The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Icinga Web2: directory traversal
An attacker can traverse directories of Icinga Web2, in order to read a file outside the service root path...
Centreon Web: multiple vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
Nessus: privilege escalation via Unexpired Sessions
An attacker can bypass restrictions via Unexpired Sessions of Nessus, in order to escalate his privileges...
GhostScript: multiple vulnerabilities
An attacker can use several vulnerabilities of GhostScript...
GhostScript: buffer overflow via GetNumSameData
An attacker can trigger a buffer overflow via GetNumSameData() of GhostScript, in order to trigger a denial of service, and possibly to run code...
ISC BIND: privilege escalation via Update-policy Rules
An attacker can bypass restrictions via Update-policy Rules of ISC BIND, in order to escalate his privileges...
ISC BIND: assertion error via Native PKCS11 Code
An attacker can force an assertion error via Native PKCS11 Code of ISC BIND, in order to trigger a denial of service...
ISC BIND: assertion error via Truncated TSIG Response
An attacker can force an assertion error via Truncated TSIG Response of ISC BIND, in order to trigger a denial of service...
ISC BIND: denial of service via QNAME Minimization
An attacker can trigger a fatal error via QNAME Minimization of ISC BIND, in order to trigger a denial of service...
ISC BIND: assertion error via Large TCP Payload
An attacker can force an assertion error via Large TCP Payload of ISC BIND, in order to trigger a denial of service...
Node.js auth0-lock: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js auth0-lock, in order to run JavaScript code in the context of the web site...
Linux kernel: read-write access via Nfsd No-ACL Unapplied Umask
An attacker can bypass access restrictions via Nfsd No-ACL Unapplied Umask of the Linux kernel, in order to read or alter data...
Linux kernel: NULL pointer dereference via cgroup_sk_alloc
An attacker can force a NULL pointer to be dereferenced via cgroup_sk_alloc() of the Linux kernel, in order to trigger a denial of service...
Micro Focus ArcSight Management Center: denial of service
An attacker can trigger a fatal error of Micro Focus ArcSight Management Center, in order to trigger a denial of service...
swtpm: code execution via External Tools Eval
An attacker can use a vulnerability via External Tools Eval of swtpm, in order to run code...
QEMU: integer overflow via oss_write
An attacker, inside a guest system, can trigger an integer overflow via oss_write() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
QEMU: integer overflow via sm501_2d_operation
An attacker, inside a guest system, can trigger an integer overflow via sm501_2d_operation() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
Cisco Data Center Network Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site...
Cisco Data Center Network Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site...
Cisco Data Center Network Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site...
Cisco Data Center Network Manager: directory traversal via REST API Method
An attacker can traverse directories via REST API Method of Cisco Data Center Network Manager, in order to read a file outside the service root path...
Cisco Data Center Network Manager: directory traversal via REST API Endpoint
An attacker can traverse directories of Cisco Data Center Network Manager, in order to read a file outside the service root path...
Cisco Data Center Network Manager: information disclosure
An attacker can bypass access restrictions to data of Cisco Data Center Network Manager, in order to obtain sensitive information...
Cisco Data Center Network Manager: directory traversal via REST API
An attacker can traverse directories via REST API of Cisco Data Center Network Manager, in order to read a file outside the service root path...
Cisco Data Center Network Manager: read-write access via Web-based Management Interface
An attacker can bypass access restrictions via Web-based Management Interface of Cisco Data Center Network Manager, in order to read or alter data...
Cisco Data Center Network Manager: privilege escalation via Web-based Management Interface
An attacker can bypass restrictions via Web-based Management Interface of Cisco Data Center Network Manager, in order to escalate his privileges...
Ruby websocket-extensions: denial of service via Regex Backtracking
An attacker can trigger a fatal error via Regex Backtracking of Ruby websocket-extensions, in order to trigger a denial of service...
cURL: information disclosure via CURLOPT_CONNECT_ONLY
An attacker can bypass access restrictions to data via CURLOPT_CONNECT_ONLY of cURL, in order to obtain sensitive information...
libxml2: buffer overflow
An attacker can trigger a buffer overflow of libxml2, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1052 1053 1054 1055 1056 1057 1058 1059 1060 1062 1064 1065 1066 1067 1068 1069 1070