The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
slurm: two vulnerabilities
An attacker can use several vulnerabilities of slurm...
rclone: weak password generation
An attacker can take profit of weakness in passwords generated by rclone, which used a wrong randomness source...
Xen: buffer overflow
An attacker, inside a guest system, can trigger a buffer overflow of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
MongoDB Server: assertion error
An attacker can force an assertion error of MongoDB Server, in order to trigger a denial of service...
MongoDB Server: information disclosure
An attacker can bypass access restrictions to data of MongoDB Server, in order to obtain sensitive information...
MongoDB Server: denial of service via RoleName-parseFromBSON
An attacker can trigger a fatal error via RoleName::parseFromBSON() of MongoDB Server, in order to trigger a denial of service...
IBM Spectrum Protect Operations Center: information disclosure via Websocket
An attacker can bypass access restrictions to data via Websocket of IBM Spectrum Protect Operations Center, in order to obtain sensitive information...
SPIP: Cross Site Scripting via prive/formulaires/configurer_preferences.php
An attacker can trigger a Cross Site Scripting via prive/formulaires/configurer_preferences.php of SPIP, in order to run JavaScript code in the context of the web site...
WinSCP: denial of service via long filenames
An attacker can trigger a fatal error via long filenames in WinSCP, in order to trigger a denial of service...
Ubuntu PulseAudio: information disclosure
An attacker can bypass access restrictions to data of Ubuntu PulseAudio, in order to obtain sensitive information...
dash: code execution via the -n switch
An attacker can use a vulnerability via the -n switch of dash, in order to run code...
WebKitGTK, WPE WebKit: use after free
An attacker can force the usage of a freed memory area of WebKitGTK, WPE WebKit, in order to trigger a denial of service, and possibly to run code...
Brocade FabricOS: privilege escalation via LDAP
An attacker can bypass restrictions via LDAP of Brocade FabricOS, in order to escalate his privileges...
OTRS Help Desk: privilege escalation via LDAP
An attacker can bypass restrictions via LDAP of OTRS Help Desk, in order to escalate his privileges...
php-pear: two vulnerabilities
An attacker can use several vulnerabilities of php-pear...
pngcheck: buffer overflow via check_chunk_name
An attacker can trigger a buffer overflow via check_chunk_name() of pngcheck, in order to trigger a denial of service, and possibly to run code...
CImg: buffer overflow
An attacker can trigger a buffer overflow of CImg, in order to trigger a denial of service, and possibly to run code...
IBM Spectrum Protect Plus Linux: information disclosure via TLS Version 1.1
An attacker can bypass access restrictions to data via TLS Version 1.1 of IBM Spectrum Protect Plus Linux, in order to obtain sensitive information...
FasterXML Jackson Databind: code execution via br.com.anteros-Anteros-DBC
An attacker can use a vulnerability via br.com.anteros:Anteros-DBC of FasterXML Jackson Databind, in order to run code...
Node.js jquery: Cross Site Scripting via Script Whitespace
An attacker can trigger a Cross Site Scripting via Script Whitespace of Node.js jquery, in order to run JavaScript code in the context of the web site...
IBM Spectrum Protect Plus Linux: privilege escalation via Static Credential
An attacker can bypass restrictions via Static Credential of IBM Spectrum Protect Plus Linux, in order to escalate his privileges...
HCL Notes: denial of service via Email Message
An attacker can trigger a fatal error via Email Message of HCL Notes, in order to trigger a denial of service...
HCL Domino: denial of service via Email Message
An attacker can trigger a fatal error via Email Message of HCL Domino, in order to trigger a denial of service...
HCL Domino: denial of service via Email Message
An attacker can trigger a fatal error via Email Message of HCL Domino, in order to trigger a denial of service...
VMware ESXi/Workstation: two vulnerabilities
An attacker can use several vulnerabilities of VMware ESXi/Workstation...
Tor: out-of-bounds memory reading via NSS
An attacker can force a read at an invalid address via NSS of Tor, in order to trigger a denial of service, or to obtain sensitive information...
IBM Power9 Processor: information disclosure via L1 Cache
An attacker can bypass access restrictions to data via L1 Cache of IBM Power9 Processor, in order to obtain sensitive information...
Centreon Web: multiple vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
Node.js semantic-release: information disclosure via Secrets
An attacker can bypass access restrictions to data via Secrets of Node.js semantic-release, in order to obtain sensitive information...
Hibernate ORM: SQL injection via Comments
An attacker can use a SQL injection via Comments of Hibernate ORM, in order to read or alter data...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1079 1080 1081 1082 1083 1084 1085 1086 1087 1089 1091 1092 1093 1094 1095 1096 1097 1098 1099 1101 1114