The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Ansible Community Package: denial of service via SSM Connection Plugin
An attacker can trigger a fatal error via SSM Connection Plugin of Ansible Community Package, in order to trigger a denial of service...
Ansible Community Package: information disclosure via SSM Connection Plugin
An attacker can bypass access restrictions to data via SSM Connection Plugin of Ansible Community Package, in order to obtain sensitive information...
OpenBSD: denial of service via PROT_NONE MAP_SHARED
An attacker can trigger a fatal error via PROT_NONE MAP_SHARED of OpenBSD, in order to trigger a denial of service...
libproxy: buffer overflow via PAC File
An attacker can trigger a buffer overflow via PAC File of libproxy, in order to trigger a denial of service, and possibly to run code...
urllib3: information disclosure via CRLF Injection
An attacker can bypass access restrictions to data via CRLF Injection of urllib3, in order to obtain sensitive information...
Perl DBI: memory corruption via User-defined Function
An attacker can trigger a memory corruption via User-defined Function of Perl DBI, in order to trigger a denial of service, and possibly to run code...
MongoDB Server: denial of service via GeoQuery
An attacker can trigger a fatal error via GeoQuery of MongoDB Server, in order to trigger a denial of service...
Node.js socket.io-file: file upload
An attacker can upload a malicious file on Node.js socket.io-file, in order for example to upload a Trojan...
Node.js yargs-parser: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js yargs-parser, in order to read or alter data...
Linux kernel: privilege escalation via Secure Boot Forbidden Signature Bypass
An attacker can bypass restrictions via Secure Boot Forbidden Signature Bypass of the Linux kernel, in order to escalate his privileges...
WebKit: four vulnerabilities
An attacker can use several vulnerabilities of WebKit...
SNMPTT: code execution via EXEC
An attacker can use a vulnerability via EXEC of SNMPTT, in order to run code...
libvirt: use after free via qemuAgentGetInterfaces
An attacker can force the usage of a freed memory area via qemuAgentGetInterfaces() of libvirt, in order to trigger a denial of service, and possibly to run code...
Linux kernel: information disclosure via romfs_dev_read
A local attacker can read a memory fragment via romfs_dev_read() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: buffer overflow via skb_to_mamac
An attacker can trigger a buffer overflow via skb_to_mamac() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: buffer overflow via kbd_keycode
An attacker can trigger a buffer overflow via kbd_keycode of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: out-of-bounds memory reading via create_pinctrl
An attacker can force a read at an invalid address via create_pinctrl of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
Linux kernel: memory corruption via uvc_scan_chain_forward
An attacker can trigger a memory corruption via uvc_scan_chain_forward() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Podman: information disclosure via Varlink API / Docker-compatible REST API
An attacker can bypass access restrictions to data via Varlink API / Docker-compatible REST API of Podman, in order to obtain sensitive information...
WEBrick: information disclosure via Transfer-Encoding Header Smuggling
An attacker can bypass access restrictions to data via Transfer-Encoding Header Smuggling of WEBrick, in order to obtain sensitive information...
PHP: information disclosure via __Host- Cookie Names
An attacker can bypass access restrictions to data via __Host- Cookie Names of PHP, in order to obtain sensitive information...
PHP: information disclosure via AES-CCM Encryption
An attacker can bypass access restrictions to data via AES-CCM Encryption of PHP, in order to obtain sensitive information...
Ruby json-jwt: buffer overflow via JWE String Splitting
An attacker can trigger a buffer overflow via JWE String Splitting of Ruby json-jwt, in order to trigger a denial of service, and possibly to run code...
FortiOS: buffer overflow via HTTPD
An attacker can trigger a buffer overflow via HTTPD of FortiOS, in order to trigger a denial of service, and possibly to run code...
Node.js node-forge: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js node-forge, in order to escalate his privileges...
Webmin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Webmin, in order to run JavaScript code in the context of the web site...
WebSphere AS: information disclosure via Serialized Objects
An attacker can bypass access restrictions to data via Serialized Objects of WebSphere AS, in order to obtain sensitive information...
Django REST Framework: Cross Site Scripting via Browseable API Viewer
An attacker can trigger a Cross Site Scripting via Browseable API Viewer of Django REST Framework, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1063 1064 1065 1066 1067 1068 1069 1070 1071 1073 1075 1076 1077 1078 1079 1080 1081 1082 1083 1101 1116