The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
IBM Security Directory Server: multiple vulnerabilities
An attacker can use several vulnerabilities of IBM Security Directory Server...
Django: SQL injection via StringAgg
An attacker can use a SQL injection via StringAgg of Django, in order to read or alter data...
Qt5: code execution via Plugin Current Directory Load
An attacker can use a vulnerability via Plugin Current Directory Load of Qt5, in order to run code...
Squid cache: memory corruption via ext_lm_group_acl helper
An attacker can trigger a memory corruption via ext_lm_group_acl helper of Squid cache, in order to trigger a denial of service, and possibly to run code...
Squid cache: information disclosure via FTP Gateway
A local attacker can read a memory fragment via FTP Gateway of Squid cache, in order to obtain sensitive information...
Squid cache: buffer overflow via Reverse Proxy
An attacker can trigger a buffer overflow via Reverse Proxy of Squid cache, in order to trigger a denial of service, and possibly to run code...
XAR: NULL pointer dereference via xar_get_path
An attacker can force a NULL pointer to be dereferenced via xar_get_path() of XAR, in order to trigger a denial of service...
XAR: NULL pointer dereference via xar_unserialize
An attacker can force a NULL pointer to be dereferenced via xar_unserialize() of XAR, in order to trigger a denial of service...
XAR: buffer overflow
An attacker can trigger a buffer overflow of XAR, in order to trigger a denial of service, and possibly to run code...
UPX: denial of service via PackLinuxElf-elf_hash
An attacker can trigger a fatal error via PackLinuxElf::elf_hash() of UPX, in order to trigger a denial of service...
UPX: out-of-bounds memory reading via canUnpack
An attacker can force a read at an invalid address via canUnpack() of UPX, in order to trigger a denial of service, or to obtain sensitive information...
UPX: use after free via PackLinuxElf64-unpack
An attacker can force the usage of a freed memory area via PackLinuxElf64::unpack() of UPX, in order to trigger a denial of service, and possibly to run code...
Apache SpamAssassin: privilege escalation via Unwarned Commands
An attacker can bypass restrictions via Unwarned Commands of Apache SpamAssassin, in order to escalate his privileges...
Apache SpamAssassin: code execution via Rule Configuration File
An attacker can use a vulnerability via Rule Configuration File of Apache SpamAssassin, in order to run code...
Prosody: privilege escalation via XMPP Address is_admin
An attacker can bypass restrictions via XMPP Address is_admin() of Prosody, in order to escalate his privileges...
Qt5: code execution via Plugin Side Load
An attacker can use a vulnerability via Plugin Side Load of Qt5, in order to run code...
FasterXML jackson-databind: external XML entity injection via jackson-mapper-asl
An attacker can transmit malicious XML data via jackson-mapper-asl to FasterXML jackson-databind, in order to read a file, scan sites, or trigger a denial of service...
Ceph: directory traversal via RGW Dashboard
An attacker can traverse directories via RGW Dashboard of Ceph, in order to read a file outside the service root path...
Ceph: denial of service via RGW Beast
An attacker can trigger a fatal error via RGW Beast of Ceph, in order to trigger a denial of service...
Node.js cordova-plugin-inappbrowser: privilege escalation via gap-iab URI
An attacker can bypass restrictions via gap-iab URI of Node.js cordova-plugin-inappbrowser, in order to escalate his privileges...
Python: denial of service via urllib.request.AbstractBasicAuthHandler
An attacker can trigger a fatal error via urllib.request.AbstractBasicAuthHandler of Python, in order to trigger a denial of service...
Sudo: privilege escalation via pwfeedback
An attacker can bypass restrictions via pwfeedback of Sudo, in order to escalate his privileges...
Linux kernel: information disclosure via KVM Missing TLB Flushes
A local attacker, inside a guest system, can read a memory fragment via KVM Missing TLB Flushes of the Linux kernel, in order to obtain sensitive information on the host system...
Linux kernel: information disclosure via ARM64/KVM Debug Registers
An attacker, inside a guest system, can bypass access restrictions to data via ARM64/KVM Debug Registers of the Linux kernel, in order to obtain sensitive information on the host system...
WebSphere AS: memory leak
An attacker can create a memory leak of WebSphere AS, in order to trigger a denial of service...
Links: information disclosure via Tor Clear Dns Prefetch Requests
An attacker can bypass access restrictions to data via Tor Clear Dns Prefetch Requests of Links, in order to obtain sensitive information...
Pillow: buffer overflow via libImaging/SgiRleDecode.c
An attacker can trigger a buffer overflow via libImaging/SgiRleDecode.c of Pillow, in order to trigger a denial of service, and possibly to run code...
Pillow: integer overflow via libImaging/TiffDecode.c
An attacker can trigger an integer overflow via libImaging/TiffDecode.c of Pillow, in order to trigger a denial of service, and possibly to run code...
rmt-server: denial of service via Offline Migration
An attacker can trigger a fatal error via Offline Migration of rmt-server, in order to trigger a denial of service...
SUSE wicked: memory leak via DHCP4 Missing Message Type
An attacker can create a memory leak via DHCP4 Missing Message Type of SUSE wicked, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 997 998 999 1000 1001 1002 1003 1004 1005 1007 1009 1010 1011