The Synopsys Cybersecurity Research Center works to accelerate access to information around the identification, severity, exploitation, mitigation, and defense against software vulnerabilities. Operating within the greater Synopsys mission of making the software that powers our lives safer and of the highest quality, CyRC helps increase awareness of issues by publishing research supporting strong cybersecurity practices.
CyRC leverages core expertise present within the global software security teams within Synopsys. Our expertise spans static code analysis, fuzzing, penetration testing, open source development, and production deployment. With software at the heart of modern life—from wearable devices, home automation, blockchain, mobile applications, and automotive technologies—access to actionable security information must flow at the pace of innovation.
Review of Apache Struts vulnerabilities yields 24 updated advisories
CVE-2018-18907 refers to an authentication vulnerability with D-Link DIR-850L routers that allows clients to communicate with the router without completing the full WPA handshake. Successful exploitation of this vulnerability allows an attacker to join the router’s network without the required credentials and mount further attacks against users of the network. D-Link DIR-850L routers with hardware revision A and firmware version 1.21B06 Beta and older are vulnerable.
Open Hub is an online community and public directory of free and open source software (FOSS) offering analytics and search services for discovery, evaluation, and comparison of open source code and projects.
Designed with open source developers in mind, Black Duck CoPilot integrates with your GitHub repository and CI platform to give you a clear understanding of any unpatched open source vulnerabilities. A CoPilot GitHub badge provides assurances to your users of any open source vulnerabilities in the codebase.