The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Fortigate SSL VPN: privilege escalation via Credential Plaintext Storage
An attacker can bypass restrictions via Credential Plaintext Storage of Fortigate SSL VPN, in order to escalate his privileges...
Grafana: Cross Site Scripting via Column Link
An attacker can trigger a Cross Site Scripting via Column Link of Grafana, in order to run JavaScript code in the context of the web site...
Linux kernel: denial of service via fib6_rule_lookup
An attacker can trigger a fatal error via fib6_rule_lookup() of the Linux kernel, in order to trigger a denial of service...
oVirt: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of oVirt, in order to run JavaScript code in the context of the web site...
Cryptacular: denial of service via CiphertextHeader Decode Operation
An attacker can trigger a fatal error via CiphertextHeader Decode Operation of Cryptacular, in order to trigger a denial of service...
PoDoFo: NULL pointer dereference via PoDoFo-PdfVariant-DelayedLoad
An attacker can force a NULL pointer to be dereferenced via PoDoFo::PdfVariant::DelayedLoad() of PoDoFo, in order to trigger a denial of service...
OpenSC: buffer overflow via CAC Certificates
An attacker can trigger a buffer overflow via CAC Certificates of OpenSC, in order to trigger a denial of service, and possibly to run code...
OpenSC: use after free via sc_pkcs15_decode_prkdf_entry
An attacker can force the usage of a freed memory area via sc_pkcs15_decode_prkdf_entry() of OpenSC, in order to trigger a denial of service, and possibly to run code...
Xfig: buffer overflow via read_colordef
An attacker can trigger a buffer overflow via read_colordef() of Xfig, in order to trigger a denial of service, and possibly to run code...
Xfig: buffer overflow via make_arrow
An attacker can trigger a buffer overflow via make_arrow() of Xfig, in order to trigger a denial of service, and possibly to run code...
ELOG: five vulnerabilities
An attacker can use several vulnerabilities of ELOG...
ARC: directory traversal via Full Pathname
An attacker can traverse directories via Full Pathname of ARC, in order to create a file outside the service root path...
IBM MQ: denial of service via Invalid Message
An attacker can trigger a fatal error via Invalid Message of IBM MQ, in order to trigger a denial of service...
IBM MQ: denial of service via Clustering Code
An attacker can trigger a fatal error via Clustering Code of IBM MQ, in order to trigger a denial of service...
Node.js klona: code execution via Prototype Pollution
An attacker can use a vulnerability via Prototype Pollution of Node.js klona, in order to run code...
Node.js parsel: information disclosure via Hardcoded Initialization Vector
An attacker can bypass access restrictions to data via Hardcoded Initialization Vector of Node.js parsel, in order to obtain sensitive information...
Node.js hapi/boom: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js hapi/boom, in order to run JavaScript code in the context of the web site...
Dell EMC OpenManage Enterprise: four vulnerabilities
An attacker can use several vulnerabilities of Dell EMC OpenManage Enterprise...
QEMU: memory corruption via iSCSI Block Driver
An attacker, inside a guest system, can trigger a memory corruption via iSCSI Block Driver of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
Check Point Security Gateway: information disclosure via Predictable TCP Sequences
An attacker can bypass access restrictions to data via Predictable TCP Sequences of Check Point Security Gateway, in order to obtain sensitive information...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
python-apt: code execution via Untrusted Repositories
An attacker can use a vulnerability via Untrusted Repositories of python-apt, in order to run code...
python-apt: Man-in-the-Middle via MD5 Hashes
An attacker can act as a Man-in-the-Middle via MD5 Hashes on python-apt, in order to read or write data in the session...
ISC DHCP: multiple vulnerabilities
An attacker can use several vulnerabilities of ISC DHCP...
Drupal SpamSpan: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal SpamSpan, in order to run JavaScript code in the context of the web site...
Cisco Unified Communications Manager: Cross Site Request Forgery via Web-based Management Interface
An attacker can trigger a Cross Site Request Forgery via Web-based Management Interface of Cisco Unified Communications Manager, in order to force the victim to perform operations...
Cisco IOS XE SD-WAN: privilege escalation via Default Credentials
An attacker can bypass restrictions via Default Credentials of Cisco IOS XE SD-WAN, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 995 996 997 998 999 1000 1001 1002 1003 1005 1007 1008 1009 1010 1011