Research

Risk Based Security has its own in-house research team that is responsible for performing various vulnerability-related research and conduct application assessments for customers. As part of our VulnDB offering we validate and perform in-depth open-source and closed-source analysis of select vulnerabilities in high-profile products.

As part of this work, Risk Based Security’s research team occasionally discovers new vulnerabilities and works closely with the vendors to make sure these are addressed.

The following is a list of vulnerabilities published by the Risk Based Security research team. Please note that hundreds of critical vulnerabilities found before 2013 by our team members in popular products from vendors like Microsoft, Symantec, IBM, Adobe, Apple, RealNetworks, Trend Micro, Blue Coat, Mozilla, Google, Honeywell, and Novell are not listed:

Date	RBS ID	Vendor	Vulns	Author
2019/09/03	RBS-2019-013	Danfoss	6	Carsten Eiram
2019/07/31	RBS-2019-014	Honey	1	Sven Krewitt
2019/04/04	RBS-2019-012	Korea Educational Broadcasting Corporation (EBSi)	9	Carsten Eiram
2019/04/04	RBS-2019-011	Innorix	4	Carsten Eiram
2019/04/04	RBS-2019-010	INITECH Co., Ltd.	7	Carsten Eiram
2019/04/04	RBS-2019-009	INITECH Co., Ltd.	7	Carsten Eiram
2019/04/04	RBS-2019-008	Looyu	1	Carsten Eiram
2019/04/04	RBS-2019-007	Samsung Securities	2	Carsten Eiram
2019/04/04	RBS-2019-006	UNETsystem	3	Carsten Eiram
2019/04/04	RBS-2019-005	Korean Intellectual Property Office (KISA)	1	Carsten Eiram
2019/04/04	RBS-2019-004	SG Co Ltd.	6	Carsten Eiram
2019/04/04	RBS-2019-003	D2RCG	1	Carsten Eiram
2019/04/04	RBS-2019-002	Naracontent Co,. Ltd	1	Carsten Eiram
2019/04/02	RBS-2019-001	HandySoft	1	Carsten Eiram
2018/03/01	RBS-2018-004	NetGain Systems	14	Sven Krewitt
2018/05/22	RBS-2018-003	Axis Communications	8	Carsten Eiram
2018/01/17	RBS-2018-002	combit	1	Carsten Eiram
2018/01/17	RBS-2018-001	combit	1	Carsten Eiram
2017/12/13	RBS-2017-003	NetGain Systems	3	Sven Krewitt
2017/11/16	RBS-2017-002	Drägerwerk AG	1	Carsten Eiram
2017/11/07	RBS-2017-001	OpenEMR	1	Sven Krewitt
2016/12/29	RBS-2016-004	Jensen of Scandinavia AS	20	Carsten Eiram
2016/08/31	RBS-2016-003	Crestron Electronics	6	Carsten Eiram
2016/02/29	RBS-2016-002	PC Pitstop	8	Carsten Eiram
2016/02/17	RBS-2016-001	Zhuhai RaySharp	1	Carsten Eiram
2015/12/22	RBS-2015-004	Moxa	7	Carsten Eiram
2015/05/20	RBS-2015-005	DBI Technologies	1	Carsten Eiram
2015/02/26	RBS-2015-003	Bitdefender	1	Carsten Eiram
2015/01/01	RBS-2015-002	EverFocus Electronics Corp	18	Carsten Eiram
2015/01/01	RBS-2015-001	EverFocus Electronics Corp	3	Carsten Eiram
2014/12/23	RBS-2014-006	TOPICA Technology Co., Ltd.	2	Carsten Eiram
2014/12/23	RBS-2014-006	3S Pocketnet Tech.	6	Carsten Eiram
2014/07/18	RBS-2014-004	Jesse Cortez	1	Dennis Kelly
2014/06/30	RBS-2014-003	Asante / UIC Corporation	1	Carsten Eiram
2014/02/16	RBS-2014-002	FlatNuke	1	Dennis Kelly
2014/01/24	RBS-2014-001	Schneider Electric	1	Carsten Eiram
2013/10/09	RBS-2013-007	Rockwell	2	Carsten Eiram
2013/10/09	RBS-2013-006	GameHouse	3	Carsten Eiram
2013/10/09	RBS-2013-005	GameHouse	3	Carsten Eiram
2013/05/20	RBS-2013-004	MyHeritage	4	Carsten Eiram
2013/05/06	RBS-2013-003	Schneider Electric	1	Carsten Eiram
2013/04/27	RBS-2013-002	Rockwell	1	Carsten Eiram
2013/04/27	RBS-2013-001	Rockwell	1	Carsten Eiram

Risk Based Security may also occasionally publish analyses of vulnerabilities discovered by external parties, malware, and other vulnerability or data breach intelligence related reports. An archive of these reports will be listed here.

Date	Title
2019/08/21	2019 Mid-Year Vulnerability Quick View Report
2019/08/15	2019 Mid-Year Data Breach Quick View Report
2019/05/16	2019 Q1 Vulnerability Quick View Report
2019/05/06	2019 Q1 Data Breach Quick View Report
2019/02/26	2018 Year End Vulnerability Quick View Report
2019/02/06	2018 Year End Data Breach Quick View Report
2018/11/11	2018 Q3 Vulnerability Quick View Report
2018/10/25	2018 Q3 Data Breach Quick View Report
2018/08/10	2018 Mid-Year Data Breach Quick View Report
2018/08/07	2018 Mid-Year Vulnerability Quick View Report
2018/05/14	2018 Q1 Vulnerability Quick View Report
2018/05/07	2018 Q1 Data Breach Quick View Report
2018/02/05	2017 Year End Data Breach Quick View Report
2018/02/08	2017 Year End Vulnerability Quick View Report
2017/07/23	2017 Mid-Year Vulnerability Quick View Report
2017/11/13	2017 Q3 Vulnerability Quick View Report
2017/11/07	2017 Q3 Data Breach Quick View Report
2017/07/23	2017 Mid-Year Data Breach Quick View Report
2017/05/19	2017 Q1 Vulnerability Quick View Report
2017/05/08	2017 Q1 Data Breach Quick View Report
2017/01/22	2016 Year End Vulnerabilitity Quick View Report
2017/01/20	2016 Year End Data Breach Quick View Report
2016/10/31	2016 3Q Data Breach Quick View
2016/08/31	Data Breaches Lead To Over 1 Billion Records Exposed In The First Half of 2016
2016/03/15	2015, A Record Year For Vulnerabilities
2016/03/02	PC Matic… Is It As Amazing As Seen on TV?
2016/02/02	2015 Reported Data Breaches Surpasses All Previous Years
2015/11/12	Data Breach QuickView: Third Quarter 2015 Data Breach Trends
2015/07/21	Data Breach QuickView: Mid-Year 2015 Data Breach Trends
2015/07/06	CVE & NVD: The High Price Of Free
2015/02/23	Data Breach QuickView: 2014 Data Breach Trends
2014/11/19	Data Breach QuickView: Data Breach Trends during the First Nine Months of 2014
2014/07/27	Data Breach QuickView: Data Breach Trends in the First Half of 2014
2014/05/27	Data Breach QuickView: Data Breach Trends in the First Quarter of 2014
2014/02/18	Data Breach QuickView: An Executive’s Guide to Data Breach Trends in 2013
2013/09/18	Personally Identifiable Information – More Fun With Definitions
2013/09/05	An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism
2013/08/20	Memory Corruption… (And Why We Dislike That Term)
2013/07/02	Exploitability/Priority Index Rating Systems (Approaches, Value, and Limitations)
2013/02/27	The CVSSv2 Shortcomings, Faults, and Failures Formulation
2013/02/14	Data Breach QuickView: An Executive’s Guide to Data Breach Trends in 2012

Research

Products

Solutions

About

Contact