286 software vendors have fixed 926 vulnerabilities in their products thanks to High-Tech Bridge Security Research Lab.
Patch Available Upon Disclosure
|2014 Q1: 87%||2013 Q2: 92%|
|2013 Q4: 67%||2013 Q1: 100%|
|2013 Q3: 77%||2012 Q4: 68%|
Vendor Average Time to Patch
|2014 Q1: 5 days||2013 Q2: 30 days|
|2013 Q4: 8 days||2013 Q1: 13 days|
|2013 Q3: 13 days||2012 Q4: 26 days|
High-Tech Bridge Security Research
High-Tech Bridge devotes significant internal resources to continuous security research. We strongly believe that research and innovation the the main factors in maintaining the highest quality of our information security services.
A public part of our security research, that we are pleased to share with the information security community, is distributed under High-Tech Bridge Security Research Lab brand.
High-Tech Bridge Security Research Lab (HTB Research) releases new security advisories on a weekly basis. The advisories are provided on a non-profit basis with the goal of helping software vendors to improve security and reliability of their products. Almost 300 large software vendors have already fixed security vulnerabilities discovered by our researchers, including such big names as Microsoft, IBM, Novell, McAfee, Sony, HP, Samsung, OpenOffice, Corel, WordPress, Joomla, OpenX, Bitrix and many others.
HTB Security Advisories are CVE, CWE and CVSS compatible:
High-Tech Bridge is also present among few organizations with CVE Identifiers included directly into every security advisory upon publication.
Latest Security Advisories
- HTB23212: Multiple Vulnerabilities in EGroupware
- HTB23211: Сross-Site Request Forgery (CSRF) in TAO
- HTB23210: Cross-Site Scripting (XSS) in Offiria
- HTB23209: SQL Injection in mAdserve
- HTB23208: SQL Injection in Orbit Open Ad Server
- HTB23207: Сross-Site Request Forgery (CSRF) in XCloner Standalone
- HTB23206: Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin
- HTB23205: Cross-Site Scripting (XSS) in CMSimple
- HTB23204: Cross-Site Scripting (XSS) in Open Classifieds
- HTB23203: Cross-Site Scripting (XSS) in Ilch CMS
Latest White Papers and Presentations
- ImmuniWeb® Self-Fuzzer Firefox Extension
- Welcome to the World Wild Web [French]
- Fuzzing: An introduction to Sulley Framework
- CVE-2013-0804: Novell GroupWise Untrusted Pointer Dereference Exploitation
- Manipulating Memory for Fun & Profit
- In-Memory Fuzzing with Java
- CVE-2012-1535: Adobe Flash Player Integer Overflow Vulnerability Analysis
- The Growing Hacking Threat to Websites
- How to use PyDbg as a powerful multitasking debugger
- CVE-2012-1889: Security Update Analysis