The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
InspIRCd: use after free via pgsql sqlauth/sqloper Modules
An attacker can force the usage of a freed memory area via pgsql sqlauth/sqloper Modules of InspIRCd, in order to trigger a denial of service, and possibly to run code...
InspIRCd: NULL pointer dereference via mysql sqlauth/sqloper Modules
An attacker can force a NULL pointer to be dereferenced via mysql sqlauth/sqloper Modules of InspIRCd, in order to trigger a denial of service...
FortiManager/FortiAnalyzer: Cross Site Scripting via Identify Provider Name
An attacker can trigger a Cross Site Scripting via Identify Provider Name of FortiManager/FortiAnalyzer, in order to run JavaScript code in the context of the web site...
WildFly: privilege escalation via Xerces XMLSchemaValidator use-grammar-pool-only
An attacker can bypass restrictions via Xerces XMLSchemaValidator use-grammar-pool-only of WildFly, in order to escalate his privileges...
Google Android OS: multiple vulnerabilities
An attacker can use several vulnerabilities of Google Android OS...
WebSphere AS: external XML entity injection
An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service...
PulseAudio: memory corruption via Bluez 5 Module
An attacker can trigger a memory corruption via Bluez 5 Module of PulseAudio, in order to trigger a denial of service, and possibly to run code...
VMware Spring Framework: privilege escalation via RFD Protection Bypass
An attacker can bypass restrictions via RFD Protection Bypass of VMware Spring Framework, in order to escalate his privileges...
Stormshield Network Security: Cross Site Scripting via Certificate Manipulation
An attacker can trigger a Cross Site Scripting via Certificate Manipulation of Stormshield Network Security, in order to run JavaScript code in the context of the web site...
Stormshield Network Security: Cross Site Scripting via Login Disclaimer
An attacker can trigger a Cross Site Scripting via Login Disclaimer of Stormshield Network Security, in order to run JavaScript code in the context of the web site...
Stormshield Network Security, Netasq: privilege escalation via SNS Command-line Service Bruteforce
An attacker can bypass restrictions via SNS Command-line Service Bruteforce of Stormshield Network Security or Netasq, in order to escalate his privileges...
oVirt: open redirect via oVirt Engine
An attacker can deceive the user via oVirt Engine of oVirt, in order to redirect him to a malicious site...
QEMU: overload via hw/usb/hcd-ohci.c
An attacker, inside a guest system, can trigger an overload via hw/usb/hcd-ohci.c of QEMU, in order to trigger a denial of service on the host system...
FortiOS: Cross Site Scripting via SSLVPN Portal
An attacker can trigger a Cross Site Scripting via SSLVPN Portal of FortiOS, in order to run JavaScript code in the context of the web site...
IBM WebSphere Application Server Liberty: denial of service via oauth/openidConnectServer
An attacker can trigger a fatal error via oauth/openidConnectServer of IBM WebSphere Application Server Liberty, in order to trigger a denial of service...
Drupal Core: information disclosure via File Module
An attacker can bypass access restrictions to data via File Module of Drupal Core, in order to obtain sensitive information...
Drupal Core: Cross Site Scripting via CKEditor Image Caption
An attacker can trigger a Cross Site Scripting via CKEditor Image Caption of Drupal Core, in order to run JavaScript code in the context of the web site...
Drupal Core: Cross Site Scripting via Forms
An attacker can trigger a Cross Site Scripting via Forms of Drupal Core, in order to run JavaScript code in the context of the web site...
Drupal Core: privilege escalation via Workspaces Module
An attacker can bypass restrictions via Workspaces Module of Drupal Core, in order to escalate his privileges...
Drupal Core: Cross Site Scripting via AJAX API JSONP
An attacker can trigger a Cross Site Scripting via AJAX API JSONP of Drupal Core, in order to run JavaScript code in the context of the web site...
Apple iOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple iOS...
Perl DBI: directory traversal via DBD-File
An attacker can traverse directories via DBD::File of Perl DBI, in order to read a file outside the service root path...
Perl DBI: memory corruption via Callbacks Arguments
An attacker can trigger a memory corruption via Callbacks Arguments of Perl DBI, in order to trigger a denial of service, and possibly to run code...
QEMU: memory corruption via hw/sd/sdhci.c
An attacker, inside a guest system, can trigger a memory corruption via hw/sd/sdhci.c of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
QEMU: use after free via hw/usb/hcd-ehci.c
An attacker, inside a guest system, can force the usage of a freed memory area via hw/usb/hcd-ehci.c of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
Trusted Firmware Mbed TLS: information disclosure via mbedtls_ssl_decrypt_buf
An attacker can bypass access restrictions to data via mbedtls_ssl_decrypt_buf() of Trusted Firmware Mbed TLS, in order to obtain sensitive information...
Linux kernel: out-of-bounds memory reading via vgacon_scrolldelta
An attacker can force a read at an invalid address via vgacon_scrolldelta() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1059 1060 1061 1062 1063 1064 1065 1066 1067 1069