The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Microsoft 365 Apps for Enterprise: vulnerabilities of October 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft SharePoint: vulnerabilities of October 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Office: vulnerabilities of October 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft .NET Framework: information disclosure
An attacker can bypass access restrictions to data of Microsoft .NET Framework, in order to obtain sensitive information...
Apache Derby: privilege escalation via Database Boot
An attacker can bypass restrictions via Database Boot of Apache Derby, in order to escalate his privileges...
Adobe Flash Player: code execution via Pointer Dereference
An attacker can use a vulnerability via Pointer Dereference of Adobe Flash Player, in order to run code...
XNIO: denial of service via File Descriptor Leak
An attacker can trigger a fatal error via File Descriptor Leak of XNIO, in order to trigger a denial of service...
PicketBox: privilege escalation via Admin-only Mode Reload
An attacker can bypass restrictions via Admin-only Mode Reload of PicketBox, in order to escalate his privileges...
Linux kernel: use after free via DCCP CCID
An attacker can force the usage of a freed memory area via DCCP CCID of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: file reading via Overlayfs Unprivileged User Namespaces
A local attacker can read a file via Overlayfs Unprivileged User Namespaces of the Linux kernel, in order to obtain sensitive information...
IBM MQ Appliance: information disclosure via Log Files
An attacker can bypass access restrictions to data via Log Files of IBM MQ Appliance, in order to obtain sensitive information...
SAP: multiple vulnerabilities of October 2020
An attacker can use several vulnerabilities of SAP products...
Sonatype Nexus Repository Manager: directory traversal
An attacker can traverse directories of Sonatype Nexus Repository Manager, in order to read a file outside the service root path...
Linux kernel: memory corruption via GCM/CCM Key Length
An attacker can trigger a memory corruption via GCM/CCM Key Length of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Apache Tomcat: information disclosure via HTTP/2 Concurrent Streams Request Mix-up
An attacker can bypass access restrictions to data via HTTP/2 Concurrent Streams Request Mix-up of Apache Tomcat, in order to obtain sensitive information...
OTRS: information disclosure via Chat Conversation Agent Names
An attacker can bypass access restrictions to data via Chat Conversation Agent Names of OTRS, in order to obtain sensitive information...
stunnel: Man-in-the-Middle via Redirect VerifyChain Bypass
An attacker can act as a Man-in-the-Middle via Redirect VerifyChain Bypass on stunnel, in order to read or write data in the session...
phpMyAdmin: SQL injection via Search
An attacker can use a SQL injection via Search of phpMyAdmin, in order to read or alter data...
phpMyAdmin: Cross Site Scripting via Transformation
An attacker can trigger a Cross Site Scripting via Transformation of phpMyAdmin, in order to run JavaScript code in the context of the web site...
Nextcloud Server: privilege escalation via Reshare
An attacker can bypass restrictions via Reshare of Nextcloud Server, in order to escalate his privileges...
Nextcloud Preferred Providers: privilege escalation via Signup Page Bruteforce
An attacker can bypass restrictions via Signup Page Bruteforce of Nextcloud Preferred Providers, in order to escalate his privileges...
Nextcloud Server: privilege escalation via Plaintext Share Password
An attacker can bypass restrictions via Plaintext Share Password of Nextcloud Server, in order to escalate his privileges...
Eclipse Web Tools Platform: external XML entity injection
An attacker can transmit malicious XML data to Eclipse Web Tools Platform, in order to read a file, scan sites, or trigger a denial of service...
Linux kernel: privilege escalation via Powerpc RTA
An attacker can bypass restrictions via Powerpc RTA of the Linux kernel, in order to escalate his privileges...
Oniguruma: buffer overflow via concat_opt_exact_str
An attacker can trigger a buffer overflow via concat_opt_exact_str() of Oniguruma, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1066 1067 1068 1069 1070 1071 1072 1073 1074 1076 1078 1079 1080 1081 1082