The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Pound: information disclosure via HTTP Request Smuggling
An attacker can bypass access restrictions to data via HTTP Request Smuggling of Pound, in order to obtain sensitive information...
Python Bottle: spoofing via Web Cache Poisoning
An attacker can create spoofed data via Web Cache Poisoning of Python Bottle, in order to deceive the victim...
openSUSE/SUSE permissions: privilege escalation via pcp
An attacker can bypass restrictions via pcp of openSUSE/SUSE permissions, in order to escalate his privileges...
QEMU: read-write access via virtiofsd
An attacker, inside a guest system, can bypass access restrictions via virtiofsd of QEMU, in order to read or alter data on the host system...
yast2-multipath: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of yast2-multipath...
Xen: denial of service via X86 HVM IRQ Vector
An attacker, inside a guest system, can trigger a fatal error via X86 HVM IRQ Vector of Xen, in order to trigger a denial of service on the host system...
Check Point SmartConsole: privilege escalation
An attacker can bypass restrictions of Check Point SmartConsole, in order to escalate his privileges...
Cisco SD-WAN vEdge: information disclosure via Iperf Tool
An attacker can bypass access restrictions to data via Iperf Tool of Cisco SD-WAN vEdge, in order to obtain sensitive information...
Cisco SD-WAN vEdge: five vulnerabilities
An attacker can use several vulnerabilities of Cisco SD-WAN vEdge...
Cisco SD-WAN vEdge: privilege escalation via Command Injection
An attacker can bypass restrictions via Command Injection of Cisco SD-WAN vEdge, in order to escalate his privileges...
Cisco SD-WAN vEdge: two vulnerabilities
An attacker can use several vulnerabilities of Cisco SD-WAN vEdge...
Cisco Web Security Appliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Web Security Appliance, in order to run JavaScript code in the context of the web site...
Cisco Unified Communications Manager: four vulnerabilities
An attacker can use several vulnerabilities of Cisco Unified Communications Manager...
Cisco ESA/SMA/WSA: information disclosure via General Purpose API
An attacker can bypass access restrictions to data via General Purpose API of Cisco ESA/SMA/WSA, in order to obtain sensitive information...
Cisco Data Center Network Manager: Cross Site Scripting via Network Operator
An attacker can trigger a Cross Site Scripting via Network Operator of Cisco Data Center Network Manager, in order to run JavaScript code in the context of the web site...
Cisco Data Center Network Manager: privilege escalation via Server-Side Request Forgery
An attacker can bypass restrictions via Server-Side Request Forgery of Cisco Data Center Network Manager, in order to escalate his privileges...
Cisco Data Center Network Manager: SQL injection via REST API Endpoints
An attacker can use a SQL injection via REST API Endpoints of Cisco Data Center Network Manager, in order to read or alter data...
Cisco Data Center Network Manager: information disclosure via Logging Subsystem
An attacker can bypass access restrictions to data via Logging Subsystem of Cisco Data Center Network Manager, in order to obtain sensitive information...
Cisco Data Center Network Manager: Man-in-the-Middle via Certificate Validation
An attacker can act as a Man-in-the-Middle via Certificate Validation on Cisco Data Center Network Manager, in order to read or write data in the session...
Cisco Data Center Network Manager: privilege escalation via Authorization Bypass
An attacker can bypass restrictions via Authorization Bypass of Cisco Data Center Network Manager, in order to escalate his privileges...
Cisco Data Center Network Manager: three vulnerabilities via REST API
An attacker can use several vulnerabilities via REST API of Cisco Data Center Network Manager...
Cisco ASR 5000: denial of service via StarOS IPv4
An attacker can trigger a fatal error via StarOS IPv4 of Cisco ASR 5000, in order to trigger a denial of service...
Archive_Tar: directory traversal via Tar.php
An attacker can traverse directories via Tar.php of Archive_Tar, in order to create a file outside the service root path...
Mutt: denial of service via Semicolon Characters
An attacker can trigger a fatal error via Semicolon Characters of Mutt, in order to trigger a denial of service...
SQLite: use after free via SQL Query
An attacker can force the usage of a freed memory area via SQL Query of SQLite, in order to trigger a denial of service, and possibly to run code...
SafeNet Luna Network HSM: vulnerability
A vulnerability of SafeNet Luna Network HSM was announced...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
FasterXML Jackson Databind: code execution via javax.swing.JTextPane
An attacker can use a vulnerability via javax.swing.JTextPane of FasterXML Jackson Databind, in order to run code...
ESET NOD32 Antivirus: write access
An attacker can bypass access restrictions of ESET NOD32 Antivirus, in order to alter data...
AIX: privilege escalation via Gencore User File Creation
An attacker can bypass restrictions via Gencore User File Creation of AIX, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1094 1095 1096 1097 1098 1099 1100 1101 1102 1104 1106 1107 1108 1109 1110 1111 1112 1113 1114