The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Mozilla Firefox/Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox/Thunderbird...
Bootstrap-3-Typeahead: Cross Site Scripting via highlighter
An attacker can trigger a Cross Site Scripting via highlighter() of Bootstrap-3-Typeahead, in order to run JavaScript code in the context of the web site...
rpki-client: privilege escalation via EVP_PKEY_cmp
An attacker can bypass restrictions via rpki-client EVP_PKEY_cmp, in order to escalate his privileges...
OpenBSD: privilege escalation via OpenIKED EVP_PKEY_cmp
An attacker can bypass restrictions via OpenIKED EVP_PKEY_cmp of OpenBSD, in order to escalate his privileges...
Mozilla NSS: information disclosure via Multi-part ChaCha20
An attacker can bypass access restrictions to data via Multi-part ChaCha20 of Mozilla NSS, in order to obtain sensitive information...
Mozilla NSS: information disclosure via Scalar Padding
An attacker can bypass access restrictions to data via Scalar Padding of Mozilla NSS, in order to obtain sensitive information...
Mozilla NSS: information disclosure via P521
An attacker can bypass access restrictions to data via P521 of Mozilla NSS, in order to obtain sensitive information...
Mozilla NSS: information disclosure via P384
An attacker can bypass access restrictions to data via P384 of Mozilla NSS, in order to obtain sensitive information...
Joomla Joomanager: vulnerability
A vulnerability of Joomla Joomanager was announced...
MilkyTracker: use after free via PlayerGeneric
An attacker can force the usage of a freed memory area via PlayerGeneric of MilkyTracker, in order to trigger a denial of service, and possibly to run code...
OpenSSH: code execution via scp Backticks
An attacker can use a vulnerability via scp Backticks of OpenSSH, in order to run code...
Go: Man-in-the-Middle via Certificate Verify KeyUsages
An attacker can act as a Man-in-the-Middle via Certificate Verify KeyUsages on Go, in order to read or write data in the session...
Wind River VxWorks: directory traversal via WebCLI
An attacker can traverse directories via WebCLI of Wind River VxWorks, in order to read a file outside the service root path...
Apache mod_authnz_pam: information disclosure via Cached Passwords
An attacker can bypass access restrictions to data via Cached Passwords of Apache mod_authnz_pam, in order to obtain sensitive information...
PoDoFo: buffer overflow via W_MAX_BYTES
An attacker can trigger a buffer overflow via W_MAX_BYTES of PoDoFo, in order to trigger a denial of service, and possibly to run code...
FreeRDP: ten vulnerabilities
An attacker can use several vulnerabilities of FreeRDP...
FreeRDP: five vulnerabilities
An attacker can use several vulnerabilities of FreeRDP...
FreeRDP: three vulnerabilities
An attacker can use several vulnerabilities of FreeRDP...
Perl YAML-LibYAML: privilege escalation via Unset Load Blessed
An attacker can bypass restrictions via Unset Load Blessed of Perl YAML::LibYAML, in order to escalate his privileges...
Wildfly: denial of service via EJB SessionOpenInvocations
An attacker can trigger a fatal error via EJB SessionOpenInvocations of Wildfly, in order to trigger a denial of service...
Wildfly: denial of service via Accumulated EJB Transaction Objects
An attacker can trigger a fatal error via Accumulated EJB Transaction Objects of Wildfly, in order to trigger a denial of service...
FFmpeg: out-of-bounds memory reading via block_cmp
An attacker can force a read at an invalid address via block_cmp() of FFmpeg, in order to trigger a denial of service, or to obtain sensitive information...
Python: vulnerability via Invalid Glob Documentation
A vulnerability via Invalid Glob Documentation of Python was announced...
Mbed TLS: information disclosure via Import Cache Usage
An attacker can bypass access restrictions to data via Import Cache Usage of Mbed TLS, in order to obtain sensitive information...
Drupal Modal Form: information disclosure
An attacker can bypass access restrictions to data of Drupal Modal Form, in order to obtain sensitive information...
Drupal Apigee Edge: information disclosure via Add Team Member
An attacker can bypass access restrictions to data via Add Team Member of Drupal Apigee Edge, in order to obtain sensitive information...
Drupal Easy Breadcrumb: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Easy Breadcrumb, in order to run JavaScript code in the context of the web site...
Cisco ASA: directory traversal via HTTP Requests
An attacker can traverse directories via HTTP Requests of Cisco ASA, in order to read a file outside the service root path...
QEMU: buffer overflow via xgmac_enet_send
An attacker, inside a guest system, can trigger a buffer overflow via xgmac_enet_send() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1045 1046 1047 1048 1049 1050 1051 1052 1053 1055 1057 1058 1059 1060