History of vulnerabilities analyzed by Vigil@nce: InspIRCd: use after free via pgsql sqlauth/sqloper Modules An attacker can force the usage of a freed memory area via pgsql sqlauth/sqloper Modules of InspIRCd, in order to trigger a denial of service, and possibly to run code... InspIRCd: NULL pointer dereference via mysql sqlauth/sqloper Modules An attacker can force a NULL pointer to be dereferenced via mysql sqlauth/sqloper Modules of InspIRCd, in order to trigger a denial of service... FortiManager/FortiAnalyzer: Cross Site Scripting via Identify Provider Name An attacker can trigger a Cross Site Scripting via Identify Provider Name of FortiManager/FortiAnalyzer, in order to run JavaScript code in the context of the web site... WildFly: privilege escalation via Xerces XMLSchemaValidator use-grammar-pool-only An attacker can bypass restrictions via Xerces XMLSchemaValidator use-grammar-pool-only of WildFly, in order to escalate his privileges... Google Android OS: multiple vulnerabilities An attacker can use several vulnerabilities of Google Android OS... WebSphere AS: external XML entity injection An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service... PulseAudio: memory corruption via Bluez 5 Module An attacker can trigger a memory corruption via Bluez 5 Module of PulseAudio, in order to trigger a denial of service, and possibly to run code... VMware Spring Framework: privilege escalation via RFD Protection Bypass An attacker can bypass restrictions via RFD Protection Bypass of VMware Spring Framework, in order to escalate his privileges... Stormshield Network Security: Cross Site Scripting via Certificate Manipulation An attacker can trigger a Cross Site Scripting via Certificate Manipulation of Stormshield Network Security, in order to run JavaScript code in the context of the web site... Stormshield Network Security: Cross Site Scripting via Login Disclaimer An attacker can trigger a Cross Site Scripting via Login Disclaimer of Stormshield Network Security, in order to run JavaScript code in the context of the web site... Stormshield Network Security, Netasq: privilege escalation via SNS Command-line Service Bruteforce An attacker can bypass restrictions via SNS Command-line Service Bruteforce of Stormshield Network Security or Netasq, in order to escalate his privileges... oVirt: open redirect via oVirt Engine An attacker can deceive the user via oVirt Engine of oVirt, in order to redirect him to a malicious site... QEMU: overload via hw/usb/hcd-ohci.c An attacker, inside a guest system, can trigger an overload via hw/usb/hcd-ohci.c of QEMU, in order to trigger a denial of service on the host system... FortiOS: Cross Site Scripting via SSLVPN Portal An attacker can trigger a Cross Site Scripting via SSLVPN Portal of FortiOS, in order to run JavaScript code in the context of the web site... IBM WebSphere Application Server Liberty: denial of service via oauth/openidConnectServer An attacker can trigger a fatal error via oauth/openidConnectServer of IBM WebSphere Application Server Liberty, in order to trigger a denial of service... Drupal Core: information disclosure via File Module An attacker can bypass access restrictions to data via File Module of Drupal Core, in order to obtain sensitive information... Drupal Core: Cross Site Scripting via CKEditor Image Caption An attacker can trigger a Cross Site Scripting via CKEditor Image Caption of Drupal Core, in order to run JavaScript code in the context of the web site... Drupal Core: Cross Site Scripting via Forms An attacker can trigger a Cross Site Scripting via Forms of Drupal Core, in order to run JavaScript code in the context of the web site... Drupal Core: privilege escalation via Workspaces Module An attacker can bypass restrictions via Workspaces Module of Drupal Core, in order to escalate his privileges... Drupal Core: Cross Site Scripting via AJAX API JSONP An attacker can trigger a Cross Site Scripting via AJAX API JSONP of Drupal Core, in order to run JavaScript code in the context of the web site... Apple iOS: multiple vulnerabilities An attacker can use several vulnerabilities of Apple iOS... Perl DBI: directory traversal via DBD-File An attacker can traverse directories via DBD::File of Perl DBI, in order to read a file outside the service root path... Perl DBI: memory corruption via Callbacks Arguments An attacker can trigger a memory corruption via Callbacks Arguments of Perl DBI, in order to trigger a denial of service, and possibly to run code... QEMU: memory corruption via hw/sd/sdhci.c An attacker, inside a guest system, can trigger a memory corruption via hw/sd/sdhci.c of QEMU, in order to trigger a denial of service, and possibly to run code on the host system... QEMU: use after free via hw/usb/hcd-ehci.c An attacker, inside a guest system, can force the usage of a freed memory area via hw/usb/hcd-ehci.c of QEMU, in order to trigger a denial of service, and possibly to run code on the host system... Trusted Firmware Mbed TLS: information disclosure via mbedtls_ssl_decrypt_buf An attacker can bypass access restrictions to data via mbedtls_ssl_decrypt_buf() of Trusted Firmware Mbed TLS, in order to obtain sensitive information... Linux kernel: out-of-bounds memory reading via vgacon_scrolldelta An attacker can force a read at an invalid address via vgacon_scrolldelta() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information... Next pageDirect access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069