The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
IBM QRadar SIEM: external XML entity injection
An attacker can transmit malicious XML data to IBM QRadar SIEM, in order to read a file, scan sites, or trigger a denial of service...
IBM QRadar SIEM: denial of service via qflow sflow
An attacker can trigger a fatal error via qflow sflow of IBM QRadar SIEM, in order to trigger a denial of service...
IBM QRadar SIEM: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of IBM QRadar SIEM, in order to run JavaScript code in the context of the web site...
IBM QRadar SIEM: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of IBM QRadar SIEM, in order to run JavaScript code in the context of the web site...
Botan: information disclosure via CBC Padding Side Channel
An attacker can bypass access restrictions to data via CBC Padding Side Channel of Botan, in order to obtain sensitive information...
WebKitGTK: multiple vulnerabilities
An attacker can use several vulnerabilities of WebKitGTK...
Linux kernel: privilege escalation via efivar_ssdt_load
An attacker can bypass restrictions via efivar_ssdt_load of the Linux kernel, in order to escalate his privileges...
Python-RSA: information disclosure via Leading Nul Bytes
An attacker can bypass access restrictions to data via Leading Nul Bytes of Python-RSA, in order to obtain sensitive information...
PoDoFo: out-of-bounds memory reading via ComputeEncryptionKey
An attacker can force a read at an invalid address via ComputeEncryptionKey() of PoDoFo, in order to trigger a denial of service, or to obtain sensitive information...
OpenEXR: NULL pointer dereference via TiledInputFile
An attacker can force a NULL pointer to be dereferenced via TiledInputFile() of OpenEXR, in order to trigger a denial of service...
OpenJPEG: use after free via opj_image_destroy
An attacker can force the usage of a freed memory area via opj_image_destroy() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
Rack: privilege escalation via Cookie Prefix
An attacker can bypass restrictions via Cookie Prefix of Rack, in order to escalate his privileges...
Cacti: SQL injection via Editing Colors
An attacker can use a SQL injection via Editing Colors of Cacti, in order to read or alter data...
Cacti: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cacti, in order to run JavaScript code in the context of the web site...
Apache Tomcat: overload via WebSocket
An attacker can trigger an overload via WebSocket of Apache Tomcat, in order to trigger a denial of service...
Apache Tomcat: denial of service via HTTP/2
An attacker can trigger a fatal error via HTTP/2 of Apache Tomcat, in order to trigger a denial of service...
F5 BIG-IP Edge Client for Windows: privilege escalation via Installer Service
An attacker can bypass restrictions via Installer Service of F5 BIG-IP Edge Client for Windows, in order to escalate his privileges...
Sophos XG Firewall: SQL injection via Email Quarantine
An attacker can use a SQL injection via Email Quarantine of Sophos XG Firewall, in order to read or alter data...
Eclipse Jetty: information disclosure via Large Response Headers
An attacker can bypass access restrictions to data via Large Response Headers of Eclipse Jetty, in order to obtain sensitive information...
OpenBSD: information disclosure via shmget IPC_STAT
A local attacker can read a memory fragment via shmget IPC_STAT of OpenBSD, in order to obtain sensitive information...
LibRaw: buffer overflow via Thumbnail Size Range
An attacker can trigger a buffer overflow via Thumbnail Size Range of LibRaw, in order to trigger a denial of service, and possibly to run code...
Firefox: information disclosure via X-Frame-Options Bypass
An attacker can bypass access restrictions to data via X-Frame-Options Bypass of Firefox, in order to obtain sensitive information...
PAN-OS: code execution via GlobalProtect OS Command Injection
An attacker can use a vulnerability via GlobalProtect OS Command Injection of PAN-OS, in order to run code...
PAN-OS: memory corruption via Management Interface
An attacker can trigger a memory corruption via Management Interface of PAN-OS, in order to trigger a denial of service, and possibly to run code...
PAN-OS: code execution via OS Command Injection
An attacker can use a vulnerability via OS Command Injection of PAN-OS, in order to run code...
PAN-OS: information disclosure via TLS 1.0 Usage
An attacker can bypass access restrictions to data via TLS 1.0 Usage of PAN-OS, in order to obtain sensitive information...
Kubernetes: information disclosure via Kube-proxy TCP/UDP Services Access
An attacker can bypass access restrictions to data via Kube-proxy TCP/UDP Services Access of Kubernetes, in order to obtain sensitive information...
Junos OS MX: denial of service via MPC7/8/9 Large Packets Fragmentation
An attacker can trigger a fatal error via MPC7/8/9 Large Packets Fragmentation of Junos OS MX, in order to trigger a denial of service...
Junos OS: memory leak via mbuf
An attacker can create a memory leak via mbuf of Junos OS, in order to trigger a denial of service...
Junos OS MX: memory leak via PFE
An attacker can create a memory leak via PFE of Junos OS MX, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1042 1043 1044 1045 1046 1047 1048 1049 1051 1053 1054 1055 1056 1057 1058 1059 1060