The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Webmin: Cross Site Request Forgery via Add Users
An attacker can trigger a Cross Site Request Forgery via Add Users of Webmin, in order to force the victim to perform operations...
Webmin: Cross Site Request Forgery via /tunnel/link.cgi
An attacker can trigger a Cross Site Request Forgery via /tunnel/link.cgi of Webmin, in order to force the victim to perform operations...
Webmin: Cross Site Request Forgery via /proc/run.cgi
An attacker can trigger a Cross Site Request Forgery via /proc/run.cgi of Webmin, in order to force the victim to perform operations...
HP SiteScope: vulnerability
A vulnerability of HP SiteScope was announced...
Shibboleth Service Provider: NULL pointer dereference via Session Recovery
An attacker can force a NULL pointer to be dereferenced via Session Recovery of Shibboleth Service Provider, in order to trigger a denial of service...
libav: memory corruption via 64 Audio Channels
An attacker can trigger a memory corruption via 64 Audio Channels of libav, in order to trigger a denial of service, and possibly to run code...
Gstreamer: memory corruption via Matroska File
An attacker can trigger a memory corruption via Matroska File of Gstreamer, in order to trigger a denial of service, and possibly to run code...
Gstreamer: use after free via Matroska File
An attacker can force the usage of a freed memory area via Matroska File of Gstreamer, in order to trigger a denial of service, and possibly to run code...
Nimble: three vulnerabilities
An attacker can use several vulnerabilities of Nimble...
IBM Spectrum Protect Client: two vulnerabilities
An attacker can use several vulnerabilities of IBM Spectrum Protect Client...
gSOAP: code execution via WS-Addressing Plugin
An attacker can use a vulnerability via WS-Addressing Plugin of gSOAP, in order to run code...
IBM Spectrum Protect: privilege escalation
An attacker can bypass restrictions of IBM Spectrum Protect, in order to escalate his privileges...
IBM Spectrum Protect Plus Microsoft File Systems backup and restore: information disclosure via Log Files
An attacker can bypass access restrictions to data via Log Files of IBM Spectrum Protect Plus Microsoft File Systems backup and restore, in order to obtain sensitive information...
IBM Spectrum Protect Plus: information disclosure via Weak Cryptographic Algorithms
An attacker can bypass access restrictions to data via Weak Cryptographic Algorithms of IBM Spectrum Protect Plus, in order to obtain sensitive information...
Node.js systeminformation: code execution via Command Injection
An attacker can use a vulnerability via Command Injection of Node.js systeminformation, in order to run code...
Node.js datatables.net: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js datatables.net, in order to read or alter data...
IBM Spectrum Protect Plus: information disclosure via Cross-Origin Resource Sharing
An attacker can bypass access restrictions to data via Cross-Origin Resource Sharing of IBM Spectrum Protect Plus, in order to obtain sensitive information...
OpenVPN: information disclosure via Deferred Authentication
An attacker can bypass access restrictions to data via Deferred Authentication of OpenVPN, in order to obtain sensitive information...
containers/storage: overload via Invalid Tar
An attacker can trigger an overload via Invalid Tar of containers/storage, in order to trigger a denial of service...
OpenDMARC: buffer overflow via opendmarc_xml
An attacker can trigger a buffer overflow via opendmarc_xml() of OpenDMARC, in order to trigger a denial of service, and possibly to run code...
Rust: use after free via Smallvec
An attacker can force the usage of a freed memory area via Smallvec of Rust, in order to trigger a denial of service, and possibly to run code...
Micro Focus Application Performance Management: code execution
An attacker can use a vulnerability of Micro Focus Application Performance Management, in order to run code...
PJSIP: denial of service via Two 183 Responses
An attacker can trigger a fatal error via Two 183 Responses of PJSIP, in order to trigger a denial of service...
jhead: buffer overflow via Get16u
An attacker can trigger a buffer overflow via Get16u() of jhead, in order to trigger a denial of service, and possibly to run code...
Nexus Repository Manager: directory traversal via HTTP Request
An attacker can traverse directories via HTTP Request of Nexus Repository Manager, in order to read a file outside the service root path...
Nexus Repository Manager: Cross Site Scripting via Properties
An attacker can trigger a Cross Site Scripting via Properties of Nexus Repository Manager, in order to run JavaScript code in the context of the web site...
Nexus Repository Manager: information disclosure via User Token
An attacker can bypass access restrictions to data via User Token of Nexus Repository Manager, in order to obtain sensitive information...
Python: code execution via _xxsubinterpreters
An attacker can use a vulnerability via _xxsubinterpreters of Python, in order to run code...
Wireshark: overload via MS-WSP
An attacker can trigger an overload via MS-WSP of Wireshark, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1119 1120 1121 1122 1123 1124 1125 1126 1127 1129 1131 1132 1133