The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
OpenJPEG: buffer overflow via opj_pi_next_rlcp
An attacker can trigger a buffer overflow via opj_pi_next_rlcp() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
OpenJPEG: out-of-bounds memory reading via opj_t2_encode_packet
An attacker can force a read at an invalid address via opj_t2_encode_packet() of OpenJPEG, in order to trigger a denial of service, or to obtain sensitive information...
OpenJPEG: NULL pointer dereference via opj_tgt_reset
An attacker can force a NULL pointer to be dereferenced via opj_tgt_reset() of OpenJPEG, in order to trigger a denial of service...
OpenJPEG: buffer overflow via lib/openjp2/pi.c
An attacker can trigger a buffer overflow via lib/openjp2/pi.c of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
GDM: privilege escalation via Autologin Lock Screen Bypass
An attacker can bypass restrictions via Autologin Lock Screen Bypass of GDM, in order to escalate his privileges...
Node.js dompurify: Cross Site Scripting via Nesting FORM Elements
An attacker can trigger a Cross Site Scripting via Nesting FORM Elements of Node.js dompurify, in order to run JavaScript code in the context of the web site...
Zabbix: buffer overflow via IPC Huge Text Values Deserialization
An attacker can trigger a buffer overflow via IPC Huge Text Values Deserialization of Zabbix, in order to trigger a denial of service, and possibly to run code...
Apache POI: external XML entity injection via XSSFExportToXml
An attacker can transmit malicious XML data via XSSFExportToXml to Apache POI, in order to read a file, scan sites, or trigger a denial of service...
HCL Domino: Cross Site Scripting via iNotes
An attacker can trigger a Cross Site Scripting via iNotes of HCL Domino, in order to run JavaScript code in the context of the web site...
HCL Notes: buffer overflow via MIME Formatted Email
An attacker can trigger a buffer overflow via Formatted Email of HCL Notes, in order to trigger a denial of service, and possibly to run code...
Dell EMC Unisphere PowerMax: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Dell EMC Unisphere PowerMax, in order to run JavaScript code in the context of the web site...
Wireshark: denial of service via QUIC Dissector
An attacker can trigger a fatal error via QUIC Dissector of Wireshark, in order to trigger a denial of service...
phpLDAPadmin: Cross Site Scripting via get_request
An attacker can trigger a Cross Site Scripting via get_request() of phpLDAPadmin, in order to run JavaScript code in the context of the web site...
Jasper: buffer overflow via Jpc Encoder
An attacker can trigger a buffer overflow via Jpc Encoder of Jasper, in order to trigger a denial of service, and possibly to run code...
Matrix: denial of service via Synapse
An attacker can trigger a fatal error via Synapse of Matrix, in order to trigger a denial of service...
OVMF: NULL pointer dereference via AuthenticodeVerify
An attacker can force a NULL pointer to be dereferenced via AuthenticodeVerify() of OVMF, in order to trigger a denial of service...
PostSRSd: overload via Long Timestamp Tag
An attacker can trigger an overload via Long Timestamp Tag of PostSRSd, in order to trigger a denial of service...
InfluxDB: privilege escalation via Empty SharedSecret JWT Token
An attacker can bypass restrictions via Empty SharedSecret JWT Token of InfluxDB, in order to escalate his privileges...
IBM DataPower Gateway: three vulnerabilities
An attacker can use several vulnerabilities of IBM DataPower Gateway...
IBM MQ: denial of service via Connecting Applications Processing
An attacker can trigger a fatal error via Connecting Applications Processing of IBM MQ, in order to trigger a denial of service...
MediaWiki: multiple vulnerabilities
An attacker can use several vulnerabilities of MediaWiki...
Apache Groovy: information disclosure via Temporary Directories
An attacker can bypass access restrictions to data via Temporary Directories of Apache Groovy, in order to obtain sensitive information...
Bouncy Castle: privilege escalation via OpenBSDBCrypt.checkPassword
An attacker can bypass restrictions via OpenBSDBCrypt.checkPassword() of Bouncy Castle, in order to escalate his privileges...
VMware ESXi/Workstation: denial of service via GuestInfo
An attacker, inside a guest system, can trigger a fatal error via GuestInfo of VMware ESXi/Workstation, in order to trigger a denial of service on the host system...
Mbed TLS: multiple vulnerabilities
An attacker can use several vulnerabilities of Mbed TLS...
WebKitGTK: use after free via WebSocket
An attacker can force the usage of a freed memory area via WebSocket of WebKitGTK, in order to trigger a denial of service, and possibly to run code...
Keycloak: vulnerability via Authorization URL Deep Links
A vulnerability via Authorization URL Deep Links of Keycloak was announced...
Sympa: privilege escalation via AuthenticateAndRun SOAP API Access
An attacker can bypass restrictions via AuthenticateAndRun SOAP API Access of Sympa, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1087 1088 1089 1090 1091 1092 1093 1094 1095 1097 1099 1100 1101 1102 1103 1104