The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
NetHack: multiple vulnerabilities
An attacker can use several vulnerabilities of NetHack...
Feedgen: denial of service via XML Bomb
An attacker can trigger a fatal error via XML Bomb of Feedgen, in order to trigger a denial of service...
Node.js Yarn: file corruption via Package Install
A local attacker can create a symbolic link during the Package Install, in order to alter the pointed file, with privileges of Node.js Yarn...
Node.js set-value: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js set-value, in order to escalate his privileges...
Node.js mixin-deep: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js mixin-deep, in order to escalate his privileges...
docker-runc: information disclosure via Shared Volume Mount Race
An attacker can bypass access restrictions to data via Shared Volume Mount Race of docker-runc, in order to obtain sensitive information...
ipmitool: buffer overflow via lib/ipmi_fru.c
An attacker can trigger a buffer overflow via lib/ipmi_fru.c of ipmitool, in order to trigger a denial of service, and possibly to run code...
ppp: buffer overflow via eap_request
An attacker can trigger a buffer overflow via eap_request() of ppp, in order to trigger a denial of service, and possibly to run code...
pcp: privilege escalation via migrate_tempdirs
An attacker can bypass restrictions via migrate_tempdirs of pcp, in order to escalate his privileges...
pcp: privilege escalation via PCP_LOG_DIR/configs.sh
An attacker can bypass restrictions via PCP_LOG_DIR/configs.sh of pcp, in order to escalate his privileges...
OTRS Help Desk: spoofing via Spoofed Draft Messages
An attacker can create spoofed data via Spoofed Draft Messages of OTRS Help Desk, because of jQuery (VIGILANCE-VUL-29030), in order to deceive the victim...
OTRS Help Desk: unexpired session via SessionMaxIdleTime Ignored
Background tasks are counted for SessionMaxIdleTime of OTRS Help Desk, so an attacker can ensure that his session will never expire...
libexif: integer overflow via exif-data.c
An attacker can trigger an integer overflow via exif-data.c of libexif, in order to trigger a denial of service, and possibly to run code...
SUSE wicked: memory leak via DHCP4 FSM Other Client IDs
An attacker can create a memory leak via DHCP4 FSM Other Client IDs of SUSE wicked, in order to trigger a denial of service...
SUSE wicked: use after free via DHCP6 IA_PD Options
An attacker can force the usage of a freed memory area via DHCP6 IA_PD Options of SUSE wicked, in order to trigger a denial of service, and possibly to run code...
QEMU: out-of-bounds memory reading via snprintf
An attacker can force a read at an invalid address via snprintf() of QEMU, in order to trigger a denial of service, or to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 999 1000 1001 1002 1003 1004 1005 1006 1007 1009 1011 1012 1013 1014 1015 1016 1017 1018 1019 1021 1041 1061 1079