The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Samba: three vulnerabilities
An attacker can use several vulnerabilities of Samba...
Google Android/Pixel: multiple vulnerabilities of May 2020
An attacker can use several vulnerabilities of Google Android/Pixel...
TeamPass: privilege escalation via API
An attacker having user privileges can use an API of TeamPass, in order to get administration privileges...
FreeBSD: denial of service via sendfile
An attacker can trigger a fatal error via sendfile() of FreeBSD, in order to trigger a denial of service...
LibVNCServer: buffer overflow
An attacker can trigger a buffer overflow of LibVNCServer, in order to trigger a denial of service, and possibly to run code...
QEMU: denial of service via virtio-fs
An attacker, inside a guest system, can allocate all file descriptors via virtio-fs in QEMU, in order to trigger a denial of service on the host system...
Linux kernel: denial of service via Namespace Mountpoint Reference Counter Race
An attacker can trigger a fatal error via Namespace Mountpoint Reference Counter Race of the Linux kernel, in order to trigger a denial of service...
Apache Traffic Server: overload via HTTP/2 Slow Read
An attacker can trigger an overload via HTTP/2 Slow Read of Apache Traffic Server, in order to trigger a denial of service...
Apache Traffic Server: information disclosure via Smuggling / Transfer-Encoding
An attacker can bypass access restrictions to data via Smuggling / Transfer-Encoding of Apache Traffic Server, in order to obtain sensitive information...
Apache Traffic Server: information disclosure via Smuggling / Chunked
An attacker can bypass access restrictions to data via Smuggling / Chunked of Apache Traffic Server, in order to obtain sensitive information...
Apache Traffic Server: information disclosure via Smuggling / Scheme
An attacker can bypass access restrictions to data via Smuggling / Scheme of Apache Traffic Server, in order to obtain sensitive information...
Cacti: Cross Site Scripting via Color Items
An attacker can trigger a Cross Site Scripting via Color Items of Cacti, in order to run JavaScript code in the context of the web site...
OVMF: use after free via TRB Creation
An attacker can force the usage of a freed memory area via TRB Creation of OVMF, in order to trigger a denial of service, and possibly to run code...
OVMF: information disclosure via Original Configuration Runtime
A local attacker can read a memory fragment via Original Configuration Runtime of OVMF, in order to obtain sensitive information...
OVMF: information disclosure
A local attacker can read a memory fragment of OVMF, in order to obtain sensitive information...
Ruby: information disclosure via Socket Library
A local attacker can read a memory fragment via Socket Library of Ruby, in order to obtain sensitive information...
Linux kernel: privilege escalation via SELinux/netlink
An attacker can bypass restrictions via SELinux/netlink of the Linux kernel, in order to escalate his privileges...
Linux kernel: NULL pointer dereference via drivers/media/usb/gspca/ov519.c
An attacker can force a NULL pointer to be dereferenced via drivers/media/usb/gspca/ov519.c of the Linux kernel, in order to trigger a denial of service...
Dom4J: external XML entity injection via SaxReader
An attacker can transmit malicious XML data via SaxReader() to Dom4J, in order to read a file, scan sites, or trigger a denial of service...
WordPress Core: seven vulnerabilities
An attacker can use several vulnerabilities of WordPress Core...
Synology DiskStation Manager: multiple vulnerabilities
An attacker can use several vulnerabilities of Synology DiskStation Manager...
TeamPass: three vulnerabilities
An attacker can use several vulnerabilities of TeamPass...
Linux kernel: buffer overflow via mt76
An attacker can trigger a buffer overflow via mt76 of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via usb_sg_cancel
An attacker can force the usage of a freed memory area via usb_sg_cancel() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Grafana: information disclosure via /var/lib/grafana
An attacker can read /var/lib/grafana on a Grafana host, in order to obtain sensitive information...
SaltStack Salt: two vulnerabilities
An attacker can use several vulnerabilities of SaltStack Salt...
pxz: wrong permissions assignment
An attacker can make profit of the wrong permission management of pxz, in order to read or change files...
sqliteodbc: insecure temporary file creation
An attacker can tamper with the management of temporary files in sqliteodbc...
Horde: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Horde, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020 1021 1022 1023 1024 1025 1026 1027 1028 1030 1032 1033 1034 1035 1036