The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Siemens SIMATIC: denial of service via HTTP Request
An attacker can trigger a fatal error via HTTP Request of Siemens SIMATIC, in order to trigger a denial of service...
McAfee VirusScan Enterprise: privilege escalation via Code Integrity Checks
An attacker can bypass restrictions via Code Integrity Checks of McAfee VirusScan Enterprise, in order to escalate his privileges...
QEMU: buffer overflow via msix_table_mmio_write
An attacker, inside a guest system, can trigger a buffer overflow via msix_table_mmio_write() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
libcurl: Man-in-the-Middle via Inferior OCSP Verification
An attacker can act as a Man-in-the-Middle via Inferior OCSP Verification on libcurl, in order to read or write data in the session...
libcurl: denial of service via FTP Wildcard
An attacker can trigger a fatal error via FTP Wildcard of libcurl, in order to trigger a denial of service...
curl: information disclosure via FTP PASV Responses
An attacker can bypass access restrictions to data via FTP PASV Responses of curl, in order to obtain sensitive information...
Microsoft Windows: vulnerabilities of December 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Visual Studio: code execution
An attacker can use a vulnerability of Microsoft Visual Studio, in order to run code...
Microsoft SharePoint: vulnerabilities of December 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Exchange Server: vulnerabilities of December 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft 365 Apps: vulnerabilities of December 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Office: vulnerabilities of December 2020
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Edge EdgeHTML: code execution
An attacker can use a vulnerability of Microsoft Edge EdgeHTML, in order to run code...
Aptdaemon: denial of service via Policykit Checks
An attacker can trigger a fatal error via Policykit Checks of Aptdaemon, in order to trigger a denial of service...
Aptdaemon: information disclosure via Local Files Detection
An attacker can bypass access restrictions to data via Local Files Detection of Aptdaemon, in order to obtain sensitive information...
GDK Pixbuf: overload via write_indexes
An attacker can trigger an overload via write_indexes() of GDK Pixbuf, in order to trigger a denial of service...
OpenSSL: NULL pointer dereference via GENERAL_NAME_cmp
An attacker can force a NULL pointer to be dereferenced via GENERAL_NAME_cmp() of OpenSSL, in order to trigger a denial of service...
SAP: multiple vulnerabilities of December 2020
An attacker can use several vulnerabilities of SAP products...
Linux kernel: privilege escalation via i40iw_mmap
An attacker can bypass restrictions via i40iw_mmap() of the Linux kernel, in order to escalate his privileges...
Synology DNS Server: denial of service via File Deletion
An attacker can trigger a fatal error via File Deletion of Synology DNS Server, in order to trigger a denial of service...
F5 BIG-IP Edge Client for Windows: use after free via ActiveX
An attacker can force the usage of a freed memory area via ActiveX of F5 BIG-IP Edge Client for Windows, in order to trigger a denial of service, and possibly to run code...
Google Android/Pixel: multiple vulnerabilities of December 2020
An attacker can use several vulnerabilities of Google Android/Pixel...
Wildfly: memory leak via OpenTracing API
An attacker can create a memory leak via OpenTracing API of Wildfly, in order to trigger a denial of service...
Struts: code execution via Forced OGNL Evaluation
An attacker can use a vulnerability via Forced OGNL Evaluation of Struts, in order to run code...
Apache Traffic Server: information disclosure via Negative Cache Poisoning
An attacker can bypass access restrictions to data via Negative Cache Poisoning of Apache Traffic Server, in order to obtain sensitive information...
Apache Traffic Server: information disclosure via ESI Plugin
A local attacker can read a memory fragment via ESI Plugin of Apache Traffic Server, in order to obtain sensitive information...
Kubernetes: Man-in-the-Middle via LoadBalancer/ExternalIP
An attacker can act as a Man-in-the-Middle via LoadBalancer/ExternalIP on Kubernetes, in order to read or write data in the session...
Node.js html-purify: Cross Site Scripting via Data Attribute
An attacker can trigger a Cross Site Scripting via Data Attribute of Node.js html-purify, in order to run JavaScript code in the context of the web site...
Adminer: information disclosure via Privileged Ports Connection
An attacker can bypass access restrictions to data via Privileged Ports Connection of Adminer, in order to obtain sensitive information...
OpenStack Horizon: open redirect via Workflow Forms
An attacker can deceive the user via Workflow Forms of OpenStack Horizon, in order to redirect him to a malicious site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1083 1084 1085 1086 1087 1088 1089 1090 1091 1093 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104