The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Hibernate-Validator: Cross Site Scripting via SafeHtml
An attacker can trigger a Cross Site Scripting via SafeHtml of Hibernate-Validator, in order to run JavaScript code in the context of the web site...
Swagger UI: information disclosure via RPO Input Field Value Exfiltration
An attacker can bypass access restrictions to data via RPO Input Field Value Exfiltration of Swagger UI, in order to obtain sensitive information...
e2fsprogs: buffer overflow via e2fsck directory rehashing
An attacker can trigger a buffer overflow via e2fsck directory rehashing of e2fsprogs, in order to trigger a denial of service, and possibly to run code...
Mozilla NSS: information disclosure via HelloRetryRequest Lower Protocol Negotiation
An attacker can bypass access restrictions to data via HelloRetryRequest Lower Protocol Negotiation of Mozilla NSS, in order to obtain sensitive information...
glibc: information disclosure via LD_PREFER_MAP_32BIT_EXEC Mapping Addresses
An attacker can bypass access restrictions to data via LD_PREFER_MAP_32BIT_EXEC Mapping Addresses of glibc, in order to obtain sensitive information...
libbsd: out-of-bounds memory reading via nlist.c
An attacker can force a read at an invalid address via nlist.c of libbsd, in order to trigger a denial of service, or to obtain sensitive information...
gpac: buffer overflow via dimC_Read
An attacker can trigger a buffer overflow via dimC_Read() of gpac, in order to trigger a denial of service, and possibly to run code...
gpac: six vulnerabilities
An attacker can use several vulnerabilities of gpac...
gpac: out-of-bounds memory reading via isomedia/isom_read.c
An attacker can force a read at an invalid address via isomedia/isom_read.c of gpac, in order to trigger a denial of service, or to obtain sensitive information...
gpac: out-of-bounds memory reading via audio_sample_entry_AddBox
An attacker can force a read at an invalid address via audio_sample_entry_AddBox() of gpac, in order to trigger a denial of service, or to obtain sensitive information...
gpac: NULL pointer dereference via AVC_DuplicateConfig
An attacker can force a NULL pointer to be dereferenced via AVC_DuplicateConfig() of gpac, in order to trigger a denial of service...
Cacti: code execution via Performance Boost Debug Log
An attacker can use a vulnerability via Performance Boost Debug Log of Cacti, in order to run code...
GlusterFS: read-write access via auth.allow
An attacker can bypass access restrictions via auth.allow of GlusterFS, in order to read or alter data...
uftpd: buffer overflow via handle_PORT
An attacker can trigger a buffer overflow via handle_PORT() of uftpd, in order to trigger a denial of service, and possibly to run code...
libredwg: seven vulnerabilities
An attacker can use several vulnerabilities of libredwg...
libredwg: ten vulnerabilities
An attacker can use several vulnerabilities of libredwg...
RubyGem Rack: privilege escalation via Session ID Time Measurement
An attacker can bypass restrictions via Session ID Time Measurement of RubyGem Rack, in order to escalate his privileges...
Internet Explorer: memory corruption via Scripting Engine
An attacker can trigger a memory corruption via Scripting Engine of Internet Explorer, in order to trigger a denial of service, and possibly to run code...
Spring Framework: Cross Site Request Forgery via CORS Preflight Requests
An attacker can trigger a Cross Site Request Forgery via CORS Preflight Requests of Spring Framework, in order to force the victim to perform operations...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
Cacti: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cacti, in order to run JavaScript code in the context of the web site...
Spring Framework: file reading via Content-Disposition Reflected File Download
A local attacker can read a file via Content-Disposition Reflected File Download of Spring Framework, in order to obtain sensitive information...
Centreon: privilege escalation via cwrapper_perl
An attacker can bypass restrictions via cwrapper_perl of Centreon, in order to escalate his privileges...
Linux kernel: information disclosure via flow_dissector
An attacker can bypass access restrictions to data via flow_dissector of the Linux kernel, in order to obtain sensitive information...
icingaweb2: five vulnerabilities
An attacker can use several vulnerabilities of icingaweb2...
XAR: privilege escalation via Package Signature Validation
An attacker can bypass restrictions via Package Signature Validation of XAR, in order to escalate his privileges...
QEMU: directory traversal via SLiRP TFTP Server
An attacker can traverse directories via SLiRP TFTP Server of QEMU, in order to read a file outside the service root path...
FontForge: buffer overflow via Type2NotDefSplines
An attacker can trigger a buffer overflow via Type2NotDefSplines() of FontForge, in order to trigger a denial of service, and possibly to run code...
FontForge: use after free via SFD_GetFontMetaData
An attacker can force the usage of a freed memory area via SFD_GetFontMetaData() of FontForge, in order to trigger a denial of service, and possibly to run code...
Lifesize Icon: security improvement
The security of Lifesize Icon was improved...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 993 994 995 996 997 998 999 1000 1001 1003 1005 1006 1007 1008 1009 1010 1011