The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Asterisk: denial of service via T.38 Negotiation
An attacker can trigger a fatal error via T.38 Negotiation of Asterisk, in order to trigger a denial of service...
Asterisk: denial of service via res_pjsip_diversion
An attacker can trigger a fatal error via res_pjsip_diversion of Asterisk, in order to trigger a denial of service...
Xen: privilege escalation via IOMMU Read/write DMA Access
An attacker, inside a guest system, can bypass restrictions via IOMMU Read/write DMA Access of Xen, in order to escalate his privileges on the host system...
ISC BIND: buffer overflow via GSSAPI Security Policy Negotiation
An attacker can trigger a buffer overflow via GSSAPI Security Policy Negotiation of ISC BIND, in order to trigger a denial of service, and possibly to run code...
WebSphere AS: directory traversal
An attacker can traverse directories of WebSphere AS, in order to read a file outside the service root path...
Cisco AnyConnect Secure Mobility Client for Windows: executing DLL code via VPN Posture Module
An attacker can create a malicious VPN Posture Module DLL, and then put it in the current directory of Cisco AnyConnect Secure Mobility Client for Windows, in order to execute code...
GNU Screen: memory corruption via UTF-8 Character Sequence
An attacker can trigger a memory corruption via UTF-8 Character Sequence of GNU Screen, in order to trigger a denial of service, and possibly to run code...
MongoDB Server: denial of service via IndexBoundsBuilder
An attacker can trigger a fatal error via IndexBoundsBuilder of MongoDB Server, in order to trigger a denial of service...
Google Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
McAfee Web Gateway: privilege escalation via troubleshooting page
An attacker can bypass restrictions via troubleshooting page of McAfee Web Gateway, in order to escalate his privileges...
WebKitGTK: use after free via AudioSourceProviderGStreamer
An attacker can force the usage of a freed memory area via AudioSourceProviderGStreamer of WebKitGTK, in order to trigger a denial of service, and possibly to run code...
Roundcube: Cross Site Scripting via CSS Token Sequences
An attacker can trigger a Cross Site Scripting via CSS Token Sequences of Roundcube, in order to run JavaScript code in the context of the web site...
Red Hat Directory Server: information disclosure via DN Binding
An attacker can bypass access restrictions to data via DN Binding of Red Hat Directory Server, in order to obtain sensitive information...
OpenSSL: NULL pointer dereference via X509_issuer_and_serial_hash
An attacker can force a NULL pointer to be dereferenced via X509_issuer_and_serial_hash() of OpenSSL, in order to trigger a denial of service...
OpenSSL: buffer overflow via EVP_XUpdate
An attacker can trigger a buffer overflow via EVP_XUpdate of OpenSSL, in order to trigger a denial of service, and possibly to run code...
OpenSSL 1.0.2: read-write access via SSLv2 Rollback Protection Bypass
An attacker can bypass access restrictions via SSLv2 Rollback Protection Bypass of OpenSSL 1.0.2, in order to read or alter data...
Mumble: code execution via Public Server List URL Schemes
An attacker can use a vulnerability via Public Server List URL Schemes of Mumble, in order to run code...
IBM Spectrum Protect Operations Center: three vulnerabilities
An attacker can use several vulnerabilities of IBM Spectrum Protect Operations Center...
Xen, Linux: memory corruption via Linux Blkback Grant Mapping
An attacker, inside a guest system, can trigger a memory corruption via Linux Blkback Grant Mapping of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
Xen: information disclosure via Uncleaned ARM Cache
An attacker, inside a guest system, can bypass access restrictions to data via Uncleaned ARM Cache of Xen, in order to obtain sensitive information on the host system...
Xen, Linux: security improvement via Display Frontend Be-alloc
The security of Xen was improved because Display Frontend Be-alloc is unsupported...
Xen, Linux: assertion error via Linux Mapping Error
An attacker, inside a guest system, can force an assertion error via Linux Mapping Error of Xen, in order to trigger a denial of service on the host system...
Xen, Linux: denial of service via Linux Mapping Error
An attacker, inside a guest system, can trigger a fatal error via Linux Mapping Error of Xen, in order to trigger a denial of service on the host system...
Python urllib: data transit via parse_qsl
An attacker can bypass filtering rules via parse_qsl() of Python urllib, in order to transmit malicious data...
Eclipse OpenJ9: buffer overflow via UTF-8 Characters Encoding
An attacker can trigger a buffer overflow via UTF-8 Characters Encoding of Eclipse OpenJ9, in order to trigger a denial of service, and possibly to run code...
Brocade Fabric OS: Man-in-the-Middle via Small SSH Key Length
An attacker can act as a Man-in-the-Middle via Small SSH Key Length on Brocade Fabric OS, in order to read or write data in the session...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102 1103 1104 1105 1106 1107 1108 1109 1111 1113 1114