The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Joomla JomSocial: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla JomSocial, in order to run JavaScript code in the context of the web site...
Webmin: code execution via miniserv.pl handle_request
An attacker can use a vulnerability via miniserv.pl handle_request() of Webmin, in order to run code...
HCL Domino: denial of service via Public API
An attacker can trigger a fatal error via Public API of HCL Domino, in order to trigger a denial of service...
Windows: privilege escalation via splWOW64
An attacker can bypass restrictions via splWOW64 of Windows, in order to escalate his privileges...
Veritas Enterprise Vault, NetBackup: privilege escalation via openssl.cnf / Strawberry Perl
An attacker can bypass restrictions via openssl.cnf / Strawberry Perl of Veritas Enterprise Vault or NetBackup, in order to escalate his privileges...
Apache WSS4J: information disclosure via verifyDigestPassword
An attacker can bypass access restrictions to data via verifyDigestPassword() of Apache WSS4J, in order to obtain sensitive information...
Centreon Web: multiple vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
RoundCube: Cross Site Scripting via Message Content
An attacker can trigger a Cross Site Scripting via Message Content of RoundCube, in order to run JavaScript code in the context of the web site...
HPE ProLiant: memory corruption via iLO
An attacker can trigger a memory corruption via iLO of HPE ProLiant, in order to trigger a denial of service, and possibly to run code...
ArcGIS Server: information disclosure via Server Side Request Forgery
An attacker can bypass access restrictions to data via Server Side Request Forgery of ArcGIS Server, in order to obtain sensitive information...
MariaDB: privilege escalation via Named Pipe
An attacker can bypass restrictions via Named Pipe of MariaDB, in order to escalate his privileges...
OpenEXR: buffer overflow via chunkOffsetReconstruction
An attacker can trigger a buffer overflow via chunkOffsetReconstruction() of OpenEXR, in order to trigger a denial of service, and possibly to run code...
FLAC: out-of-bounds memory reading via FLAC__bitreader_read_rice_signed_block
An attacker can force a read at an invalid address via FLAC__bitreader_read_rice_signed_block() of FLAC, in order to trigger a denial of service, or to obtain sensitive information...
FLAC: memory leak via read_metadata_vorbiscomment_
An attacker can create a memory leak via read_metadata_vorbiscomment_() of FLAC, in order to trigger a denial of service...
C-Blosc2: buffer overflow via Compressed Data Limit
An attacker can trigger a buffer overflow via Compressed Data Limit of C-Blosc2, in order to trigger a denial of service, and possibly to run code...
Kde Connect: security improvement via Fingerprinting
The security of Kde Connect was improved via Fingerprinting...
libbfd: use after free via bfd_hash_lookup
An attacker can force the usage of a freed memory area via bfd_hash_lookup() of libbfd, in order to trigger a denial of service, and possibly to run code...
libbfd: NULL pointer dereference via debug_get_real_type
An attacker can force a NULL pointer to be dereferenced via debug_get_real_type() of libbfd, in order to trigger a denial of service...
Kitty: code execution via Graphics Protocol Error Message
An attacker can use a vulnerability via Graphics Protocol Error Message of Kitty, in order to run code...
Debian: file reading via sympa.postinst
A local attacker can read a file via sympa.postinst of Debian, in order to obtain sensitive information...
AWStats: directory traversal via Config Partial Absolute Pathname
An attacker can traverse directories via Config Partial Absolute Pathname of AWStats, in order to read a file outside the service root path...
AWStats: directory traversal via Config Absolute Pathname
An attacker can traverse directories via config of AWStats, in order to read a file outside the service root path...
pngcheck: buffer overflow
An attacker can trigger a buffer overflow of pngcheck, in order to trigger a denial of service, and possibly to run code...
Asterisk: denial of service via res_pjsip_diversion
An attacker can trigger a fatal error via res_pjsip_diversion of Asterisk, in order to trigger a denial of service...
IBM DB2: denial of service via Windows Management Service
An attacker can trigger a fatal error via Windows Management Service of IBM DB2, in order to trigger a denial of service...
Go: read-write access via encoding/xml Round-Trip Unpreserved Semantics
An attacker can bypass access restrictions via encoding/xml Round-Trip Unpreserved Semantics of Go, in order to read or alter data...
HCL Domino: information disclosure via iNotes Tabnabbing
An attacker can bypass access restrictions to data via iNotes Tabnabbing of HCL Domino, in order to obtain sensitive information...
Webmin: code execution via Package Updates Encoded
An attacker can use a vulnerability via Package Updates Encoded of Webmin, in order to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1088 1089 1090 1091 1092 1093 1094 1095 1096 1098 1100 1101 1102 1103 1104