The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Apple macOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple macOS...
Apple iOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple iOS...
AWS CLI: privilege escalation via AMI Loading
An attacker can bypass restrictions via AMI Loading of AWS CLI, in order to escalate his privileges...
storeBackup: file corruption via /tmp/storeBackup.lock
A local attacker can create a symbolic link named /tmp/storeBackup.lock, in order to alter the pointed file, with privileges of storeBackup...
Magento: six vulnerabilities
An attacker can use several vulnerabilities of Magento...
OpenJPEG: buffer overflow via opj_t1_clbl_decode_processor
An attacker can trigger a buffer overflow via opj_t1_clbl_decode_processor() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
GNU LibreDWG: seven vulnerabilities
An attacker can use several vulnerabilities of GNU LibreDWG...
Squid Analysis Report Generator: file corruption via /tmp/sarg/denied.int_unsory
A local attacker can create a symbolic link named /tmp/sarg/denied.int_unsory, in order to alter the pointed file, with privileges of Squid Analysis Report Generator...
Fortigate SSL VPN: privilege escalation via Credential Plaintext Storage
An attacker can bypass restrictions via Credential Plaintext Storage of Fortigate SSL VPN, in order to escalate his privileges...
Grafana: Cross Site Scripting via Column Link
An attacker can trigger a Cross Site Scripting via Column Link of Grafana, in order to run JavaScript code in the context of the web site...
Linux kernel: denial of service via fib6_rule_lookup
An attacker can trigger a fatal error via fib6_rule_lookup() of the Linux kernel, in order to trigger a denial of service...
oVirt: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of oVirt, in order to run JavaScript code in the context of the web site...
Cryptacular: denial of service via CiphertextHeader Decode Operation
An attacker can trigger a fatal error via CiphertextHeader Decode Operation of Cryptacular, in order to trigger a denial of service...
PoDoFo: NULL pointer dereference via PoDoFo-PdfVariant-DelayedLoad
An attacker can force a NULL pointer to be dereferenced via PoDoFo::PdfVariant::DelayedLoad() of PoDoFo, in order to trigger a denial of service...
OpenSC: buffer overflow via CAC Certificates
An attacker can trigger a buffer overflow via CAC Certificates of OpenSC, in order to trigger a denial of service, and possibly to run code...
OpenSC: use after free via sc_pkcs15_decode_prkdf_entry
An attacker can force the usage of a freed memory area via sc_pkcs15_decode_prkdf_entry() of OpenSC, in order to trigger a denial of service, and possibly to run code...
Xfig: buffer overflow via read_colordef
An attacker can trigger a buffer overflow via read_colordef() of Xfig, in order to trigger a denial of service, and possibly to run code...
Xfig: buffer overflow via make_arrow
An attacker can trigger a buffer overflow via make_arrow() of Xfig, in order to trigger a denial of service, and possibly to run code...
ELOG: five vulnerabilities
An attacker can use several vulnerabilities of ELOG...
ARC: directory traversal via Full Pathname
An attacker can traverse directories via Full Pathname of ARC, in order to create a file outside the service root path...
IBM MQ: denial of service via Invalid Message
An attacker can trigger a fatal error via Invalid Message of IBM MQ, in order to trigger a denial of service...
IBM MQ: denial of service via Clustering Code
An attacker can trigger a fatal error via Clustering Code of IBM MQ, in order to trigger a denial of service...
Node.js klona: code execution via Prototype Pollution
An attacker can use a vulnerability via Prototype Pollution of Node.js klona, in order to run code...
Node.js parsel: information disclosure via Hardcoded Initialization Vector
An attacker can bypass access restrictions to data via Hardcoded Initialization Vector of Node.js parsel, in order to obtain sensitive information...
Node.js hapi/boom: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js hapi/boom, in order to run JavaScript code in the context of the web site...
Dell EMC OpenManage Enterprise: four vulnerabilities
An attacker can use several vulnerabilities of Dell EMC OpenManage Enterprise...
QEMU: memory corruption via iSCSI Block Driver
An attacker, inside a guest system, can trigger a memory corruption via iSCSI Block Driver of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
Check Point Security Gateway: information disclosure via Predictable TCP Sequences
An attacker can bypass access restrictions to data via Predictable TCP Sequences of Check Point Security Gateway, in order to obtain sensitive information...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 995 996 997 998 999 1000 1001 1002 1003 1005 1007 1008 1009 1010 1011 1012 1013 1014 1015 1021 1035