The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Django: SQL injection via Tolerance Parameter
An attacker can use a SQL injection via Tolerance Parameter of Django, in order to read or alter data...
Chrome: vulnerability via Media Insufficient Policy
A vulnerability via Media Insufficient Policy of Chrome was announced...
OVMF: Man-in-the-Middle via HTTPS-over-IPv6
An attacker can act as a Man-in-the-Middle via HTTPS-over-IPv6 on OVMF, in order to read or write data in the session...
Google Android/Pixel: multiple vulnerabilities of March 2020
An attacker can use several vulnerabilities of Google Android/Pixel...
SUSE LE: privilege escalation via salt
An attacker can bypass restrictions via salt of SUSE LE, in order to escalate his privileges...
OpenSMTPD: file reading via Makemap Hardlink
A local attacker can read a file via Makemap Hardlink of OpenSMTPD, in order to obtain sensitive information...
Libarchive: memory corruption via archive_read_support_format_rar5.c
An attacker can trigger a memory corruption via archive_read_support_format_rar5.c of Libarchive, in order to trigger a denial of service, and possibly to run code...
Libarchive: out-of-bounds memory reading via archive_wstring_append_from_mbs
An attacker can force a read at an invalid address via archive_wstring_append_from_mbs() of Libarchive, in order to trigger a denial of service, or to obtain sensitive information...
Cacti: code execution via Data Input Method
An attacker can use a vulnerability via Data Input Method of Cacti, in order to run code...
Dell EMC Avamar Server: code execution via Deserialization
An attacker can use a vulnerability via Deserialization of Dell EMC Avamar Server, in order to run code...
Zsh: privilege escalation via zmodload
An attacker can bypass restrictions via zmodload of Zsh, in order to escalate his privileges...
Node.js react-oauth-flow: privilege escalation via OAuth
An attacker can bypass restrictions via OAuth of Node.js react-oauth-flow, in order to escalate his privileges...
Centreon Web: code execution via server_ip
An attacker can use a vulnerability via server_ip of Centreon Web, in order to run code...
Python Bleach: Cross Site Scripting via bleach.clean
An attacker can trigger a Cross Site Scripting via bleach.clean of Python Bleach, in order to run JavaScript code in the context of the web site...
RRDtool: memory corruption via rrdtool.graph
An attacker can trigger a memory corruption via rrdtool.graph of RRDtool, in order to trigger a denial of service, and possibly to run code...
Apache mod_auth_openidc: open redirect via Slash Backslash
An attacker can deceive the user via Slash Backslash of Apache mod_auth_openidc, in order to redirect him to a malicious site...
Dojox: Cross Site Scripting via dojox.xmpp.util.xmlEncode
An attacker can trigger a Cross Site Scripting via dojox.xmpp.util.xmlEncode() of Dojox, in order to run JavaScript code in the context of the web site...
Collabtive: file upload via User Avatar
An attacker can upload a malicious file via User Avatar on Collabtive, in order for example to upload a Trojan...
SUSE LE Permission: privilege escalation via mrsh/wodim
An attacker can bypass restrictions via mrsh/wodim of SUSE LE Permission, in order to escalate his privileges...
SUSE LE Permission: information disclosure via dumpcap
An attacker can bypass access restrictions to data via dumpcap of SUSE LE Permission, in order to obtain sensitive information...
WeeChat: buffer overflow via irc_mode_channel_update
An attacker can trigger a buffer overflow via irc_mode_channel_update() of WeeChat, in order to trigger a denial of service, and possibly to run code...
Firejail: privilege escalation via Seccomp Restrictions Bypass
An attacker can bypass restrictions via Seccomp Restrictions Bypass of Firejail, in order to escalate his privileges...
gorilla/websocket: overload via WebSocket Frames
An attacker can trigger an overload via WebSocket Frames of gorilla/websocket, in order to trigger a denial of service...
Pure-FTPd: out-of-bounds memory reading via init_aliases
An attacker can force a read at an invalid address via init_aliases() of Pure-FTPd, in order to trigger a denial of service, or to obtain sensitive information...
Avast Antivirus: vulnerability via ZIP Bypass
A vulnerability via ZIP Bypass of Avast Antivirus was announced...
Linux kernel: out-of-bounds memory reading via f2fs ttm_put_pages
An attacker can force a read at an invalid address via f2fs ttm_put_pages() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
SUSE: privilege escalation via TeX Live
An attacker can bypass restrictions via TeX Live of SUSE, in order to escalate his privileges...
RSA Authentication Manager: Cross Site Scripting via Security Console
An attacker can trigger a Cross Site Scripting via Security Console of RSA Authentication Manager, in order to run JavaScript code in the context of the web site...
Wireshark: four vulnerabilities
An attacker can use several vulnerabilities of Wireshark...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1005 1006 1007 1008 1009 1010 1011 1012 1013 1015 1017 1018 1019 1020 1021 1022