Penetration Testing Vulnerability Alerts

Caretower Ltd as a managed service provider around security software, hardware and testing services, we take security issues very seriously and recognise the importance of privacy & security. We are dedicated to ensuring and improving the security of our clients. Whether for clients or our own purposes, we regularly carry out independent security audits and vulnerability research against third-party software and hardware products and we responsibly report them.

Read our Disclosure Policy

Advisory ID Title Date Resource
CTPEN2021-004 Improper Restriction of XML External Entity in dbeaver 21.2.3 14/12/2021 Read
CTPEN2021-003 Sonicwall SonicOS Host Header Injection 13/10/2021 Read
CTPEN2021-002 Multiple Improper Restriction of XML External Entity in corenlp 4.3.0 29/09/2021 Read / Read
CTPEN2021-001 Inefficient Regular Expression Complexity in nltk 3.6.3 27/09/2021 Read
CTPEN2020-003 Spiceworks 7.5.70 Host Header Injection 15/09/2020 Read
CTPEN2020-002 Xinuos (Formerly SCO) Openserver v5 & v6 OS Command Execution 04/09/2020 Read
CTPEN2020-001 Xinuos (Formerly SCO) Openserver v5 & v6 Multiple Vulnerability 14/06/2020 Read
CTPEN2019-006 Kirona-DRS version Multiple Vulnerabilities 11/10/2019 Read
CTPEN2019-005 GoAhead 2.5.0 Host Header Injection 30/09/2019 Read
CTPEN2019-004 Cisco Small Business Series Switches Open Redirect Vulnerability 17/07/2019 Read
CTPEN2019-003 Cisco Small Business 200 / 300 / 500 Switches -Information Disclosure 15/07/2019 Read
CTPEN2019-002 SaLICru -SLC-20-cube3(5) - HTML Injection. 05/04/2019 Read
CTPEN2019-001 ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities. 06/03/2019 Read