The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
OS-autoinst: denial of service via SIGCHLD Signal
An attacker can trigger a fatal error via SIGCHLD Signal of OS-autoinst, in order to trigger a denial of service...
rpm-ostree: code execution via Package Verification Level
An attacker can use a vulnerability via Package Verification Level of rpm-ostree, in order to run code...
Drupal Core: Cross Site Scripting via Sanitization API
An attacker can trigger a Cross Site Scripting via Sanitization API of Drupal Core, in order to run JavaScript code in the context of the web site...
Jenkins Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Plugins...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
IBM i: spoofing via SMTP Non-existent Local-domain Recipients
An attacker can create spoofed data via SMTP Non-existent Local-domain Recipients of IBM i, in order to deceive the victim...
WebSphere AS: external XML entity injection
An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service...
Oracle VM VirtualBox: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Oracle Solaris: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Oracle MySQL: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Oracle Java, OpenJDK: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Oracle Fusion Middleware: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Oracle Communications: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Oracle Database: vulnerabilities of April 2021
Several vulnerabilities were announced in Oracle products...
Centreon Web: Cross Site Scripting via index.php
An attacker can trigger a Cross Site Scripting via index.php of Centreon Web, in order to run JavaScript code in the context of the web site...
Apache Commons IO: directory traversal via FileNameUtils.normalize
An attacker can traverse directories via FileNameUtils.normalize() of Apache Commons IO, in order to read a file outside the service root path...
ImageMagick: four vulnerabilities
An attacker can use several vulnerabilities of ImageMagick...
libbfd: overload via DWARF read_section
An attacker can trigger an overload via DWARF read_section() of libbfd, in order to trigger a denial of service...
Pulse Connect Secure: code execution
An attacker can use a vulnerability of Pulse Connect Secure, in order to run code...
ezplatform-page-builder: information disclosure via Map/Host URL Matcher
An attacker can bypass access restrictions to data via Map/Host URL Matcher of ezplatform-page-builder, in order to obtain sensitive information...
Linux kernel: out-of-bounds memory reading via remove_nats_in_journal
An attacker can force a read at an invalid address via remove_nats_in_journal() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
WebSphere AS: external XML entity injection
An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service...
Dell NetWorker: privilege escalation via Log Files Plain-text Credentials
An attacker can bypass restrictions via Log Files Plain-text Credentials of Dell NetWorker, in order to escalate his privileges...
Django django-registration: information disclosure via HTTP 5xx
An attacker can bypass access restrictions to data via HTTP 5xx of Django django-registration, in order to obtain sensitive information...
Nextcloud Desktop Client: code execution via URLs
An attacker can use a vulnerability via URLs of Nextcloud Desktop Client, in order to run code...
Node.js jose: information disclosure via Observable Timing Discrepancy
An attacker can bypass access restrictions to data via Observable Timing Discrepancy of Node.js jose, in order to obtain sensitive information...
Firefox/Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox/Thunderbird...
Linux kernel: information disclosure via Speculatively Out-of-bounds Loads
An attacker can bypass access restrictions to data via Speculatively Out-of-bounds Loads of the Linux kernel, in order to obtain sensitive information...
Linux kernel: memory corruption via sctp_destroy_sock
An attacker can trigger a memory corruption via sctp_destroy_sock() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1118 1119 1120 1121 1122 1123 1124 1125 1126 1128 1130 1131 1132 1133