The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
SAP: multiple vulnerabilities of October 2020
An attacker can use several vulnerabilities of SAP products...
Sonatype Nexus Repository Manager: directory traversal
An attacker can traverse directories of Sonatype Nexus Repository Manager, in order to read a file outside the service root path...
Linux kernel: memory corruption via GCM/CCM Key Length
An attacker can trigger a memory corruption via GCM/CCM Key Length of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Apache Tomcat: information disclosure via HTTP/2 Concurrent Streams Request Mix-up
An attacker can bypass access restrictions to data via HTTP/2 Concurrent Streams Request Mix-up of Apache Tomcat, in order to obtain sensitive information...
OTRS: information disclosure via Chat Conversation Agent Names
An attacker can bypass access restrictions to data via Chat Conversation Agent Names of OTRS, in order to obtain sensitive information...
stunnel: Man-in-the-Middle via Redirect VerifyChain Bypass
An attacker can act as a Man-in-the-Middle via Redirect VerifyChain Bypass on stunnel, in order to read or write data in the session...
phpMyAdmin: SQL injection via Search
An attacker can use a SQL injection via Search of phpMyAdmin, in order to read or alter data...
phpMyAdmin: Cross Site Scripting via Transformation
An attacker can trigger a Cross Site Scripting via Transformation of phpMyAdmin, in order to run JavaScript code in the context of the web site...
Nextcloud Server: privilege escalation via Reshare
An attacker can bypass restrictions via Reshare of Nextcloud Server, in order to escalate his privileges...
Nextcloud Preferred Providers: privilege escalation via Signup Page Bruteforce
An attacker can bypass restrictions via Signup Page Bruteforce of Nextcloud Preferred Providers, in order to escalate his privileges...
Nextcloud Server: privilege escalation via Plaintext Share Password
An attacker can bypass restrictions via Plaintext Share Password of Nextcloud Server, in order to escalate his privileges...
Eclipse Web Tools Platform: external XML entity injection
An attacker can transmit malicious XML data to Eclipse Web Tools Platform, in order to read a file, scan sites, or trigger a denial of service...
Linux kernel: privilege escalation via Powerpc RTA
An attacker can bypass restrictions via Powerpc RTA of the Linux kernel, in order to escalate his privileges...
Oniguruma: buffer overflow via concat_opt_exact_str
An attacker can trigger a buffer overflow via concat_opt_exact_str() of Oniguruma, in order to trigger a denial of service, and possibly to run code...
Node.js nats: information disclosure
An attacker can bypass access restrictions to data of Node.js nats, in order to obtain sensitive information...
Node.js jison: code execution via Command Injection
An attacker can use a vulnerability via Command Injection of Node.js jison, in order to run code...
Node.js next: open redirect
An attacker can deceive the user of Node.js next, in order to redirect him to a malicious site...
IBM Informix Dynamic Server: buffer overflow via Spatial Datablade
An attacker can trigger a buffer overflow via Spatial Datablade of IBM Informix Dynamic Server, in order to trigger a denial of service, and possibly to run code...
Cisco ASR 5000: privilege escalation via StarOS
An attacker can bypass restrictions via StarOS of Cisco ASR 5000, in order to escalate his privileges...
Cisco ASR 5000: privilege escalation via StarOS
An attacker can bypass restrictions via StarOS of Cisco ASR 5000, in order to escalate his privileges...
Jenkins Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Plugins...
Apache HttpClient: information disclosure via java.net.URI Authority Component
An attacker can bypass access restrictions to data via java.net.URI Authority Component of Apache HttpClient, in order to obtain sensitive information...
Zabbix: code execution via IPv6 Address
An attacker can use a vulnerability via IPv6 Address of Zabbix, in order to run code...
IBM QRadar SIEM: code execution via Java Deserialization
An attacker can use a vulnerability via Java Deserialization of IBM QRadar SIEM, in order to run code...
JasPer: assertion error via jpc_abstorelstepsize
An attacker can force an assertion error via jpc_abstorelstepsize() of JasPer, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1065 1066 1067 1068 1069 1070 1071 1072 1073 1075 1077 1078 1079 1080 1081 1082 1083 1084 1085 1101 1116