High-Tech Bridge Security Advisories are CVE Compatible    High-Tech Bridge Security Advisories CWE Compatibility    High-Tech Bridge Security Advisories CVSS Adopters
Vendor Statistics

286 software vendors have fixed 926 vulnerabilities in their products thanks to High-Tech Bridge Security Research Lab.

Patch Available Upon Disclosure

2014 Q1: 87%2013 Q2: 92%
2013 Q4: 67%2013 Q1: 100%
2013 Q3: 77%2012 Q4: 68%

Vendor Average Time to Patch

2014 Q1: 5 days 2013 Q2: 30 days
2013 Q4: 8 days 2013 Q1: 13 days
2013 Q3: 13 days 2012 Q4: 26 days
ImmuniWeb® by High-Tech Bridge


High-Tech Bridge Newsletter

Subscribe to our newsletter and receive some or all of our corporate news, invitations to security events or HTB Security Advisories – you choose what you want to receive.

Advisories by High-Tech Bridge Security Research Lab

Search Advisories by

CVE-ID:HTB-ID:Name:CWE-ID:
Cross-Site Request Forgery (CSRF) in UMI.CMS Advisory ID: HTB23151
Last Change: May 8, 2013
CVE Reference: CVE-2013-2754
Vulnerable Version: 2.9
Risk Level: Medium

Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS Advisory ID: HTB23141
Last Change: May 1, 2013
CVE Reference: CVE-2013-1420
Vulnerable Version: 3.1.2
Risk Level: Low

SQL Injection in b2evolution Advisory ID: HTB23152
Last Change: May 1, 2013
CVE Reference: CVE-2013-2945
Vulnerable Version: 4.1.6
Risk Level: Medium

Multiple Vulnerabilities in KrisonAV CMS Advisory ID: HTB23150
Last Change: April 17, 2013
CVE References: CVE-2013-2712
CVE-2013-2713
Vulnerable Version: 3.0.1
Risk Level: Medium

PHP Code Injection in FUDforum Advisory ID: HTB23146
Last Change: April 15, 2013
CVE Reference: CVE-2013-2267
Vulnerable Version: 3.0.4
Risk Level: High

Multiple XSS in Hero Framework Advisory ID: HTB23149
Last Change: April 10, 2013
CVE Reference: CVE-2013-2649
Vulnerable Version: 3.791
Risk Level: Medium

Novell GroupWise Multiple Remote Code Execution Vulnerabilities Advisory ID: HTB23131
Last Change: April 3, 2013
CVE Reference: CVE-2013-0804
Vulnerable Version: 12.0.0.8586 and probably prior
Risk Level: Critical

SQL Injection Vulnerability in Symphony Advisory ID: HTB23148
Last Change: April 3, 2013
CVE Reference: CVE-2013-2559
Vulnerable Version: 2.3.1
Risk Level: Medium

McAfee Virtual Technician ActiveX Control Insecure Method Advisory ID: HTB23128
Last Change: March 27, 2013
CVE Reference: CVE-2012-5879
Vulnerable Version: 6.5.0.2101 and probably prior
Risk Level: Medium

Path Traversal in AWS XMS Advisory ID: HTB23147
Last Change: March 27, 2013
CVE Reference: CVE-2013-2474
Vulnerable Version: 2.5
Risk Level: Medium