The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
FortiAnalyzer, FortiManager: privilege escalation via SSH Port Forwarding
An attacker can bypass restrictions via SSH Port Forwarding of FortiAnalyzer / FortiManager, in order to escalate his privileges...
Linux kernel: memory leak via usbtest_disconnect
An attacker can create a memory leak via usbtest_disconnect() of the Linux kernel, in order to trigger a denial of service...
Sophos XG Firewall 17: buffer overflow via User Portal
An attacker can trigger a buffer overflow via User Portal of Sophos XG Firewall 17, in order to trigger a denial of service, and possibly to run code...
OpenSSH: information disclosure via Dynamic Policy Host Key
An attacker can bypass access restrictions to data via Dynamic Policy Host Key of OpenSSH, in order to obtain sensitive information...
Avast Antivirus: privilege escalation via Hard Links
An attacker can bypass restrictions via Hard Links of Avast Antivirus, in order to escalate his privileges...
Mozilla Firefox/Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox/Thunderbird...
Coturn TURN Server: information disclosure via STUN/TURN Response
A local attacker can read a memory fragment via STUN/TURN Response of Coturn TURN Server, in order to obtain sensitive information...
Mozilla NSS: assertion error
An attacker can force an assertion error of Mozilla NSS, in order to trigger a denial of service...
PAN-OS: privilege escalation via SAML
An attacker can bypass restrictions via SAML of PAN-OS, in order to escalate his privileges...
PuTTY: information disclosure via Dynamic Policy Host Key
An attacker can bypass access restrictions to data via Dynamic Policy Host Key of PuTTY, in order to obtain sensitive information...
PuTTY: use after free via agent_response
An attacker can force the usage of a freed memory area via agent_response of PuTTY, in order to trigger a denial of service, and possibly to run code...
GNU Mailman: Cross Site Scripting via Cgi/private.py
An attacker can trigger a Cross Site Scripting via Cgi/private.py of GNU Mailman, in order to run JavaScript code in the context of the web site...
SQLite: buffer overflow via Query Flattener Optimization
An attacker can trigger a buffer overflow via Query Flattener Optimization of SQLite, in order to trigger a denial of service, and possibly to run code...
HCL Notes: information disclosure via Mailto
An attacker can bypass access restrictions to data via Mailto of HCL Notes, in order to obtain sensitive information...
Squid cache: spoofing via HTTP Request Cache Poisoning
An attacker can create spoofed data via HTTP Request Cache Poisoning of Squid cache, in order to deceive the victim...
IBM API Connect V 2018: information disclosure via Weak Cryptographic Algorithms
An attacker can bypass access restrictions to data via Weak Cryptographic Algorithms of IBM API Connect V 2018, in order to obtain sensitive information...
Apache Traffic Server: denial of service via HTTP/2 HEADERS
An attacker can trigger a fatal error via HTTP/2 HEADERS of Apache Traffic Server, in order to trigger a denial of service...
WebRTC.org: buffer overflow via Frame Marking Extension
An attacker can trigger a buffer overflow via Frame Marking Extension of WebRTC.org, in order to trigger a denial of service, and possibly to run code...
WebRTC.org: buffer overflow via FEC Extension Processing
An attacker can trigger a buffer overflow via FEC Extension Processing of WebRTC.org, in order to trigger a denial of service, and possibly to run code...
SUSE LE: privilege escalation via /usr/lib/tmpfiles.d/tomcat.conf
An attacker can bypass restrictions via /usr/lib/tmpfiles.d/tomcat.conf of SUSE LE, in order to escalate his privileges...
NVIDIA Graphics Drivers: denial of service via GPU Guest Drivers
An attacker can trigger a fatal error via GPU Guest Drivers of NVIDIA Graphics Drivers, in order to trigger a denial of service...
NVIDIA Graphics Drivers: denial of service via UVM
An attacker can trigger a fatal error via UVM of NVIDIA Graphics Drivers, in order to trigger a denial of service...
NVIDIA Graphics Drivers: code execution via IPC
An attacker can use a vulnerability via IPC of NVIDIA Graphics Drivers, in order to run code...
Suricata Engine: multiple vulnerabilities
An attacker can use several vulnerabilities of Suricata Engine...
Alpine: information disclosure via PREAUTH Insecure Connection
An attacker can bypass access restrictions to data via PREAUTH Insecure Connection of Alpine, in order to obtain sensitive information...
Apache Tomcat: overload via HTTP/2 Requests Sequence
An attacker can trigger an overload via HTTP/2 Requests Sequence of Apache Tomcat, in order to trigger a denial of service...
Ceph: read-write access via CORS ExposeHeader HTTP Header Injection
An attacker can bypass access restrictions via CORS ExposeHeader HTTP Header Injection of Ceph, in order to read or alter data...
nghttp2: denial of service via Large SETTINGS Frames
An attacker can trigger a fatal error via Large SETTINGS Frames of nghttp2, in order to trigger a denial of service...
uftpd: NULL pointer dereference via handle_CWD
An attacker can force a NULL pointer to be dereferenced via handle_CWD() of uftpd, in order to trigger a denial of service...
Nessus: Cross Site Scripting via User Interface
An attacker can trigger a Cross Site Scripting via User Interface of Nessus, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1035 1036 1037 1038 1039 1040 1041 1042 1043 1045 1047 1048 1049 1050 1051 1052 1053 1054 1055 1061 1069