The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Junos OS EX/QFX5K: denial of service via Storm Control Bypass
An attacker can trigger a fatal error via Storm Control Bypass of Junos OS EX/QFX5K, in order to trigger a denial of service...
Junos OS MX/EX: memory leak via Trio-based MPC IRB
An attacker can create a memory leak via Trio-based MPC IRB of Junos OS MX/EX, in order to trigger a denial of service...
Palo Alto PAN-OS: information disclosure via Ethernet Data Frame Construction
A local attacker can read a memory fragment via Ethernet Data Frame Construction of Palo Alto PAN-OS, in order to obtain sensitive information...
Palo Alto PAN-OS: information disclosure via Log Forwarding Configuration Secrets
An attacker can bypass access restrictions to data via Log Forwarding Configuration Secrets of Palo Alto PAN-OS, in order to obtain sensitive information...
Autobahn: spoofing via Redirect Header Injection
An attacker can create spoofed data via Redirect Header Injection of Autobahn, in order to deceive the victim...
Cisco ASR 500: file reading via SFTP
A local attacker can read a file via SFTP of Cisco ASR 500, in order to obtain sensitive information...
Cisco Meraki MX: privilege escalation via Snort TFO Policy Bypass
An attacker can bypass restrictions via Snort TFO Policy Bypass of Cisco Meraki MX, in order to escalate his privileges...
Cisco Unified Communications Manager: information disclosure via Audit Logging
An attacker can bypass access restrictions to data via Audit Logging of Cisco Unified Communications Manager, in order to obtain sensitive information...
Cisco AnyConnect Secure Mobility Client: file reading
A local attacker can read a file of Cisco AnyConnect Secure Mobility Client, in order to obtain sensitive information...
Cisco AnyConnect Secure Mobility Client: executing DLL code via Network Access Manager and Web Security Agent
An attacker can create a malicious Network Access Manager and Web Security Agent DLL, and then put it in the current directory of Cisco AnyConnect Secure Mobility Client, in order to execute code...
Jenkins Core/Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Core/Plugins...
QEMU: out-of-bounds memory reading via iscsi_aio_ioctl_cb
An attacker, inside a guest system, can force a read at an invalid address via iscsi_aio_ioctl_cb() of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
zypper: information disclosure via Logged HTTP Proxy Credentials
An attacker can bypass access restrictions to data via Logged HTTP Proxy Credentials of zypper, in order to obtain sensitive information...
ASP.NET Core: denial of service via Callbacks
An attacker can trigger a fatal error via Callbacks of ASP.NET Core, in order to trigger a denial of service...
Node.js mathjs: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js mathjs, in order to escalate his privileges...
Red Hat Single Sign-On: information disclosure via SMTP Connections
An attacker can bypass access restrictions to data via SMTP Connections of Red Hat Single Sign-On, in order to obtain sensitive information...
Linux kernel: buffer overflow via mwifiex_cmd_802_11_ad_hoc_start
An attacker can trigger a buffer overflow via mwifiex_cmd_802_11_ad_hoc_start() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: out-of-bounds memory reading via nl80211_policy
An attacker can force a read at an invalid address via nl80211_polic of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
Linux kernel: use after free via do_epoll_ctl
An attacker can force the usage of a freed memory area via do_epoll_ctl() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: memory corruption via hid-multitouch.c
An attacker can trigger a memory corruption via hid-multitouch.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via audit_data_to_entry
An attacker can force the usage of a freed memory area via audit_data_to_entry() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: memory corruption via Linux SCSI Target Offload Copy
An attacker can trigger a memory corruption via Linux SCSI Target Offload Copy of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Windows: vulnerabilities of January 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Visual Studio: vulnerabilities of January 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft System Center Endpoint Protection: code execution
An attacker can use a vulnerability of Microsoft System Center Endpoint Protection, in order to run code...
Microsoft SharePoint: vulnerabilities of January 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft SQL Server: privilege escalation
An attacker can bypass restrictions of Microsoft SQL Server, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1091 1092 1093 1094 1095 1096 1097 1098 1099 1101 1103 1104