The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
upx: memory corruption via canPack
An attacker can trigger a memory corruption via canPack() of upx, in order to trigger a denial of service, and possibly to run code...
F5 BIG-IP: denial of service via TMM Fragmented IP Traffic Drop
An attacker can trigger a fatal error via TMM Fragmented IP Traffic Drop of F5 BIG-IP, in order to trigger a denial of service...
Netty: information disclosure via Content-Length Header
An attacker can bypass access restrictions to data via Content-Length Header of Netty, in order to obtain sensitive information...
Python Pygments: denial of service via Regular Expressions
An attacker can trigger a fatal error via Regular Expressions of Python Pygments, in order to trigger a denial of service...
Node.js shescape: code execution via Command Injection
An attacker can use a vulnerability via Command Injection of Node.js shescape, in order to run code...
MariaDB: privilege escalation via wsrep_provider/notify_cmd
An attacker can bypass restrictions via wsrep_provider/notify_cmd of MariaDB, in order to escalate his privileges...
Grafana: information disclosure via Snapshot Creation
An attacker can bypass access restrictions to data via Snapshot Creation of Grafana, in order to obtain sensitive information...
Linux kernel: information disclosure via retrieve_ptr_limit
An attacker can bypass access restrictions to data via retrieve_ptr_limit() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: information disclosure via Speculatively Out-of-bounds Loads
An attacker can bypass access restrictions to data via Speculatively Out-of-bounds Loads of the Linux kernel, in order to obtain sensitive information...
Grafana: multiple vulnerabilities
An attacker can use several vulnerabilities of Grafana...
Squid: information disclosure via HTTP Request Smuggling
An attacker can bypass access restrictions to data via HTTP Request Smuggling of Squid, in order to obtain sensitive information...
libmysofa: buffer overflow via readDataVar
An attacker can trigger a buffer overflow via readDataVar() of libmysofa, in order to trigger a denial of service, and possibly to run code...
libmysofa: use after free via mysofa2json
An attacker can force the usage of a freed memory area via mysofa2json of libmysofa, in order to trigger a denial of service, and possibly to run code...
libmysofa: denial of service via readOHDRHeaderMessageDatatype
An attacker can trigger a fatal error via readOHDRHeaderMessageDatatype() of libmysofa, in order to trigger a denial of service...
ClamAV: denial of service via File Parsing
An attacker can trigger a fatal error via File Parsing of ClamAV, in order to trigger a denial of service...
Xen: denial of service via HVM Soft-reset Management Daemon
An attacker, inside a guest system, can trigger a fatal error via HVM Soft-reset Management Daemon of Xen, in order to trigger a denial of service on the host system...
Jenkins Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Plugins...
Drupal Fast Autocomplete: information disclosure via Search Results
An attacker can bypass access restrictions to data via Search Results of Drupal Fast Autocomplete, in order to obtain sensitive information...
eZ Platform, Ibexa DXP: Cross Site Scripting via File Upload
An attacker can trigger a Cross Site Scripting via File Upload of eZ Platform, Ibexa DXP, in order to run JavaScript code in the context of the web site...
Apache Velocity Tools: Cross Site Scripting via Default Error Page
An attacker can trigger a Cross Site Scripting via Default Error Page of Apache Velocity Tools, in order to run JavaScript code in the context of the web site...
Shibboleth Service Provider: spoofing via Template Generation Override
An attacker can create spoofed data via Template Generation Override of Shibboleth Service Provider, in order to deceive the victim...
Debian shadow: privilege escalation via pts/0
An attacker can bypass restrictions via pts/0 of Debian shadow, in order to escalate his privileges...
IBM Rational Application Developer: denial of service
An attacker can trigger a fatal error of IBM Rational Application Developer, in order to trigger a denial of service...
IBM Security Directory Suite: information disclosure
An attacker can bypass access restrictions to data of IBM Security Directory Suite, in order to obtain sensitive information...
Qt5: out-of-bounds memory reading via QRadialFetchSimd
An attacker can force a read at an invalid address via QRadialFetchSimd() of Qt5, in order to trigger a denial of service, or to obtain sensitive information...
Switchboard Bluetooth Plug: information disclosure via Incorrect Authorization
An attacker can bypass access restrictions to data via Incorrect Authorization of Switchboard Bluetooth Plug, in order to obtain sensitive information...
gSOAP: five vulnerabilities
An attacker can use several vulnerabilities of gSOAP...
Tor: denial of service via Detached Signatures
An attacker can trigger a fatal error via Detached Signatures of Tor, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1110 1111 1112 1113 1114 1115 1116 1117 1118 1120 1122 1123 1124 1125