The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
pfSense: Cross Site Scripting via services_wol.php
An attacker can trigger a Cross Site Scripting via services_wol.php of pfSense, in order to run JavaScript code in the context of the web site...
Chrome: two vulnerabilities
An attacker can use several vulnerabilities of Chrome...
Debian courier-authlib: information disclosure via /run/courier/authdaemon
An attacker can bypass access restrictions to data via /run/courier/authdaemon of Debian courier-authlib, in order to obtain sensitive information...
Linux kernel: use after free via blk_mq_queue_tag_busy_iter
An attacker can force the usage of a freed memory area via blk_mq_queue_tag_busy_iter() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Windows: vulnerabilities of April 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Visual Studio: vulnerabilities of April 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft SharePoint: vulnerabilities of April 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Exchange Server: vulnerabilities of April 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft 365 Apps for Enterprise: vulnerabilities of April 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Office: vulnerabilities of April 2021
An attacker can use several vulnerabilities of Microsoft products...
Joomla Core: two vulnerabilities
An attacker can use several vulnerabilities of Joomla Core...
cifs-utils: privilege escalation via Kerberos Auth Leak Escaping
An attacker can bypass restrictions via Kerberos Auth Leak Escaping of cifs-utils, in order to escalate his privileges...
X.Org Server: buffer overflow via XInput Extension ChangeFeedbackControl
An attacker can trigger a buffer overflow via XInput Extension ChangeFeedbackControl of X.Org Server, in order to trigger a denial of service, and possibly to run code...
Mosquitto: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on Mosquitto, in order to read or write data in the session...
Node.js mongodb-client-encryption: Man-in-the-Middle via Improper Certificate Validation
An attacker can act as a Man-in-the-Middle via Improper Certificate Validation on Node.js mongodb-client-encryption, in order to read or write data in the session...
Node.js set-or-get: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js set-or-get, in order to read or alter data...
SAP: multiple vulnerabilities of April 2021
An attacker can use several vulnerabilities of SAP products...
Irssi: multiple vulnerabilities
An attacker can use several vulnerabilities of Irssi...
Dell OpenManage Enterprise-Modular: privilege escalation
An attacker can bypass restrictions of Dell OpenManage Enterprise-Modular, in order to escalate his privileges...
libpano13: use after free via panoFileOutputNamesCreate
An attacker can force the usage of a freed memory area via panoFileOutputNamesCreate() of libpano13, in order to trigger a denial of service, and possibly to run code...
Linux kernel: out-of-bounds memory reading via x25_bind
An attacker can force a read at an invalid address via x25_bind() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
MediaWiki: multiple vulnerabilities
An attacker can use several vulnerabilities of MediaWiki...
libopenmpt: NULL pointer dereference via set_position_seconds
An attacker can force a NULL pointer to be dereferenced via set_position_seconds() of libopenmpt, in order to trigger a denial of service...
Python Pikepdf: external XML entity injection via XMP Metadata Entries
An attacker can transmit malicious XML data via XMP Metadata Entries to Python Pikepdf, in order to read a file, scan sites, or trigger a denial of service...
umoci: write access via Unpack Symlink Traversal
An attacker can bypass access restrictions via Unpack Symlink Traversal of umoci, in order to alter data...
Mozilla Thunderbird: three vulnerabilities via OpenPGP Key
An attacker can use several vulnerabilities via OpenPGP Key of Mozilla Thunderbird...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1116 1117 1118 1119 1120 1121 1122 1123 1124 1126 1128 1129 1130 1131 1132 1133