The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cacti: code execution via Graph Real-time Privilege
An attacker can use a vulnerability via Graph Real-time Privilege of Cacti, in order to run code...
Google Chrome: three vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
GPGME: use after free via Proglottis Go Wrapper GPG Signature Verification
An attacker can force the usage of a freed memory area via Proglottis Go Wrapper GPG Signature Verification of GPGME, in order to trigger a denial of service, and possibly to run code...
pam_radius: buffer overflow via add_password
An attacker can trigger a buffer overflow via add_password() of pam_radius, in order to trigger a denial of service, and possibly to run code...
cloud-init: information disclosure via Small Password Prediction
An attacker can bypass access restrictions to data via Small Password Prediction of cloud-init, in order to obtain sensitive information...
cloud-init: information disclosure via Mersenne Twister Password Prediction
An attacker can bypass access restrictions to data via Mersenne Twister Password Prediction of cloud-init, in order to obtain sensitive information...
FasterXML jackson-databind: privilege escalation via xbean-reflect/JNDI
An attacker can bypass restrictions via xbean-reflect/JNDI of FasterXML jackson-databind, in order to escalate his privileges...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
Dovecot: denial of service via Snippet Generation
An attacker can trigger a fatal error via Snippet Generation of Dovecot, in order to trigger a denial of service...
Dovecot: overload via Truncated UTF-8 Data
An attacker can trigger an overload via Truncated UTF-8 Data of Dovecot, in order to trigger a denial of service...
Drupal Profile: privilege escalation via Create Profiles Permission
An attacker can bypass restrictions via Create Profiles Permission of Drupal Profile, in order to escalate his privileges...
Netty: overload via SSLv2Hello SslHandler
An attacker can trigger an overload via SSLv2Hello SslHandler of Netty, in order to trigger a denial of service...
Netty: information disclosure via Transfer-Encoding Whitespace Request Smuggling
An attacker can bypass access restrictions to data via Transfer-Encoding Whitespace Request Smuggling of Netty, in order to obtain sensitive information...
inn: privilege escalation via innfeed.status
An attacker can bypass restrictions via innfeed.status of inn, in order to escalate his privileges...
Cisco Unified Contact Center Express: file upload via Administration Web Interface
An attacker can upload a malicious file via Administration Web Interface on Cisco Unified Contact Center Express, in order for example to upload a Trojan...
Cisco Unified Contact Center Enterprise: overload via Inbound Live Data Traffic
An attacker can trigger an overload via Inbound Live Data Traffic of Cisco Unified Contact Center Enterprise, in order to trigger a denial of service...
Cisco ESA: overload via Numerous Shortened URLs
An attacker can trigger an overload via Numerous Shortened URLs of Cisco ESA, in order to trigger a denial of service...
Cisco AnyConnect Secure Mobility Client for Windows: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of Cisco AnyConnect Secure Mobility Client for Windows, in order to execute code...
Cisco UCS C-Series Rack Server: privilege escalation via UEFI Secure Boot Bypass
An attacker can bypass restrictions via UEFI Secure Boot Bypass of Cisco UCS C-Series Rack Server, in order to escalate his privileges...
Cisco ESA/CSMA: denial of service via Email Attachments
An attacker can trigger a fatal error via Email Attachments of Cisco ESA/CSMA, in order to trigger a denial of service...
Cisco ESA: infinite loop via Large Email Attachments
An attacker can trigger an infinite loop via Large Email Attachments of Cisco ESA, in order to trigger a denial of service...
Cisco Data Center Network Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site...
Cisco Data Center Network Manager: privilege escalation via REST API
An attacker can bypass restrictions via REST API of Cisco Data Center Network Manager, in order to escalate his privileges...
Cisco Data Center Network Manager: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Data Center Network Manager, in order to force the victim to perform operations...
Stormshield Network Security: open redirect via Captive Portal
An attacker can deceive the user via Captive Portal of Stormshield Network Security, in order to redirect him to a malicious site...
FortiOS: open redirect via Admin WebUI Initial Password Change
An attacker can deceive the user via Admin WebUI Initial Password Change of FortiOS, in order to redirect him to a malicious site...
Puppet: information disclosure via Compromised Certificate
An attacker can bypass access restrictions to data via Compromised Certificate of Puppet, in order to obtain sensitive information...
ProFTPD: use after free via Data Transfer Memory Pools
An attacker can force the usage of a freed memory area via Data Transfer Memory Pools of ProFTPD, in order to trigger a denial of service, and possibly to run code...
ProFTPD: out-of-bounds memory reading via mod_cap getstateflags
An attacker can force a read at an invalid address via mod_cap getstateflags() of ProFTPD, in order to trigger a denial of service, or to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1012 1014 1015 1016 1017 1018 1019 1020 1021 1022 1041 1061 1080