Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions.
Each user customizes the list of products to track.
As soon as Vigil@nce publishes an alert for one of these products, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.
The administrator then uses the online Vigil@nce diary in order to plan and track the security process.
Next page...
|
public vulnerabilities| 2 |
SAP NetWeaver: Cross Site Scripting of SLD
An attacker can generate two Cross Site Scripting in SAP NetWaver SLD, in order to execute script in the web context of a user visiting the site. |
| 2 |
JBoss: privilege elevation via ESB
In some cases, data of a service using the ESB component can be processed with incorrect privileges. |
| 1 |
GNOME Display Manager: reading password
When a GNOME Display Manager user entered a password containing a special character, it is displayed in a log file. |
| 2 |
Linux kernel: file access via BTRFS_IOC_CLONE
On a btrfs filesystem, a local attacker can use BTRFS_IOC_CLONE*, in order to read or write a file. |
| 2 |
SAP NetWeaver: Cross Site Scripting of Web Services Navigator
An attacker can generate a Cross Site Scripting in SAP J2EE Web Services Navigator, in order to execute script in the web context of a user visiting the site. |
| 3 |
libopie: overflow of one byte
An attacker can use a special login name, in order to generate an overflow of one byte in applications linked to libopie, leading to a denial of service, and possibly to code execution. |
| 2 |
AIX: information disclosure via FTP NLST
An attacker can use the FTP NLST (or LIST) command, in order to force the ftpd daemon to generate a coredump, containing sensitive information. |
| 1 |
iputils: denial of service of ping
A server can send a malicious ICMP reply, in order to generate an infinite loop in the ping tool. |
| 1 |
Apache Tomcat: command execution via SSI
When the SSI feature is enabled, the "exec" directive is also enabled, so an attacker allowed to upload a malicious page can execute code on the server. |
| 2 |
Joomla: four vulnerabilities
An attacker can generate three Cross Site Scripting and a SQL injection in Joomla. |
|
|
recent vulnerabilities
|
Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment and is available on a web site or sent by alert e-mails.
Your team secures and protects your networks based on information and advice from our team.
your security watch
- a database containing over 8000 vulnerabilities and 16000 solutions
- a web access, to read descriptive information and use advanced search features
- alert and synthesis e-mails, to inform your teams
- a customized tracking service addressing software and products of your information system
- a work space where each user selects his preferences
- a diary to plan and track the securization process of each platform
- ten options in response to your specific needs
your benefits
- a customized watch on computer vulnerabilities and their solutions
- an experienced team at your service since 10 years
- a tool to monitor the security process of your networks and computers
- your team saves time in vulnerabilities research and concentrates on important tasks
- a CVE compatible solution
|
|
