The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libexif: integer overflow via exif_data_load_data_thumbnail
An attacker can trigger an integer overflow via exif_data_load_data_thumbnail() of libexif, in order to trigger a denial of service, and possibly to run code...
libvirt: information disclosure via Virsh Dumpxml Cookie
An attacker can bypass access restrictions to data via Virsh Dumpxml Cookie of libvirt, in order to obtain sensitive information...
SQLite: out-of-bounds memory reading via SELECT ON/USING
An attacker can force a read at an invalid address via SELECT ON/USING of SQLite, in order to trigger a denial of service, or to obtain sensitive information...
RHEL 8: information disclosure via /proc/sys/kernel/rh_features
A local attacker can read a memory fragment via /proc/sys/kernel/rh_features of RHEL 8, in order to obtain sensitive information...
OpenBSD: denial of service via wg lock
An attacker can trigger a fatal error via wg lock of OpenBSD, in order to trigger a denial of service...
Adobe Acrobat/Reader: multiple vulnerabilities
An attacker can use several vulnerabilities of Adobe Acrobat/Reader...
Python Cryptography: information disclosure via Decryption
An attacker can bypass access restrictions to data via Decryption of Python Cryptography, in order to obtain sensitive information...
AccountsService: denial of service via pam_environment
An attacker can trigger a fatal error via pam_environment of AccountsService, in order to trigger a denial of service...
AccountsService: denial of service via Privilege Drop
An attacker can trigger a fatal error via Privilege Drop of AccountsService, in order to trigger a denial of service...
GNOME Display Manager: privilege escalation via Initial Setup Tool
An attacker can bypass restrictions via Initial Setup Tool of GNOME Display Manager, in order to escalate his privileges...
Check Point Endpoint Security Client for Windows: vulnerability
A vulnerability of Check Point Endpoint Security Client for Windows was announced...
Python plistlib: overload via Apple Property List
An attacker can trigger an overload via Apple Property List of Python plistlib, in order to trigger a denial of service...
QEMU: out-of-bounds memory reading via ati-vga ati_2d_blt
An attacker, inside a guest system, can force a read at an invalid address via ati-vga ati_2d_blt() of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
HPE Proliant Gen10: privilege escalation via Intel Innovation Engine
An attacker can bypass restrictions via Intel Innovation Engine of HPE Proliant Gen10, in order to escalate his privileges...
Google Android/Pixel: multiple vulnerabilities of November 2020
An attacker can use several vulnerabilities of Google Android/Pixel...
HCL Notes: buffer overflow via Email Compose
An attacker can trigger a buffer overflow via Email Compose of HCL Notes, in order to trigger a denial of service, and possibly to run code...
HCL Notes: Cross Site Scripting via HTML Emails
An attacker can trigger a Cross Site Scripting via HTML Emails of HCL Notes, in order to run JavaScript code in the context of the web site...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
Bouncy Castle: information disclosure via OAEPEncoding Observable Differences
An attacker can bypass access restrictions to data via OAEPEncoding Observable Differences of Bouncy Castle, in order to obtain sensitive information...
F5 BIG-IP: memory leak via Diameter CEA PCRF
An attacker can create a memory leak via Diameter CEA PCRF of F5 BIG-IP, in order to trigger a denial of service...
F5 BIG-IP Virtual Edition: denial of service via Intel-based 85299
An attacker can trigger a fatal error via Intel-based 85299 of F5 BIG-IP Virtual Edition, in order to trigger a denial of service...
F5 BIG-IP Advanced WAF / FPS: denial of service via Client-side Alerts
An attacker can trigger a fatal error via Client-side Alerts of F5 BIG-IP Advanced WAF / FPS, in order to trigger a denial of service...
F5 BIG-IP: Cross Site Scripting via TMUI
An attacker can trigger a Cross Site Scripting via TMUI of F5 BIG-IP, in order to run JavaScript code in the context of the web site...
F5 BIG-IP: privilege escalation via Brute Force Attack Prevention Bypass
An attacker can bypass restrictions via Brute Force Attack Prevention Bypass of F5 BIG-IP, in order to escalate his privileges...
F5 BIG-IP: Cross Site Scripting via TMUI
An attacker can trigger a Cross Site Scripting via TMUI of F5 BIG-IP, in order to run JavaScript code in the context of the web site...
F5 BIG-IP: privilege escalation via iControl REST Password De-obfuscate
An attacker can bypass restrictions via iControl REST Password De-obfuscate of F5 BIG-IP, in order to escalate his privileges...
F5 BIG-IP: denial of service via iRule RESOLV-lookup
An attacker can trigger a fatal error via iRule RESOLV::lookup of F5 BIG-IP, in order to trigger a denial of service...
Icinga2: privilege escalation via prepare-dirs
An attacker can bypass restrictions via prepare-dirs of Icinga2, in order to escalate his privileges...
Mitel MiVoice 6x00: privilege escalation via Bluetooth Pairing
An attacker can bypass restrictions via Bluetooth Pairing of Mitel MiVoice 6x00, in order to escalate his privileges...
QEMU: assertion error via eth_get_gso_type
An attacker, inside a guest system, can force an assertion error via eth_get_gso_type() of QEMU, in order to trigger a denial of service on the host system...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1073 1074 1075 1076 1077 1078 1079 1080 1081 1083 1085 1086 1087 1088 1089