The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Joomla Core: Cross Site Request Forgery via AJAX Reordering Endpoint
An attacker can trigger a Cross Site Request Forgery via AJAX Reordering Endpoint of Joomla Core, in order to force the victim to perform operations...
Joomla Core: file upload via MediaHelper-canUpload
An attacker can upload a malicious file via MediaHelper::canUpload on Joomla Core, in order for example to upload a Trojan...
nginx: buffer overflow via DNS Server Response
An attacker can trigger a buffer overflow via DNS Server Response of nginx, in order to trigger a denial of service, and possibly to run code...
Exiv2: denial of service via Image Metadata
An attacker can trigger a fatal error via Image Metadata of Exiv2, in order to trigger a denial of service...
Exiv2: out-of-bounds memory reading via Image Metadata
An attacker can force a read at an invalid address via Image Metadata of Exiv2, in order to trigger a denial of service, or to obtain sensitive information...
Exiv2: buffer overflow via Image Metadata
An attacker can trigger a buffer overflow via Image Metadata of Exiv2, in order to trigger a denial of service, and possibly to run code...
Exiv2: out-of-bounds memory reading via Image Metadata
An attacker can force a read at an invalid address via Image Metadata of Exiv2, in order to trigger a denial of service, or to obtain sensitive information...
Jenkins Plugins: four vulnerabilities
An attacker can use several vulnerabilities of Jenkins Plugins...
Node.js browserslist: overload via Regular Expression
An attacker can trigger an overload via Regular Expression of Node.js browserslist, in order to trigger a denial of service...
Node.js xmlhttprequest-ssl: Man-in-the-Middle via rejectUnauthorized
An attacker can act as a Man-in-the-Middle via rejectUnauthorized() on Node.js xmlhttprequest-ssl, in order to read or write data in the session...
Node.js dns-packet: information disclosure via allocUnsafe
A local attacker can read a memory fragment via allocUnsafe() of Node.js dns-packet, in order to obtain sensitive information...
Node.js firebase/util: overload via deepExtend
An attacker can trigger an overload via deepExtend() of Node.js firebase/util, in order to trigger a denial of service...
Node.js docsify: Cross Site Scripting via Fragment Identifiers
An attacker can trigger a Cross Site Scripting via Fragment Identifiers of Node.js docsify, in order to run JavaScript code in the context of the web site...
Linux kernel: use after free via BlueTooth HCI Device Initialization
An attacker can force the usage of a freed memory area via BlueTooth HCI Device Initialization of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Apple macOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple macOS...
Apple iOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple iOS...
mpv: memory corruption via M3U Playlist
An attacker can trigger a memory corruption via M3U Playlist of mpv, in order to trigger a denial of service, and possibly to run code...
Botan: information disclosure via Non Constant-time Computations
An attacker can bypass access restrictions to data via Non Constant-time Computations of Botan, in order to obtain sensitive information...
tpm2-tss: privilege escalation
An attacker can bypass restrictions of tpm2-tss, in order to escalate his privileges...
Python urllib3: Man-in-the-Middle via HTTPS Proxy Connection
An attacker can act as a Man-in-the-Middle via HTTPS Proxy Connection on Python urllib3, in order to read or write data in the session...
glibc: use after free via nscd
An attacker can force the usage of a freed memory area via nscd of glibc, in order to trigger a denial of service, and possibly to run code...
Slurm: code execution via PrologSlurmctld / EpilogSlurmctld
An attacker can use a vulnerability via PrologSlurmctld / EpilogSlurmctld of Slurm, in order to run code...
Zope: privilege escalation via Page Templates TAL Expressions
An attacker can bypass restrictions via Page Templates TAL Expressions of Zope, in order to escalate his privileges...
Snort: data transit via HTTP Detection Engine File Policy Bypass
An attacker can bypass filtering rules via HTTP Detection Engine File Policy Bypass of Snort, in order to transmit malicious data...
WildFly: Cross Site Scripting via Domain Mode Role Creation
An attacker can trigger a Cross Site Scripting via Domain Mode Role Creation of WildFly, in order to run JavaScript code in the context of the web site...
HP LaserJet: privilege escalation via Driver Software
An attacker can bypass restrictions via Driver Software of HP LaserJet, in order to escalate his privileges...
VMware Workstation: three vulnerabilities
An attacker can use several vulnerabilities of VMware Workstation...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1132 1133 1134 1135 1136 1137 1138 1139 1140 1142 1144 1145 1146 1147 1148 1149 1150