Maekilae Qiang Li	Defensics	Black Duck advisory
CVE-2022-45477		Telepad	Mohamed Alshehri		Black Duck advisory
CVE-2022-45478		Telepad	Mohamed Alshehri		Black Duck advisory
CVE-2022-45479		PC Keyboard	Mohamed Alshehri		Black Duck advisory
CVE-2022-45480		PC Keyboard	Mohamed Alshehri		Black Duck advisory
CVE-2022-45481		Lazy Mouse	Mohamed Alshehri		Black Duck advisory
CVE-2022-45482		Lazy Mouse	Mohamed Alshehri		Black Duck advisory
CVE-2022-45483		Lazy Mouse	Mohamed Alshehri		Black Duck advisory
CCVE-2022-43945	BDSA-2022-3119	Linux kernel NFSD	Aleksi Illikainen Kari Hulkko	Defensics	Black Duck advisory
CVE-2022-39065		IKEA TRÅDFRI gateway	Kari Hulkko Tuomo Untinen	Defensics	Black Duck advisory
CVE-2022-39064		IKEA TRÅDFRI smart bulb	Kari Hulkko Tuomo Untinen	Defensics	Black Duck advisory
CVE-2022-39063	BDSA-2022-2568	Open5GS	Qiang Li	Defensics	Black Duck advisory
CVE-2022-27535		Kaspersky VPN Secure Connection	Zeeshan Shaikh		Black Duck advisory
CVE-2022-30617	BDSA-2022-1351	Strapi	David Johansson		Black Duck advisory
CVE-2022-30618	BDSA-2022-1359	Strapi	David Johansson		Black Duck advisory
CVE-2022-24814	BDSA-2022-0959	Directus	David Johansson		Black Duck advisory
CVE-2021-43175	BDSA-2021-3657	GOautodial goAPI	Scott Tolley	Seeker	Black Duck advisory
CVE-2021-43176	BDSA-2021-3656	GOautodial goAPI	Scott Tolley	Seeker	Black Duck advisory
CVE-2021-33177	BDSA-2021-2845	Nagios XI	Scott Tolley	Seeker	Black Duck advisory
CVE-2021-33179	BDSA-2021-2847	Nagios XI	Scott Tolley	Seeker	Black Duck advisory
CVE-2021-33178	BDSA-2021-2846	Nagios XI	Scott Tolley	Seeker	Black Duck advisory
CVE-2021-22116	BDSA-2021-1329	RabbitMQ	Jonathan Knudsen	Defensics	Black Duck advisory
CVE-2021-33175	BDSA-2021-1608	EMQ X	Jonathan Knudsen	Defensics	Black Duck advisory
CVE-2021-33176	BDSA-2021-1609	VerneMQ	Jonathan Knudsen	Defensics	Black Duck advisory
CVE-2021-3430	BDSA-2021-1716	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3431	BDSA-2021-1718	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3432	BDSA-2021-1727	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3433	BDSA-2021-1734	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3434	BDSA-2021-1737	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3435	BDSA-2021-1757	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3454	BDSA-2021-1761	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2021-3455	BDSA-2021-1762	Zephyr Project	Matias Karhumaa	Defensics	Black Duck advisory
CVE-2020-7958		OnePlus 7	Georgi Boiko Artem Gonchar Andrew Lee-Thorp	Defensics	Black Duck advisory
CVE-2020-28052	BDSA-2020-3371	BouncyCastle	Tero Rontti Matti Varanka	Defensics	Black Duck advisory
CVE-2020-27223	BDSA-2020-4221	Jetty	Tero Rontti Matti Varanka	Defensics	Black Duck advisory Jetty advisory
CVE-2019-18989	BDSA-2020-2548	Mediatek MT7620N chipset	Kari Hulkko Tuomo Untinen	Defensics	Black Duck advisory
CVE-2019-18990	BDSA-2020-2549	Realtek RTL8812AR chipset	Kari Hulkko Tuomo Untinen	Defensics	Black Duck advisory
CVE-2019-18991	BDSA-2020-2550	Atheros (Qualcomm) AR9132 chipset	Kari Hulkko Tuomo Untinen	Defensics	Black Duck advisory
CVE-2018-18907		D-Link DIR-850L	Tuomo Untinen	Defensics	D-Link advisory Black Duck advisory FI-NCSC advisory
CVE-2017-2420		Apple macOS	Matias Karhumaa Marko Laakso Pekka Oikarainen	Defensics	Apple advisory
CVE-2017-7645	BDSA-2017-1139	Linux kernel NFS	Tuomas Haanpaa Matti Kamunen	Defensics	RedHat advisory Debian advisory
CVE-2017-7895	BDSA-2017-0353	Linux kernel NFS	Ari Kauppi	Defensics	RedHat advisory Debian advisory
CVE-2017-8797	BDSA-2017-0246	Linux kernel NFS		Defensics	RedHat advisory
CVE-2016-7596		Apple macOS	Matias Karhumaa Marko Laakso Pekka Oikarainen	Defensics	Apple advisory
CVE-2015-1182		PolarSSL		Defensics	PolarSSL advisory
CVE-2015-5370		Samba	Jouni Knuutinen	Defensics	Samba advisory
CVE-2014-8275	BDSA-2021-1608	OpenSSL	Antti Karjalainen Tuomo Untinen	Defensics	OpenSSL advisory
CVE-2014-5139	BDSA-2021-1608	OpenSSL	Riku Hietamäki Joonas Kuorilehto	Defensics	OpenSSL advisory
CVE-2014-4911		PolarSSL		Defensics	PolarSSL security advisory
CVE-2014-5139		OpenSSL	Riku Hietamäki Joonas Kuorilehto	Defensics	FICORA advisory
CVE-2014-3466		GnuTLS	Joonas Kuorilehto	Defensics	GnuTLS advisory Radare blog
CVE-2014-3859		GnuTLS		Defensics	ISC advisory SCIP advisory
CVE-2014-0160	BDSA-2014-0028	OpenSSL	Riku Hietamäki Matti Kamunen Antti Karjalainen	Defensics	heartbleed.com NCSC-FI advisory	Heartbleed
CVE-2014-0101		Linux kernel		Defensics	RedHat advisory RedHat issue
CVE-2014-1316		Apple OS X		Defensics	Apple advisory
CVE-2014-1266		Apple iOS		Defensics	Apple advisory Black Duck advisory iMore article	"goto fail"
CVE-2013-3748		Oracle	Joonas Kuorilehto	Defensics	Oracle advisory
CVE-2013-5140		Apple iOS	Joonas Kuorilehto	Defensics	Black Duck advisory
CVE-2012-3570	BDSA-2021-3657	ISC DHCP		Defensics	CERT-FI advisory ISC advisory
CVE-2012-3571	BDSA-2021-3656	ISC DHCP		Defensics	ISC advisory
CVE-2012-2388		strongSwan		Defensics	CERT-FI advisory
CVE-2012-2333		OpenSSL		Defensics	CERT-FI advisory
CVE-2012-0256	BDSA-2021-1609	Apache Traffic Server		Defensics	CERT-FI advisory
CVE-2012-0259		ImageMagick	Aleksis Kauppinen Joonas Kuorilehto Tuomas Parttimaa Lasse Ylivainio	Defensics	CERT-FI advisory
CVE-2012-0260		ImageMagick	Aleksis Kauppinen Joonas Kuorilehto Tuomas Parttimaa Lasse Ylivainio	Defensics	CERT-FI advisory
CVE-2012-1798		ImageMagick	Aleksis Kauppinen Joonas Kuorilehto Tuomas Parttimaa Lasse Ylivainio	Defensics	CERT-FI advisory
CVE-2012-0247		ImageMagick	Aleksis Kauppinen Joonas Kuorilehto	Defensics	CERT-FI advisory
CVE-2012-0248		ImageMagick	Aleksis Kauppinen Joonas Kuorilehto	Defensics	CERT-FI advisory
CVE-2011-3334		bluez	Tommi Mäkilä Jukka Taimisto	Defensics	CERT-FI advisory
CVE-2011-3323		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory
CVE-2011-3324		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory
CVE-2011-3325		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory
CVE-2011-3326		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory
CVE-2011-3327		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory
CVE-2010-2948		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory Quagga 0.99.17 release note
CVE-2010-2949		Quagga BGP and OSPF	Riku Hietamäki Jukka Taimisto Tuomo Untinen	Defensics	CERT-FI advisory Quagga 0.99.17 release note
CVE-2010-2552		Microsoft SMB	Riku Hietamäki Joshua Morin	Defensics	Microsoft advisory Microsoft security summary
CVE-2010-0211		OpenLDAP	Ilkka Mattila Tuomas Salomäki	Defensics	CERT-FI advisory
CVE-2010-0212		OpenLDAP	Ilkka Mattila Tuomas Salomäki	Defensics	CERT-FI advisory
CVE-2010-1173		Linux Kernel SCTP	Jukka Taimisto Olli Jarva	Defensics	CERT-FI advisory
CVE-2010-0101		Lexmark printers		Defensics	Lexmark advisory Lexmark advisory (2)	CVE-2004-0079 (Regression)
CVE-2010-0020		Microsoft SMB	Joshua Morin	Defensics	Microsoft advisory
CVE-2010-0006		Linux Kernel	Olli Jarva Tuomo Untinen	Defensics	CERT-FI advisory	CVE-2007-4567 (Regression)
CVE-2009-3720		libexpat		Defensics	CERT-FI Advisory	Affected (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, etc.
CVE-2009-1885		Apache Xerces C++		Defensics	CERT-FI Advisory	Affected (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, etc.
CVE-2009-2414		libxml2				Affected (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, etc.
CVE-2009-2416		libxml2				Affected (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, etc.
CVE-2009-2625		Apache Xerces2 Java				Affected (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, etc.
CVE-2009-2621		Squid		Defensics	Squid advisory
CVE-2009-2622		Squid		Defensics	Squid advisory
CVE-2009-0478		Squid		Defensics	Squid advisory
CVE-2008-0891		OpenSSL		Defensics	CERT-FI advisory OpenSSL advisory
CVE-2008-1948		GnuTLS	Ossi Herrala Jukka Taimisto	Defensics	CERT-FI advisory GnuTLS update GnuTLS second update
CVE-2008-1949		GnuTLS	Ossi Herrala Jukka Taimisto	Defensics	CERT-FI advisory GnuTLS update GnuTLS second update
CVE-2008-1950		GnuTLS	Ossi Herrala Jukka Taimisto	Defensics	CERT-FI advisory GnuTLS update GnuTLS second update
CVE-2008-2464		NetBSD		Defensics	CERT-FI advisory NetBSD advisory
CVE-2008-4038		Microsoft SMB		Defensics	Microsoft advisory
		OpenGGSN		Defensics	VTT advisory	Bug#446219
CVE-2005-1211		Microsoft image libraries		Defensics	Microsoft advisory
CVE-2004-0081		OpenSSL		Defensics	Red Hat advisory
CVE-2004-0786		Apache		Defensics	Red Hat advisory