The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
gorilla/websocket: denial of service
An attacker can trigger a fatal error of gorilla/websocket, in order to trigger a denial of service...
Firefox/Thunderbird: use after free via COOKIE-ECHO SCTP Chunk
An attacker can force the usage of a freed memory area via COOKIE-ECHO SCTP Chunk of Firefox/Thunderbird, in order to trigger a denial of service, and possibly to run code...
WavPack: integer overflow via WavpackPackSamples
An attacker can trigger an integer overflow via WavpackPackSamples() of WavPack, in order to trigger a denial of service, and possibly to run code...
Node.js angular.js: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js angular.js, in order to run JavaScript code in the context of the web site...
FortiGate: information disclosure via Events Log Entries
An attacker can bypass access restrictions to data via Events Log Entries of FortiGate, in order to obtain sensitive information...
AMD Processors: information disclosure via Running Average Power Limit
An attacker can bypass access restrictions to data via Running Average Power Limit of AMD Processors, in order to obtain sensitive information...
Cairo: memory corruption via composite_boxes
An attacker can trigger a memory corruption via composite_boxes() of Cairo, in order to trigger a denial of service, and possibly to run code...
ImageMagick: code execution via Authenticate Option Command Injection
An attacker can use a vulnerability via Authenticate Option Command Injection of ImageMagick, in order to run code...
Node.js Axios: information disclosure via Server-Side Request Forgery
An attacker can bypass access restrictions to data via Server-Side Request Forgery of Node.js Axios, in order to obtain sensitive information...
Node Core: read-write access via HTTP Request Smuggling
An attacker can bypass access restrictions via HTTP Request Smuggling of Node Core, in order to read or alter data...
Node Core: use after free via TLSWrap
An attacker can force the usage of a freed memory area via TLSWrap of Node Core, in order to trigger a denial of service, and possibly to run code...
Google Android/Pixel: multiple vulnerabilities of January 2021
An attacker can use several vulnerabilities of Google Android/Pixel...
Python py: overload via py.path.svnwc
An attacker can trigger an overload via py.path.svnwc of Python py, in order to trigger a denial of service...
crewjam/saml: privilege escalation via XML Round-Trip Unpreserved Semantics
An attacker can bypass restrictions via XML Round-Trip Unpreserved Semantics of crewjam/saml, in order to escalate his privileges...
gssproxy: privilege escalation via gp_worker_main
An attacker can bypass restrictions via gp_worker_main() of gssproxy, in order to escalate his privileges...
LINBIT csync2: Man-in-the-Middle via gnutls_handshake
An attacker can act as a Man-in-the-Middle via gnutls_handshake() on LINBIT csync2, in order to read or write data in the session...
IBM API Connect: information disclosure via Plain Text Transmission
An attacker can bypass access restrictions to data via Plain Text Transmission of IBM API Connect, in order to obtain sensitive information...
Dovecot: information disclosure via IMAP Hibernation
An attacker can bypass access restrictions to data via IMAP Hibernation of Dovecot, in order to obtain sensitive information...
Dovecot: denial of service via MIME Parsing
An attacker can trigger a fatal error via MIME Parsing of Dovecot, in order to trigger a denial of service...
Zend Framework: code execution via Zend\Http\Response\Stream Deserialization
An attacker can use a vulnerability via Zend\Http\Response\Stream Deserialization of Zend Framework, in order to run code...
Privoxy: multiple vulnerabilities
An attacker can use several vulnerabilities of Privoxy...
Xstream: denial of service via File Deletion
An attacker can trigger a fatal error via File Deletion of Xstream, in order to trigger a denial of service...
Xstream: information disclosure via Server-Side Forgery Request
An attacker can bypass access restrictions to data via Server-Side Forgery Request of Xstream, in order to obtain sensitive information...
Node.js parse-server: privilege escalation via Plain Text Password
An attacker can bypass restrictions via Plain Text Password of Node.js parse-server, in order to escalate his privileges...
Node.js date-and-time: denial of service via Regular Expression
An attacker can trigger a fatal error via Regular Expression of Node.js date-and-time, in order to trigger a denial of service...
Joomla RealPin by Frumania: SQL injection
An attacker can use a SQL injection of Joomla RealPin by Frumania, in order to read or alter data...
McAfee Network Security Manager: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of McAfee Network Security Manager, in order to force the victim to perform operations...
QEMU: out-of-bounds memory reading via iscsi_aio_ioctl_cb
An attacker can force a read at an invalid address via iscsi_aio_ioctl_cb() of QEMU, in order to trigger a denial of service, or to obtain sensitive information...
QEMU: out-of-bounds memory reading via ati_cursor_define
An attacker can force a read at an invalid address via ati_cursor_define() of QEMU, in order to trigger a denial of service, or to obtain sensitive information...
Highlight.js: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Highlight.js, in order to read or alter data...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1089 1090 1091 1092 1093 1094 1095 1096 1097 1099 1101 1102 1103 1104