The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco SD-WAN vEdge: privilege escalation via Request
An attacker can bypass restrictions via Request of Cisco SD-WAN vEdge, in order to escalate his privileges...
Cisco SD-WAN vEdge: privilege escalation via Command
An attacker can bypass restrictions via Command of Cisco SD-WAN vEdge, in order to escalate his privileges...
Cisco IOS XR 64-bit: privilege escalation via Preboot eXecution Environment
An attacker can bypass restrictions via Preboot eXecution Environment of Cisco IOS XR 64-bit, in order to escalate his privileges...
Cisco Unified Communications Manager IM and Presence Service: denial of service via XCP
An attacker can trigger a fatal error via XCP of Cisco Unified Communications Manager IM and Presence Service, in order to trigger a denial of service...
Cisco Email Security Appliance: privilege escalation via Zip Content Filter Bypass
An attacker can bypass restrictions via Zip Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges...
Cisco AnyConnect Secure Mobility Client: code execution via IPC
An attacker can use a vulnerability via IPC of Cisco AnyConnect Secure Mobility Client, in order to run code...
Cisco AnyConnect Secure Mobility Client for Windows: file reading
A local attacker can read a file of Cisco AnyConnect Secure Mobility Client for Windows, in order to obtain sensitive information...
Trend Micro InterScan Messaging Security Virtual Appliance: multiple vulnerabilities
An attacker can use several vulnerabilities of Trend Micro InterScan Messaging Security Virtual Appliance...
Salt: privilege escalation via API
An attacker can bypass restrictions via API of Salt, in order to escalate his privileges...
Salt: privilege escalation via API
An attacker can bypass restrictions via API of Salt, in order to escalate his privileges...
Salt: privilege escalation via API
An attacker can bypass restrictions via API of Salt, in order to escalate his privileges...
Jenkins Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Plugins...
SPICE vdagent: four vulnerabilities
An attacker can use several vulnerabilities of SPICE vdagent...
OpenSC: memory leak via sc_context_create
An attacker can create a memory leak via sc_context_create() of OpenSC, in order to trigger a denial of service...
Linux kernel: memory corruption via perf_mmap_close
An attacker can trigger a memory corruption via perf_mmap_close() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
RHEL 8: privilege escalation via gnome-settings-daemon
An attacker can bypass restrictions via gnome-settings-daemon of RHEL 8, in order to escalate his privileges...
Qt5: denial of service via WebSocket 2GB Frames
An attacker can trigger a fatal error via WebSocket 2GB Frames of Qt5, in order to trigger a denial of service...
libsolv: out-of-bounds memory reading via repodata_schema2id
An attacker can force a read at an invalid address via repodata_schema2id() of libsolv, in order to trigger a denial of service, or to obtain sensitive information...
RHEL 8: denial of service via fontforge
An attacker can trigger a fatal error via fontforge of RHEL 8, in order to trigger a denial of service...
pki-core: Cross Site Scripting via getPk12
An attacker can trigger a Cross Site Scripting via getPk12 of pki-core, in order to run JavaScript code in the context of the web site...
Dogtag PKI: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on Dogtag PKI, in order to read or write data in the session...
pki-core: Cross Site Scripting via GET URL Parameters
An attacker can trigger a Cross Site Scripting via GET URL Parameters of pki-core, in order to run JavaScript code in the context of the web site...
pki-core: Cross Site Scripting via Key Recovery Authority
An attacker can trigger a Cross Site Scripting via Key Recovery Authority of pki-core, in order to run JavaScript code in the context of the web site...
pki-core: Cross Site Scripting via CA Agent Service
An attacker can trigger a Cross Site Scripting via CA Agent Service of pki-core, in order to run JavaScript code in the context of the web site...
PyYAML: code execution via Class Deserialization
An attacker can use a vulnerability via Class Deserialization of PyYAML, in order to run code...
FRRouting FRR: information disclosure via split-config
An attacker can bypass access restrictions to data via split-config of FRRouting FRR, in order to obtain sensitive information...
RHEL 8: information disclosure via Bluetooth A2MP Regression
An attacker can bypass access restrictions to data via Bluetooth A2MP Regression of RHEL 8, in order to obtain sensitive information...
RHEL 8: memory corruption via Bluetooth L2CAP Regression
An attacker can trigger a memory corruption via Bluetooth L2CAP Regression of RHEL 8, in order to trigger a denial of service, and possibly to run code...
OpenSC: use after free via coolkey_free_private_data
An attacker can force the usage of a freed memory area via coolkey_free_private_data() of OpenSC, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1074 1075 1076 1077 1078 1079 1080 1081 1082 1084 1086 1087 1088 1089