NEWS > Research Blog
January 18, 2022
Advisory X41-2021-003: Telenot complex - Insecure AES Key Generation
The compasX parameterization software for complex alarm systems generated the AES keys used for both physical access control (via NFC tags) and remote management in an insecure fashion.
January 12, 2022
RustyHermit Missing Memory Protections
The research unikernel RustyHermit lacks of several memory protection mechanisms which significantly ease attacks on vulnerable applications
December 14, 2021
X41 D-Sec GmbH Thetanuts.Finance Public Security Review
X41 D-Sec GmbH ("X41") - a research driven IT-Security company - released a public audit report of the Thetanuts.Finance smart contracts.
May 25, 2021
nginx DNS Resolver Off-by-One Heap Write Vulnerability
An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer.
May 03, 2021
QR Code reconstruction
Reconstructing a QR Code from partially censored images.
![Background Image](/generated/assets/images/background/news-800-31fa3d89f.jpg)