History of vulnerabilities analyzed by Vigil@nce: cloud-init: information disclosure via Small Password Prediction An attacker can bypass access restrictions to data via Small Password Prediction of cloud-init, in order to obtain sensitive information... cloud-init: information disclosure via Mersenne Twister Password Prediction An attacker can bypass access restrictions to data via Mersenne Twister Password Prediction of cloud-init, in order to obtain sensitive information... FasterXML jackson-databind: privilege escalation via xbean-reflect/JNDI An attacker can bypass restrictions via xbean-reflect/JNDI of FasterXML jackson-databind, in order to escalate his privileges... PHP: multiple vulnerabilities An attacker can use several vulnerabilities of PHP... Dovecot: denial of service via Snippet Generation An attacker can trigger a fatal error via Snippet Generation of Dovecot, in order to trigger a denial of service... Dovecot: overload via Truncated UTF-8 Data An attacker can trigger an overload via Truncated UTF-8 Data of Dovecot, in order to trigger a denial of service... Drupal Profile: privilege escalation via Create Profiles Permission An attacker can bypass restrictions via Create Profiles Permission of Drupal Profile, in order to escalate his privileges... Netty: overload via SSLv2Hello SslHandler An attacker can trigger an overload via SSLv2Hello SslHandler of Netty, in order to trigger a denial of service... Netty: information disclosure via Transfer-Encoding Whitespace Request Smuggling An attacker can bypass access restrictions to data via Transfer-Encoding Whitespace Request Smuggling of Netty, in order to obtain sensitive information... inn: privilege escalation via innfeed.status An attacker can bypass restrictions via innfeed.status of inn, in order to escalate his privileges... Cisco Unified Contact Center Express: file upload via Administration Web Interface An attacker can upload a malicious file via Administration Web Interface on Cisco Unified Contact Center Express, in order for example to upload a Trojan... Cisco Unified Contact Center Enterprise: overload via Inbound Live Data Traffic An attacker can trigger an overload via Inbound Live Data Traffic of Cisco Unified Contact Center Enterprise, in order to trigger a denial of service... Cisco ESA: overload via Numerous Shortened URLs An attacker can trigger an overload via Numerous Shortened URLs of Cisco ESA, in order to trigger a denial of service... Cisco AnyConnect Secure Mobility Client for Windows: executing DLL code An attacker can create a malicious DLL, and then put it in the current directory of Cisco AnyConnect Secure Mobility Client for Windows, in order to execute code... Cisco UCS C-Series Rack Server: privilege escalation via UEFI Secure Boot Bypass An attacker can bypass restrictions via UEFI Secure Boot Bypass of Cisco UCS C-Series Rack Server, in order to escalate his privileges... Cisco ESA/CSMA: denial of service via Email Attachments An attacker can trigger a fatal error via Email Attachments of Cisco ESA/CSMA, in order to trigger a denial of service... Cisco ESA: infinite loop via Large Email Attachments An attacker can trigger an infinite loop via Large Email Attachments of Cisco ESA, in order to trigger a denial of service... Cisco Data Center Network Manager: Cross Site Scripting An attacker can trigger a Cross Site Scripting of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site... Cisco Data Center Network Manager: privilege escalation via REST API An attacker can bypass restrictions via REST API of Cisco Data Center Network Manager, in order to escalate his privileges... Cisco Data Center Network Manager: Cross Site Request Forgery An attacker can trigger a Cross Site Request Forgery of Cisco Data Center Network Manager, in order to force the victim to perform operations... Stormshield Network Security: open redirect via Captive Portal An attacker can deceive the user via Captive Portal of Stormshield Network Security, in order to redirect him to a malicious site... FortiOS: open redirect via Admin WebUI Initial Password Change An attacker can deceive the user via Admin WebUI Initial Password Change of FortiOS, in order to redirect him to a malicious site... Puppet: information disclosure via Compromised Certificate An attacker can bypass access restrictions to data via Compromised Certificate of Puppet, in order to obtain sensitive information... ProFTPD: use after free via Data Transfer Memory Pools An attacker can force the usage of a freed memory area via Data Transfer Memory Pools of ProFTPD, in order to trigger a denial of service, and possibly to run code... ProFTPD: out-of-bounds memory reading via mod_cap getstateflags An attacker can force a read at an invalid address via mod_cap getstateflags() of ProFTPD, in order to trigger a denial of service, or to obtain sensitive information... ProFTPD: information disclosure via Ftpasswd File Permissions An attacker can bypass access restrictions to data via Ftpasswd File Permissions of ProFTPD, in order to obtain sensitive information... IBM DB2: buffer overflow An attacker can trigger a buffer overflow of IBM DB2, in order to trigger a denial of service, and possibly to run code... IBM DB2: denial of service via JDBC Client An attacker can trigger a fatal error via JDBC Client of IBM DB2, in order to trigger a denial of service... IBM DB2: denial of service via Invalid Commands An attacker can trigger a fatal error via Invalid Commands of IBM DB2, in order to trigger a denial of service... Next pageDirect access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012