The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Synology DSM: information disclosure via Media Server
An attacker can bypass access restrictions to data via Media Server of Synology DSM, in order to obtain sensitive information...
Zstandard: read-write access via Transient Default Permissions
An attacker can bypass access restrictions via Transient Default Permissions of Zstandard, in order to read or alter data...
Zstandard: read-write access via Default Permissions
An attacker can bypass access restrictions via Default Permissions of Zstandard, in order to read or alter data...
GNOME Glib: integer overflow via g_bytes_new
An attacker can trigger an integer overflow via g_bytes_new() of GNOME Glib, in order to trigger a denial of service, and possibly to run code...
GNOME Glib: integer overflow via g_byte_array_new_take
An attacker can trigger an integer overflow via g_byte_array_new_take() of GNOME Glib, in order to trigger a denial of service, and possibly to run code...
OpenBSD: out-of-bounds memory reading via npppd
An attacker can force a read at an invalid address via npppd of OpenBSD, in order to trigger a denial of service, or to obtain sensitive information...
libebml: buffer overflow via EbmlString-ReadData
An attacker can trigger a buffer overflow via EbmlString::ReadData() of libebml, in order to trigger a denial of service, and possibly to run code...
WebKit: memory corruption
An attacker can trigger a memory corruption of WebKit, in order to trigger a denial of service, and possibly to run code...
ClusterLabs crmsh: vulnerability
A vulnerability of ClusterLabs crmsh was announced...
Google protobuf: integer overflow via Serialization
An attacker can trigger an integer overflow via Serialization of Google protobuf, in order to trigger a denial of service, and possibly to run code...
Node.js elliptic: information disclosure via Secp256k1 Implementation
An attacker can bypass access restrictions to data via Secp256k1 Implementation of Node.js elliptic, in order to obtain sensitive information...
Node.js botframework-connector: privilege escalation via Improper Authentication
An attacker can bypass restrictions via Improper Authentication of Node.js botframework-connector, in order to escalate his privileges...
QEMU: privilege escalation via Virtiofsd Xattrmap Option
An attacker, inside a guest system, can bypass restrictions via Virtiofsd Xattrmap Option of QEMU, in order to escalate his privileges on the host system...
FortiGate: data transit via Transparent Proxy Malformed HTTP/S Traffic
An attacker can bypass filtering rules via Transparent Proxy Malformed HTTP/S Traffic of FortiGate, in order to transmit malicious data...
OSSEC: denial of service via _ReadElem
An attacker can trigger a fatal error via _ReadElem() of OSSEC, in order to trigger a denial of service...
Linux kernel: information disclosure via iscsi_host_get_param
A local attacker can read a memory fragment via iscsi_host_get_param() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: read-write access via iscsi_if_recv_msg
An attacker can bypass access restrictions via iscsi_if_recv_msg() of the Linux kernel, in order to read or alter data...
Linux kernel: read-write access via iSCSI show_transport_handle
An attacker can bypass access restrictions via iSCSI show_transport_handle() of the Linux kernel, in order to read or alter data...
IBM API Connect: Man-in-the-Middle via Database Replication
An attacker can act as a Man-in-the-Middle via Database Replication on IBM API Connect, in order to read or write data in the session...
IBM API Connect: spoofing via Registration Invitation Link
An attacker can create spoofed data via Registration Invitation Link of IBM API Connect, in order to deceive the victim...
Ceph: privilege escalation via JSON Web Token
An attacker can bypass restrictions via JSON Web Token of Ceph, in order to escalate his privileges...
MuPDF: use after free via Linearization
An attacker can force the usage of a freed memory area via Linearization of MuPDF, in order to trigger a denial of service, and possibly to run code...
libcaca: buffer overflow via caca_resize
An attacker can trigger a buffer overflow via caca_resize() of libcaca, in order to trigger a denial of service, and possibly to run code...
Apache ActiveMQ: privilege escalation via LDAP Login Module
An attacker can bypass restrictions via LDAP Login Module of Apache ActiveMQ, in order to escalate his privileges...
FreeRADIUS: bad logging via Global Logrotate Change
The FreeRADIUS service modifies Logrotate's global configuration with a user change option, which can lead to bad logging...
Asterisk: denial of service via T.38 Zero Port
An attacker can trigger a fatal error via T.38 Zero Port of Asterisk, in order to trigger a denial of service...
Snort: denial of service via Ethernet Frame Decoder
An attacker can trigger a fatal error via Ethernet Frame Decoder of Snort, in order to trigger a denial of service...
Xen, Linux: denial of service via Map Foreign Pages
An attacker, inside a guest system, can trigger a fatal error via Map Foreign Pages of Xen with Linux, in order to trigger a denial of service on the host system...
Xen, Linux: denial of service via Netback Grant Mapping Errors
An attacker, inside a guest system, can trigger a fatal error via Netback Grant Mapping Errors of Xen with Linux, in order to trigger a denial of service on the host system...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1106 1107 1108 1109 1110 1111 1112 1113 1114 1116 1118 1119 1120 1121 1122 1123 1124 1125