The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Tika OneNote Parser: denial of service via System.exit
An attacker can trigger a fatal error via System.exit of Tika OneNote Parser, in order to trigger a denial of service...
Oracle Communications: vulnerabilities of October 2020
Several vulnerabilities were announced in Oracle products...
CKEditor: Cross Site Scripting via HTML Data Processor
An attacker can trigger a Cross Site Scripting via HTML Data Processor of CKEditor, in order to run JavaScript code in the context of the web site...
Oracle Database: vulnerabilities of October 2020
Several vulnerabilities were announced in Oracle products...
usersctp: use after free via sctp_process_a_data_chunk
An attacker can force the usage of a freed memory area via sctp_process_a_data_chunk() of usersctp, in order to trigger a denial of service, and possibly to run code...
Mozilla Firefox/Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox/Thunderbird...
Xen: memory corruption via AMD IOMMU Page Table Updates
An attacker, inside a guest system, can trigger a memory corruption via AMD IOMMU Page Table Updates of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
Xen: memory corruption via IOMMU TLB Flushes Undue Deferral
An attacker, inside a guest system, can trigger a memory corruption via IOMMU TLB Flushes Undue Deferral of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
Xen: memory corruption via X86 Mapping Code Race
An attacker, inside a guest system, can trigger a memory corruption via X86 Mapping Code Race of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
Xen: denial of service via Linux High Frequency Events
An attacker, inside a guest system, can trigger a fatal error via Linux High Frequency Events of Xen, in order to trigger a denial of service on the host system...
Xen: denial of service via Linux Event Handler Race
An attacker, inside a guest system, can trigger a fatal error via Linux Event Handler Race of Xen, in order to trigger a denial of service on the host system...
Xen: privilege escalation via X86 PV Guest INVLPG-like Flushes
An attacker, inside a guest system, can bypass restrictions via X86 PV Guest INVLPG-like Flushes of Xen, in order to escalate his privileges on the host system...
FreeType: memory corruption via Font File
An attacker can trigger a memory corruption via Font File of FreeType, in order to trigger a denial of service, and possibly to run code...
Python plistlib: external XML entity injection
An attacker can transmit malicious XML data to Python plistlib, in order to read a file, scan sites, or trigger a denial of service...
Node.js object-path: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js object-path, in order to read or alter data...
VMware ESXi/vCenter/Workstation: multiple vulnerabilities
An attacker can use several vulnerabilities of VMware ESXi/vCenter/Workstation...
Kleopatra: code execution via Openpgp4fpr Command-line Options
An attacker can use a vulnerability via Openpgp4fpr Command-line Options of Kleopatra, in order to run code...
Nextcloud Server: information disclosure via Hide-download Shares
An attacker can bypass access restrictions to data via Hide-download Shares of Nextcloud Server, in order to obtain sensitive information...
Node.js npm-user-validate: overload via Regular Expression
An attacker can trigger an overload via Regular Expression of Node.js npm-user-validate, in order to trigger a denial of service...
Dell EMC NetWorker: privilege escalation
An attacker can bypass restrictions of Dell EMC NetWorker, in order to escalate his privileges...
Linux kernel: integer overflow via Scalar32_min_max_or
An attacker can trigger an integer overflow via Scalar32_min_max_or of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Node.js dot-prop: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js dot-prop, in order to read or alter data...
PowerDNS Recursor: denial of service via Bogus DNSSEC Validation State
An attacker can trigger a fatal error via Bogus DNSSEC Validation State of PowerDNS Recursor, in order to trigger a denial of service...
Kata Containers: privilege escalation via Untrusted Container Filesystem Mounting
An attacker can bypass restrictions via Untrusted Container Filesystem Mounting of Kata Containers, in order to escalate his privileges...
containerd: information disclosure via Image Pull Credentials
An attacker can bypass access restrictions to data via Image Pull Credentials of containerd, in order to obtain sensitive information...
Magento Commerce / Open Source: multiple vulnerabilities
An attacker can use several vulnerabilities of Magento Commerce / Open Source...
Kubernetes: information disclosure via Verbose Logging Secret Leaks
An attacker can bypass access restrictions to data via Verbose Logging Secret Leaks of Kubernetes, in order to obtain sensitive information...
Linux kernel: use after free via vt_do_kdgkb_ioctl
An attacker can force the usage of a freed memory area via vt_do_kdgkb_ioctl() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
dnf: security improvement
The security of dnf was improved...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1068 1069 1070 1071 1072 1073 1074 1075 1076 1078 1080 1081 1082 1083 1084 1085 1086 1087 1088 1101 1114