Vulnerability Hub

The National Test Institute for Cybersecurity NTC regularly conducts independent and neutral security tests of networked infrastructures, devices and applications. Vulnerability disclosure follows a transparent process, as detailed in the NTC Vulnerability Disclosure Policy, ensures a relevant impact on society, and serves our commitment to Switzerland's security and digital sovereignty.

The Vulnerability Hub lists the most relevant vulnerabilities identified by the NTC, free and open. Further details about the products tested and the vulnerabilities identified may be provided on a case-by-case basis. Please use the contact form.

Please note that the following list is only a selection of NTC's work.

82 Results

Vulnerability

Area

Criticality

Status

Published on

Exposed server information on military sport info page

Area: Other

Criticality: low

Status: fixed

Published on 2024-06-27

Cross-App Scripting vulnerability in the Microsoft Authentication Library for .NET

Area: Open Source

Criticality: low

Status: fixed

Published on 2024-06-25

Remote code execution through server-side template injection in Peering Manager

Area: Open Source

Criticality: high

Status: fixed

Published on 2024-06-25

Cross-site scripting on the router page in Peering Manager

Area: Open Source

Criticality: medium

Status: fixed

Published on 2024-06-25

Open redirection using the return_url parameter in Peering Manager

Area: Open Source

Criticality: low

Status: fixed

Published on 2024-06-25

Exposed backup file on a Swiss dental centre's development website

Area: Swiss Health Sector

Criticality: medium

Status: fixed

Published on 2024-06-20

Exposed work schedule website backup of a Swiss hospital group

Area: Swiss Health Sector

Criticality: high

Status: fixed

Published on 2024-06-20

Broken access control for the work schedule website of a Swiss hospital group

Area: Swiss Health Sector

Criticality: high

Status: fixed

Published on 2024-06-20

SQL injection in the work schedule website of a Swiss hospital group

Area: Swiss Health Sector

Criticality: high

Status: fixed

Published on 2024-06-20

Exposed Spring Boot Actuator in a web app of a Swiss insurance company

Area: Swiss Health Sector

Criticality: medium

Status: fixed

Published on 2024-06-20

Exposed website backup of a Swiss medical centre

Area: Swiss Health Sector

Criticality: medium

Status: fixed

Published on 2024-06-20

Exposed software binaries on the website of a Swiss software development company

Area: Swiss Health Sector

Criticality: high

Status: fixed

Published on 2024-06-20

Vulnerability Hub

Filter

List

Exposed server information on military sport info page

Cross-App Scripting vulnerability in the Microsoft Authentication Library for .NET

Remote code execution through server-side template injection in Peering Manager

Cross-site scripting on the router page in Peering Manager

Open redirection using the return_url parameter in Peering Manager

Exposed backup file on a Swiss dental centre's development website

Exposed work schedule website backup of a Swiss hospital group

Broken access control for the work schedule website of a Swiss hospital group

SQL injection in the work schedule website of a Swiss hospital group

Exposed Spring Boot Actuator in a web app of a Swiss insurance company

Exposed website backup of a Swiss medical centre

Exposed software binaries on the website of a Swiss software development company