Black Lantern Security (BLSOPS)

Black Lantern Security (BLSOPS)

Home
Vulnerability Research
Detection Engineering
Products and Tools
Subscriber Requests
Archive
About
Doomla! Zero Days
Discovery and Exploitation of two Zero Days from the perspective of a first year Penetration Tester.
  
Jack Pas
1
CVE-2023-3433 & CVE-2023-3434 - Jami Local Denial Of Service and Passing Strings to QRC URL Vulnerabilities
Public Disclosure of 2 Vulnerabilities found within GNU Jami (Multiple Versions)
  
Mason Corkern
Reflected XSS in AEM ACS Commons Version 5.1.x and Earlier
AEM ACS Commons: CVE-2022-28820: Version 5.1.x
  
Paul Mueller
CVE-2025-1888—Reflected XSS in Aperio Eslide Manager
The Aperio Eslide Manager application is vulnerable to reflected cross-site scripting (XSS), which primarily affects the Leica Web Viewer within the…
  
Mark Gaddy
XSS and SQLi in Forecast® by Tideworks
Tideworks: CVE-2022-43112 & CVE-2022-43115: Forecast® (10.10.0.13153)
  
Jacob Holvick
Privileged Read and Weak Default Credentials in Brocade Fabric OS
Brocade: CVE-2021-27796, CVE-2021-27797: Fabric OS (Multiple Versions)
  
Cody Martin
ASP.NET Cryptography for Pentesters
This article was originally posted to blog.liquidsec.net on June 1, 2021.
  
Paul Mueller
Privileged Directory Traversal in Brocade Fabric OS
Brocade: CVE-2021-27798: Fabric OS (Multiple Versions)
  
Cody Martin
Cisco SD-WAN: vManage Vulnerability
Cisco: CVE-2021-1486: SD-WAN vManage Software
NASCENT RemKon Multiple CVEs
NASCENT: CVE-2021-38611, CVE-2021-38612, CVE-2021-38613: RemKon Device Manager 4.0.0.0
  
Chase Lindquist
Cisco Unified IP Conference Station 7937G
Cisco: CVE-2020-16139, CVE-2020-16138, CVE-2020-16137: Unified IP Conference Station 7937G
  
Cody Martin
Cerner Mobile Care Integer Conversion SQL Injection Leading to RCE
Cerner: CVE-2021-36385: Mobile Care 5.0.0
  
Chase Lindquist
© 2025 Black Lantern Security (BLSOPS)
PrivacyTermsCollection notice
Start writingGet the app
Substack is the home for great culture