The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Tor: overload via Old Cached Descriptors Files
An attacker can trigger an overload via Old Cached Descriptors Files of Tor, in order to trigger a denial of service...
Python Markdown2: overload via Regular Expression
An attacker can trigger an overload via Regular Expression of Python Markdown2, in order to trigger a denial of service...
Apache Velocity Engine: code execution via Templates
An attacker can use a vulnerability via Templates of Apache Velocity Engine, in order to run code...
Froxlor: privilege escalation via Password Reset Prediction
An attacker can bypass restrictions via Password Reset Prediction of Froxlor, in order to escalate his privileges...
WildFly JBoss EJB Client: information disclosure
An attacker can bypass access restrictions to data of WildFly JBoss EJB Client, in order to obtain sensitive information...
JBoss Remoting: denial of service via EJB Missing Ack Messages
An attacker can trigger a fatal error via EJB Missing Ack Messages of JBoss Remoting, in order to trigger a denial of service...
Undertow: information disclosure via HTTP Request Smuggling
An attacker can bypass access restrictions to data via HTTP Request Smuggling of Undertow, in order to obtain sensitive information...
Guava: file reading via createTempDir
A local attacker can read a file via createTempDir() of Guava, in order to obtain sensitive information...
varnish-modules: NULL pointer dereference via header.append/copy
An attacker can force a NULL pointer to be dereferenced via header.append/copy() of varnish-modules, in order to trigger a denial of service...
TYPO3 Core: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3 Core...
TYPO3 Aimeos shop and e-commerce framework: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Aimeos shop and e-commerce framework, in order to run JavaScript code in the context of the web site...
TYPO3 Code Highlight: overload via Regular Expression
An attacker can trigger an overload via Regular Expression of TYPO3 Code Highlight, in order to trigger a denial of service...
TYPO3 VHS Fluid ViewHelpers: SQL injection
An attacker can use a SQL injection of TYPO3 VHS Fluid ViewHelpers, in order to read or alter data...
Python ftplib: information disclosure via PASV Response Host Scan
An attacker can bypass access restrictions to data via PASV Response Host Scan of Python ftplib, in order to obtain sensitive information...
Linux kernel: privilege escalation via fastrpc_internal_invoke
An attacker can bypass restrictions via fastrpc_internal_invoke() of the Linux kernel, in order to escalate his privileges...
GNOME Glib: file corruption via g_file_replace
A local attacker can create a symbolic link during the usage of g_file_replace(), in order to alter the pointed file, with privileges of GNOME Glib...
pki-core: Cross Site Scripting via Certificate Search Results
An attacker can trigger a Cross Site Scripting via Certificate Search Results of pki-core, in order to run JavaScript code in the context of the web site...
pki-core: information disclosure via Key Renew
An attacker can bypass access restrictions to data via Key Renew of pki-core, in order to obtain sensitive information...
OpenBSD: use after free via libssl
An attacker can force the usage of a freed memory area via libssl of OpenBSD, in order to trigger a denial of service, and possibly to run code...
Node.js highcharts-export-server: information disclosure via Internal HTTP Resources
An attacker can bypass access restrictions to data via Internal HTTP Resources of Node.js highcharts-export-server, in order to obtain sensitive information...
Node.js madge: code execution via Custom Graphviz Path
An attacker can use a vulnerability via Custom Graphviz Path of Node.js madge, in order to run code...
Node.js msgpack5: read-write access via Prototype Poisoning
An attacker can bypass access restrictions via Prototype Poisoning of Node.js msgpack5, in order to read or alter data...
Node.js xmldom: read-write access via Syntactic Changes
An attacker can bypass access restrictions via Syntactic Changes of Node.js xmldom, in order to read or alter data...
Chrome: three vulnerabilities
An attacker can use several vulnerabilities of Chrome...
IBM API Connect: privilege escalation via API Manager Invitation Link
An attacker can bypass restrictions via API Manager Invitation Link of IBM API Connect, in order to escalate his privileges...
containerd: information disclosure via CRI Environment Variables
An attacker can bypass access restrictions to data via CRI Environment Variables of containerd, in order to obtain sensitive information...
Flatpak: read-write access via File Forwarding
An attacker can bypass access restrictions via File Forwarding of Flatpak, in order to read or alter data...
s390-tools: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of s390-tools...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1109 1110 1111 1112 1113 1114 1115 1116 1117 1119 1121 1122 1123 1124 1125