The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Elasticsearch: information disclosure via Cross-cluster Search Queries
An attacker can bypass access restrictions to data via Cross-cluster Search Queries of Elasticsearch, in order to obtain sensitive information...
Elasticsearch: information disclosure via Suggester/Profile API
An attacker can bypass access restrictions to data via Suggester/Profile API of Elasticsearch, in order to obtain sensitive information...
Undertow: memory leak via HttpOpenListener
An attacker can create a memory leak via HttpOpenListener of Undertow, in order to trigger a denial of service...
Jasper: NULL pointer dereference via jp2_decode
An attacker can force a NULL pointer to be dereferenced via jp2_decode() of Jasper, in order to trigger a denial of service...
Linux kernel: read-write access via Bpf Verifier Mod32 Truncation
An attacker can bypass access restrictions via Bpf Verifier Mod32 Truncation of the Linux kernel, in order to read or alter data...
Keycloak: privilege escalation via External Identity Provider Replay
An attacker can bypass restrictions via External Identity Provider Replay of Keycloak, in order to escalate his privileges...
Mozilla Firefox/Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox/Thunderbird...
Synology Calendar: privilege escalation
An attacker can bypass restrictions of Synology Calendar, in order to escalate his privileges...
Mediainfo: buffer overflow via ChooseParser_ChannelGrouping
An attacker can trigger a buffer overflow via ChooseParser_ChannelGrouping() of Mediainfo, in order to trigger a denial of service, and possibly to run code...
Percona XtraBackup: vulnerability
A vulnerability of Percona XtraBackup was announced...
Centreon Web: Cross Site Scripting via index.php
An attacker can trigger a Cross Site Scripting via index.php of Centreon Web, in order to run JavaScript code in the context of the web site...
FreeBSD, XNU, iOS, macOS: use after free via IP6_EXTHDR_CHECK
An attacker can force the usage of a freed memory area via IP6_EXTHDR_CHECK of FreeBSD, XNU, iOS and macOS, in order to trigger a denial of service, and possibly to run code...
F5 BIG-IP APM Edge Client: information disclosure via Unencrypted Authentication Requests
An attacker can bypass access restrictions to data via Unencrypted Authentication Requests of F5 BIG-IP APM Edge Client, in order to obtain sensitive information...
Linux kernel: buffer overflow via add_slot_store
An attacker can trigger a buffer overflow via add_slot_store() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: denial of service via intel_pmu_drain_pebs_nhm
An attacker can trigger a fatal error via intel_pmu_drain_pebs_nhm() of the Linux kernel, in order to trigger a denial of service...
Linux kernel: denial of service via get_old_root
An attacker can trigger a fatal error via get_old_root() of the Linux kernel, in order to trigger a denial of service...
Moodle: five vulnerabilities
An attacker can use several vulnerabilities of Moodle...
Node.js set-in: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js set-in, in order to read or alter data...
Node.js schema-inspector: denial of service via Regular Expression
An attacker can trigger a fatal error via Regular Expression of Node.js schema-inspector, in order to trigger a denial of service...
Redmine: multiple vulnerabilities
An attacker can use several vulnerabilities of Redmine...
OTRS Help Desk: information disclosure via FAQ Articles
An attacker can bypass access restrictions to data via FAQ Articles of OTRS Help Desk, in order to obtain sensitive information...
Linux kernel: buffer overflow via sound/soc/qcom/sdm845.c
An attacker can trigger a buffer overflow via sound/soc/qcom/sdm845.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: denial of service via fs/io_uring.c
An attacker can trigger a fatal error via fs/io_uring.c of the Linux kernel, in order to trigger a denial of service...
Linux kernel: denial of service via fs/fuse/fuse_i.h
An attacker can trigger a fatal error via fs/fuse/fuse_i.h of the Linux kernel, in order to trigger a denial of service...
BusyBox: memory corruption via decompress_gunzip.c
An attacker can trigger a memory corruption via decompress_gunzip.c of BusyBox, in order to trigger a denial of service, and possibly to run code...
Dnsmasq: information disclosure via Single Socket Birthday Attack
An attacker can bypass access restrictions to data via Single Socket Birthday Attack of Dnsmasq, in order to obtain sensitive information...
Linux kernel: buffer overflow via rtw_wx_set_scan
An attacker can trigger a buffer overflow via rtw_wx_set_scan() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
cloud-init: privilege escalation via Unhashed Generated Password
An attacker can bypass restrictions via Unhashed Generated Password of cloud-init, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1111 1112 1113 1114 1115 1116 1117 1118 1119 1121 1123 1124 1125 1126 1127 1128 1129 1130 1131 1141 1148