The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Esri ArcGIS Server: SQL injection
An attacker can use a SQL injection of Esri ArcGIS Server, in order to read or alter data...
ArcGIS Enterprise: Cross Site Scripting via Document Link Parameters
An attacker can trigger a Cross Site Scripting via Document Link Parameters of ArcGIS Enterprise, in order to run JavaScript code in the context of the web site...
Forcepoint Web Security Content Gateway: external XML entity injection
An attacker can transmit malicious XML data to Forcepoint Web Security Content Gateway, in order to read a file, scan sites, or trigger a denial of service...
hostapd: spoofing via AlgorithmIdentifier Parameters
An attacker can create spoofed data via AlgorithmIdentifier Parameters of hostapd, in order to deceive the victim...
Perl Net: data transit via IP Address Leading Zero Characters
An attacker can bypass filtering rules via IP Address Leading Zero Characters of Perl Net, in order to transmit malicious data...
Dell EMC Connectrix B-Series: code execution via SANnav
An attacker can use a vulnerability via SANnav of Dell EMC Connectrix B-Series, in order to run code...
Nettle: Man-in-the-Middle via Signature Verification Functions
An attacker can act as a Man-in-the-Middle via Signature Verification Functions on Nettle, in order to read or write data in the session...
Apache MyFaces Core: Cross Site Request Forgery via Weak Tokens
An attacker can trigger a Cross Site Request Forgery via Weak Tokens of Apache MyFaces Core, in order to force the victim to perform operations...
lib3mf: use after free via NMR-COpcPackageReader-releaseZIP
An attacker can force the usage of a freed memory area via NMR::COpcPackageReader::releaseZIP() of lib3mf, in order to trigger a denial of service, and possibly to run code...
Linux kernel: code execution via BPF Branch Displacements
An attacker can use a vulnerability via BPF Branch Displacements of the Linux kernel, in order to run code...
Python: overload via urllib.request
An attacker can trigger an overload via urllib.request of Python, in order to trigger a denial of service...
ClamAV: NULL pointer dereference via Mail Parser
An attacker can force a NULL pointer to be dereferenced via Mail Parser of ClamAV, in order to trigger a denial of service...
ClamAV: out-of-bounds memory reading via PDF Parser
An attacker can force a read at an invalid address via PDF Parser of ClamAV, in order to trigger a denial of service, or to obtain sensitive information...
ClamAV: overload via Excel XLM
An attacker can trigger an overload via Excel XLM of ClamAV, in order to trigger a denial of service...
WebSphere AS: information disclosure via Server-Side Request Forgery
An attacker can bypass access restrictions to data via Server-Side Request Forgery of WebSphere AS, in order to obtain sensitive information...
Cisco IOS XR: code execution via Command Injection
An attacker can use a vulnerability via Command Injection of Cisco IOS XR, in order to run code...
Cisco Webex Meetings for Android: spoofing via Avatar Modification
An attacker can create spoofed data via Avatar Modification of Cisco Webex Meetings for Android, in order to deceive the victim...
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
Cisco Unified Communications Manager: privilege escalation via Self Care Portal
An attacker can bypass restrictions via Self Care Portal of Cisco Unified Communications Manager, in order to escalate his privileges...
Cisco Unified Communications Manager, Unity Connection: code execution via SOAP API Request
An attacker can use a vulnerability via SOAP API Request of Cisco Unified Communications Manager or Cisco Unity Connection, in order to run code...
Cisco Unified Communications Manager: information disclosure via Downloadable Files
An attacker can bypass access restrictions to data via Downloadable Files of Cisco Unified Communications Manager, in order to obtain sensitive information...
ClamAV for Windows: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of ClamAV for Windows, in order to execute code...
rpm: spoofing via Unsigned Signature Header
An attacker can create spoofed data via Unsigned Signature Header of rpm, in order to deceive the victim...
Linux kernel: NULL pointer dereference via Hyper-V Context
An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Hyper-V Context of the Linux kernel, in order to trigger a denial of service on the host system...
Jenkins Core/Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Core/Plugins...
Linux kernel: privilege escalation via Nested VMCB Controls
An attacker, inside a guest system, can bypass restrictions via Nested VMCB Controls of the Linux kernel, in order to escalate his privileges on the host system...
Linux kernel: use after free via nosy_ioctl
An attacker can force the usage of a freed memory area via nosy_ioctl() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
FreeBSD: read-write access via Jail Allow.mount
An attacker can bypass access restrictions via Jail Allow.mount of FreeBSD, in order to read or alter data...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1115 1116 1117 1118 1119 1120 1121 1122 1123 1125 1127 1128 1129 1130 1131 1132 1133