Featured Scantist Articles

Read all about application security, open source risk management and DevSecOps here

Scantist Blogs

What is DevSecOps & How does it work? | Scantist

Learn what DevSecOps is and how it can improve your organization's security posture. Find out how to implement it to improve collaboration.

The Complete Guide to Application Security | Scantist

Application security is the practice of adding features or functionality to software to protect against attacks. Here’s everything you need to know about it.

Your Guide to Open-Source Vulnerabilty Scanner- Scantist

Do you need an open-source vulnerability scanner? Here’s the answer to all your questions about vulnerability scanners.

Case Study

Evaluating the health of the development lifecycle

Find out how Thompson (Scantist's Software Composition Analysis tool) helped Deputy analysed the health of their development environment and track the dependency of components within their infrastructure while preventing the invalidity of their applications with the presence of legacy systems.

Application Evaluation for Investment Decision

A merchant banking firm was looking to invest in a start-up HR tech company. Prior to making a decision, it is critical to understand and evaluate the proposition of the tech company and verify the integrity of codes used in its applications and systems.

Fuzzing for server-like programs

Find out how Hollerith (Scantist's Smart Fuzzer) helped our client, Big Telco, disclosed exploitable vulnerabilities despite its server-like programs which rendered existing fuzzing solutions infeasible.

Security Advisory

Curated Security Advisory (8 Sep 2022)

Data is crawled between 1 Sep 2022 to 7 Sep 2022

Curated Security Advisory (9 Jun 2022)

Data is crawled between 2 to 8 Jun 2022

Curated Security Advisory (7 Jul 2022)

Data is crawled between 30 Jun to 6 Jul 2022

Vulnerability Library



Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.


Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js.


Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)