The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
OpenBSD: memory leak via libressl
An attacker can create a memory leak via libressl of OpenBSD, in order to trigger a denial of service...
IBM API Connect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of IBM API Connect, in order to force the victim to perform operations...
IBM API Connect: Cross Site Scripting via Web UI
An attacker can trigger a Cross Site Scripting via Web UI of IBM API Connect, in order to run JavaScript code in the context of the web site...
IBM API Connect: spoofing via Web Cache Poisoning
An attacker can create spoofed data via Web Cache Poisoning of IBM API Connect, in order to deceive the victim...
IBM API Connect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of IBM API Connect, in order to force the victim to perform operations...
IBM API Connect: information disclosure via URL Fragment Identifiers
An attacker can bypass access restrictions to data via URL Fragment Identifiers of IBM API Connect, in order to obtain sensitive information...
Linux kernel: denial of service via NFS Umask
An attacker can trigger a fatal error via NFS Umask of the Linux kernel, in order to trigger a denial of service...
glibc: buffer overflow via ldbl2mpn.c
An attacker can trigger a buffer overflow via ldbl2mpn.c of glibc, in order to trigger a denial of service, and possibly to run code...
Docker Engine/Moby: denial of service via Image Pull
An attacker can trigger a fatal error via Image Pull of Docker Engine/Moby, in order to trigger a denial of service...
Docker Engine/Moby: read-write access via Remapped Root
An attacker can bypass access restrictions via Remapped Root of Docker Engine/Moby, in order to read or alter data...
Google Android/Pixel: multiple vulnerabilities of February 2021
An attacker can use several vulnerabilities of Google Android/Pixel...
Apple macOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple macOS...
Nokogiri: external XML entity injection via Nokogiri-XML-Schema
An attacker can transmit malicious XML data via Nokogiri::XML::Schema() to Nokogiri, in order to read a file, scan sites, or trigger a denial of service...
Keycloak: information disclosure via SSRF
An attacker can bypass access restrictions to data via SSRF of Keycloak, in order to obtain sensitive information...
Django: directory traversal via archive.extract
An attacker can traverse directories via archive.extract() of Django, in order to create a file outside the service root path...
Wireshark: two vulnerabilities via USB HID Dissector
An attacker can use several vulnerabilities via USB HID Dissector of Wireshark...
Flatpak: code execution via flatpak-portal
An attacker can use a vulnerability via flatpak-portal of Flatpak, in order to run code...
libEBML: use after free via EbmlMaster-Read
An attacker can force the usage of a freed memory area via EbmlMaster::Read() of libEBML, in order to trigger a denial of service, and possibly to run code...
JasPer: six vulnerabilities
An attacker can use several vulnerabilities of JasPer...
OpenSMTPD: NULL pointer dereference via lka_filter.c
An attacker can force a NULL pointer to be dereferenced via lka_filter.c of OpenSMTPD, in order to trigger a denial of service...
OpenSMTPD: memory leak via Regex Lookups
An attacker can create a memory leak via Regex Lookups of OpenSMTPD, in order to trigger a denial of service...
FFmpeg: memory corruption via decode_frame
An attacker can trigger a memory corruption via decode_frame() of FFmpeg, in order to trigger a denial of service, and possibly to run code...
Simple DirectMedia Layer: out-of-bounds memory reading via Blit_3or4_to_3or4__inversed_rgb
An attacker can force a read at an invalid address via Blit_3or4_to_3or4__inversed_rgb() of Simple DirectMedia Layer, in order to trigger a denial of service, or to obtain sensitive information...
Simple DirectMedia Layer: integer overflow via SDL_BlitCopy
An attacker can trigger an integer overflow via SDL_BlitCopy() of Simple DirectMedia Layer, in order to trigger a denial of service, and possibly to run code...
IBM Spectrum Protect: code execution via Export Code Injection
An attacker can use a vulnerability via Export Code Injection of IBM Spectrum Protect, in order to run code...
Centreon Web: multiple vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
Trend Micro OfficeScan XG: multiple vulnerabilities
An attacker can use several vulnerabilities of Trend Micro OfficeScan XG...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1096 1097 1098 1099 1100 1101 1102 1103 1104 1106 1108 1109 1110 1111 1112 1113 1114