The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
IBM QRadar SIEM: information disclosure via SSRF
An attacker can bypass access restrictions to data via SSRF of IBM QRadar SIEM, in order to obtain sensitive information...
IBM QRadar SIEM: directory traversal
An attacker can traverse directories of IBM QRadar SIEM, in order to read a file outside the service root path...
Apple iOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple iOS...
Ansible Community Package: two vulnerabilities via community.general
An attacker can use several vulnerabilities via community.general of Ansible Community Package (which were named Ansible before version 2.10)...
Linux kernel: directory traversal via fs/nfsd/nfs3xdr.c
An attacker can traverse directories via fs/nfsd/nfs3xdr.c of the Linux kernel, in order to read a file outside the service root path...
Sudo: buffer overflow via Command Unescaping Backslashes
An attacker can trigger a buffer overflow via Command Unescaping Backslashes of Sudo, in order to trigger a denial of service, and possibly to run code...
Go: code execution via Build Process
An attacker can use a vulnerability via Build Process of Go, in order to run code...
Go: information disclosure via P-224 Curve Computation Error
An attacker can bypass access restrictions to data via P-224 Curve Computation Error of Go, in order to obtain sensitive information...
WinSCP: code execution via Session Settings Loading
An attacker can use a vulnerability via Session Settings Loading of WinSCP, in order to run code...
Mozilla Firefox/Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox/Thunderbird...
Jenkins Core: file corruption via Job/Workspace Permission
A local attacker can create a symbolic link via Job/Workspace Permission, in order to alter the pointed file, with privileges of Jenkins Core...
Lifesize Icon: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Lifesize Icon, in order to run JavaScript code in the context of the web site...
Undertow: denial of service via Special Characters Queries
An attacker can trigger a fatal error via Special Characters Queries of Undertow, in order to trigger a denial of service...
WebSphere AS: external XML entity injection
An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service...
Pound: information disclosure via HTTP Request Smuggling
An attacker can bypass access restrictions to data via HTTP Request Smuggling of Pound, in order to obtain sensitive information...
Python Bottle: spoofing via Web Cache Poisoning
An attacker can create spoofed data via Web Cache Poisoning of Python Bottle, in order to deceive the victim...
openSUSE/SUSE permissions: privilege escalation via pcp
An attacker can bypass restrictions via pcp of openSUSE/SUSE permissions, in order to escalate his privileges...
QEMU: read-write access via virtiofsd
An attacker, inside a guest system, can bypass access restrictions via virtiofsd of QEMU, in order to read or alter data on the host system...
yast2-multipath: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of yast2-multipath...
Xen: denial of service via X86 HVM IRQ Vector
An attacker, inside a guest system, can trigger a fatal error via X86 HVM IRQ Vector of Xen, in order to trigger a denial of service on the host system...
Check Point SmartConsole: privilege escalation
An attacker can bypass restrictions of Check Point SmartConsole, in order to escalate his privileges...
Cisco SD-WAN vEdge: information disclosure via Iperf Tool
An attacker can bypass access restrictions to data via Iperf Tool of Cisco SD-WAN vEdge, in order to obtain sensitive information...
Cisco SD-WAN vEdge: five vulnerabilities
An attacker can use several vulnerabilities of Cisco SD-WAN vEdge...
Cisco SD-WAN vEdge: privilege escalation via Command Injection
An attacker can bypass restrictions via Command Injection of Cisco SD-WAN vEdge, in order to escalate his privileges...
Cisco SD-WAN vEdge: two vulnerabilities
An attacker can use several vulnerabilities of Cisco SD-WAN vEdge...
Cisco Web Security Appliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Web Security Appliance, in order to run JavaScript code in the context of the web site...
Cisco Unified Communications Manager: four vulnerabilities
An attacker can use several vulnerabilities of Cisco Unified Communications Manager...
Cisco ESA/SMA/WSA: information disclosure via General Purpose API
An attacker can bypass access restrictions to data via General Purpose API of Cisco ESA/SMA/WSA, in order to obtain sensitive information...
Cisco Data Center Network Manager: Cross Site Scripting via Network Operator
An attacker can trigger a Cross Site Scripting via Network Operator of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1094 1095 1096 1097 1098 1099 1100 1101 1102 1104 1106 1107 1108 1109 1110 1111 1112 1113 1114 1121 1141 1149