The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: use after free via DRM Subsystem
An attacker can force the usage of a freed memory area via DRM Subsystem of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Wind River VxWorks: integer overflow via Memory Allocator
An attacker can trigger an integer overflow via Memory Allocator of Wind River VxWorks, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via blk_cleanup_queue
An attacker can force the usage of a freed memory area via blk_cleanup_queue() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via cipso_v4_genopt
An attacker can force the usage of a freed memory area via cipso_v4_genopt() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via hci_chan
An attacker can force the usage of a freed memory area via hci_chan of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
libxml2: overload via Parameter Laughs
An attacker can trigger an overload via Parameter Laughs of libxml2, in order to trigger a denial of service...
jhead: out-of-bounds memory reading via Get32s
An attacker can force a read at an invalid address via Get32s() of jhead, in order to trigger a denial of service, or to obtain sensitive information...
jhead: out-of-bounds memory reading via process_DQT
An attacker can force a read at an invalid address via process_DQT() of jhead, in order to trigger a denial of service, or to obtain sensitive information...
Prosody: five vulnerabilities
An attacker can use several vulnerabilities of Prosody...
IBM QRadar User Behavior Analytics: information disclosure via Technical Error Message
An attacker can bypass access restrictions to data via Technical Error Message of IBM QRadar User Behavior Analytics, in order to obtain sensitive information...
IBM QRadar User Behavior Analytics: information disclosure via Cacheable SSL Pages
An attacker can bypass access restrictions to data via Cacheable SSL Pages of IBM QRadar User Behavior Analytics, in order to obtain sensitive information...
IBM QRadar User Behavior Analytics: information disclosure via Permissive CORS Policy
An attacker can bypass access restrictions to data via Permissive CORS Policy of IBM QRadar User Behavior Analytics, in order to obtain sensitive information...
IBM QRadar User Behavior Analytics: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of IBM QRadar User Behavior Analytics, in order to run JavaScript code in the context of the web site...
Dell EMC NetWorker: two vulnerabilities
An attacker can use several vulnerabilities of Dell EMC NetWorker...
Ceph: three vulnerabilities
An attacker can use several vulnerabilities of Ceph...
Impacket: directory traversal via smbserver.py
An attacker can traverse directories via smbserver.py of Impacket, in order to read or alter a file outside the service root path...
PostgreSQL: three vulnerabilities
An attacker can use several vulnerabilities of PostgreSQL...
libgetdata: use after free via Dirfile Database
An attacker can force the usage of a freed memory area via Dirfile Database of libgetdata, in order to trigger a denial of service, and possibly to run code...
Graphviz: code execution via lib/common/shapes.c
An attacker can use a vulnerability via lib/common/shapes.c of Graphviz, in order to run code...
Drupal Chaos Tool Suite: information disclosure via EntityView
An attacker can bypass access restrictions to data via EntityView of Drupal Chaos Tool Suite, in order to obtain sensitive information...
Drupal Facets: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Facets, in order to run JavaScript code in the context of the web site...
Drupal Gutenberg: denial of service via Blocks Deletion
An attacker can trigger a fatal error via Blocks Deletion of Drupal Gutenberg, in order to trigger a denial of service...
VLC: code execution via non-https URL
An attacker can use a vulnerability via specific urls opened by VLC, in order to run code...
Symfony: user account enumeration
An attacker can check names of Symfony users with a timing attack...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1128 1129 1130 1131 1132 1133 1134 1135 1136 1138 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149