http://vigilance.fr/?langue=2 This RSS feed tracks public vulnerabilities of Vigil@nce. These information are published with a time delay. Our subscribers can read our bulletins without this time delay. en-US Vigil@nce Orange Business Services Vigil@nce Copyright 1999-2013 Orange Business Services Vigil@nce 2013-05-24T03:01:01Z hourly 1 2000-01-01T00:00:00Z http://vigilance.fr/offer/Vulnerability-watch-database-alert-and-management The Vigil@nce vulnerability database contains several thousand vulnerabilities. 0 Vigil@nce 2013-05-23T12:00:00Z http://vigilance.fr/vulnerability/VMware-ESX-ESXi-vCenter-memory-corruption-via-NFC-12448 An attacker can alter NFC data between the client and VMware ESX/ESXi/vCenter, in order to corrupt the memory, which can lead to code execution. 3 VIGILANCE-VUL-12448 Vigil@nce 2013-05-22T11:09:37Z http://vigilance.fr/vulnerability/WordPress-Cross-Site-Scripting-of-Live-Comment-Preview-12765 An attacker can trigger a Cross Site Scripting in Live Comment Preview of WordPress, in order to execute JavaScript code in the context of the web site. 2 VIGILANCE-VUL-12765 Vigil@nce 2013-05-22T08:42:21Z http://vigilance.fr/vulnerability/WordPress-Cross-Site-Request-Forgery-of-Login-With-Ajax-12764 An attacker can trigger a Cross Site Request Forgery in Login With Ajax of WordPress, in order to force the victim to perform operations. 2 VIGILANCE-VUL-12764 Vigil@nce 2013-05-22T08:36:13Z http://vigilance.fr/vulnerability/WordPress-Cross-Site-Request-Forgery-of-Calendar-12763 An attacker can trigger a Cross Site Request Forgery in Calendar of WordPress, in order to force the victim to perform operations. 2 VIGILANCE-VUL-12763 Vigil@nce 2013-05-22T08:28:56Z http://vigilance.fr/vulnerability/WordPress-Cross-Site-Scripting-of-WP-Photo-Album-Plus-12761 An attacker can trigger a Cross Site Scripting in WP Photo Album Plus of WordPress, in order to execute JavaScript code in the context of the web site. 2 VIGILANCE-VUL-12761 Vigil@nce 2013-05-22T08:03:49Z http://vigilance.fr/vulnerability/QEMU-Guest-Agent-privilege-escalation-via-permissions-12759 An attacker, who is located in a guest system, can alter a file of the QEMU Guest Agent, in order to escalate his privileges in his guest system. 2 VIGILANCE-VUL-12759 Vigil@nce 2013-05-22T06:44:45Z http://vigilance.fr/vulnerability/IBM-Eclipse-Help-System-source-code-reading-via-iehs-war-12758 An attacker can use iehs.war, which is used in several IBM products, in order to read the source code of web pages. 2 VIGILANCE-VUL-12758 Vigil@nce 2013-05-21T09:30:53Z http://vigilance.fr/vulnerability/Cisco-Unified-Communications-Manager-file-reading-via-CLI-12757 An attacker, who is authenticated on the Cisco Unified Communications Manager CLI, can read any file on the system. 2 VIGILANCE-VUL-12757 Vigil@nce 2013-05-21T08:13:10Z http://vigilance.fr/vulnerability/EMC-VNX-Celerra-Control-Station-privilege-escalation-via-nasadmin-12841 An attacker, who is member of the nasadmin group, can alter scripts of EMC VNX/Celerra Control Station, in order to escalate his privileges. 1 VIGILANCE-VUL-12841 Vigil@nce 2013-05-19T17:50:22Z http://vigilance.fr/vulnerability/RSA-SecurID-obsolete-algorithm-12840 Several products related to RSA SecurID use an obsolete encryption algorithm, and a short key size. 1 VIGILANCE-VUL-12840 Vigil@nce 2013-05-19T17:39:52Z http://vigilance.fr/vulnerability/EMC-Avamar-Client-incorrect-validation-of-certificate-12753 When a certificate authentication is configured, an attacker can create a malicious EMC Avamar server, in order to deceive the client. 2 VIGILANCE-VUL-12753 Vigil@nce 2013-05-18T12:58:35Z http://vigilance.fr/vulnerability/EMC-Avamar-file-reading-via-File-Restore-12752 An attacker can manipulate the url of the file restore web interface of EMC Avamar, in order to read a file. 2 VIGILANCE-VUL-12752 Vigil@nce 2013-05-18T12:47:57Z http://vigilance.fr/vulnerability/EMC-NetWorker-privilege-escalation-via-nsrpush-12751 A local attacker can use an unprotected file of nsrpush of EMC NetWorker, in order to escalate his privileges. 2 VIGILANCE-VUL-12751 Vigil@nce 2013-05-18T09:25:30Z http://vigilance.fr/vulnerability/WordPress-information-disclosure-via-Advanced-XML-Reader-12750 An attacker can use an external XML entity in Advanced XML Reader of WordPress, in order to obtain sensitive information. 2 VIGILANCE-VUL-12750 Vigil@nce 2013-05-18T08:07:26Z http://vigilance.fr/vulnerability/Xen-denial-of-service-via-VT-d-MSI-12749 An attacker, who is located in a guest system, can remap interruptions of a device, in order to trigger a denial of service. 2 VIGILANCE-VUL-12749 Vigil@nce 2013-05-17T15:23:48Z http://vigilance.fr/vulnerability/Cisco-IOS-XR-denial-of-service-via-SNMP-12748 An attacker can send malformed SNMP packets to Cisco IOS XR, in order to trigger a denial of service. 2 VIGILANCE-VUL-12748 Vigil@nce 2013-05-17T15:16:58Z http://vigilance.fr/vulnerability/Cisco-Prime-Central-for-Hosted-Collaboration-Solution-multiple-vulnerabilities-12746 An attacker can use several vulnerabilities of Cisco Prime Central for Hosted Collaboration Solution. 2 VIGILANCE-VUL-12746 Vigil@nce 2013-05-17T13:14:20Z http://vigilance.fr/vulnerability/Cisco-Prime-Secure-ACS-privilege-escalation-12745 An attacker can format special commands for Cisco Prime and Secure ACS, in order to escalate his privileges. 2 VIGILANCE-VUL-12745 Vigil@nce 2013-05-17T12:38:23Z http://vigilance.fr/vulnerability/libtiff-buffer-overflow-of-tiff2pdf-t2p-write-pdf-page-12744 An attacker can invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code. 2 VIGILANCE-VUL-12744 Vigil@nce 2013-05-17T12:14:12Z http://vigilance.fr/vulnerability/libtiff-buffer-overflow-of-tiff2pdf-t2-process-jpeg-strip-12743 An attacker can invite the victim to open a malicious TIFF image with tiff2pdf, in order to create a denial of service or to execute code. 2 VIGILANCE-VUL-12743 Vigil@nce 2013-05-17T11:56:50Z