The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Microsoft 365 Apps for Enterprise: vulnerabilities of June 2021
An attacker can use several vulnerabilities of Microsoft products...
Microsoft .NET Core: denial of service
An attacker can trigger a fatal error of Microsoft .NET Core, in order to trigger a denial of service...
Xen: information disclosure via S3 TSX Async Abort protections
An attacker, inside a guest system, can bypass access restrictions to data via S3 TSX Async Abort protections of Xen, in order to obtain sensitive information on the host system...
Xen: information disclosure via Speculative Code Store
An attacker, inside a guest system, can bypass access restrictions to data via Speculative Code Store of Xen, in order to obtain sensitive information on the host system...
Linux kernel: use after free via Xen xen-netback xenvif_connect_data
An attacker, inside a guest system, can force the usage of a freed memory area via Xen xen-netback xenvif_connect_data() of the Linux kernel, in order to trigger a denial of service, and possibly to run code on the host system...
Xen: privilege escalation via Inappropriate X86 IOMMU Timeout
An attacker, inside a guest system, can bypass restrictions via Inappropriate X86 IOMMU Timeout of Xen, in order to escalate his privileges on the host system...
Xen: information disclosure via Unscrubbed Boot Arm Modules
An attacker, inside a guest system, can bypass access restrictions to data via Unscrubbed Boot Arm Modules of Xen, in order to obtain sensitive information on the host system...
OpenBSD: buffer overflow via Vmd DHCP Requests
An attacker, inside a guest system, can trigger a buffer overflow via Vmd DHCP Requests of OpenBSD, in order to trigger a denial of service, and possibly to run code on the host system...
Adobe Acrobat/Reader: five vulnerabilities
An attacker can use several vulnerabilities of Adobe Acrobat/Reader...
Citrix Virtual Apps and Desktops: information disclosure via Cloud Connector Log Files
An attacker can bypass access restrictions to data via Cloud Connector Log Files of Citrix Virtual Apps and Desktops, in order to obtain sensitive information...
Linux kernel: use after free via io_async_task_func
An attacker can force the usage of a freed memory area via io_async_task_func() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: out-of-bounds memory reading via hci_extended_inquiry_result_evt
An attacker can force a read at an invalid address via hci_extended_inquiry_result_evt() of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
Linux kernel: use after free via ucma_migrate_id
An attacker can force the usage of a freed memory area via ucma_migrate_id() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via xfrm_state_fini
An attacker can force the usage of a freed memory area via xfrm_state_fini() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via sctp_wait_for_sndbuf
An attacker can force the usage of a freed memory area via sctp_wait_for_sndbuf() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
SIMATIC RFID Readers: overload via Incoming Connections
An attacker can trigger an overload via Incoming Connections of SIMATIC RFID Readers, in order to trigger a denial of service...
389-ds-base: NULL pointer dereference via sync_create_state_control
An attacker can force a NULL pointer to be dereferenced via sync_create_state_control() of 389-ds-base, in order to trigger a denial of service...
Linux kernel: use after free via hci_sock_bound_ioctl
An attacker can force the usage of a freed memory area via hci_sock_bound_ioctl() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Google Android/Pixel: multiple vulnerabilities of June 2021
An attacker can use several vulnerabilities of Google Android/Pixel...
Zope: privilege escalation via TAL Expressions
An attacker can bypass restrictions via TAL Expressions of Zope, in order to escalate his privileges...
Node.js css-what: overload via Linear Time Complexity
An attacker can trigger an overload via Linear Time Complexity of Node.js css-what, in order to trigger a denial of service...
Node.js trim-newlines: overload via Regular Expression
An attacker can trigger an overload via Regular Expression of Node.js trim-newlines, in order to trigger a denial of service...
Node.js merge-deep: read-write access via Prototype Pollution
An attacker can bypass access restrictions via Prototype Pollution of Node.js merge-deep, in order to read or alter data...
Node.js glob-parent: denial of service via Regular Expression
An attacker can trigger a fatal error via Regular Expression of Node.js glob-parent, in order to trigger a denial of service...
SAP: multiple vulnerabilities of June 2021
An attacker can use several vulnerabilities of SAP products...
Node.js auth0-lock: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js auth0-lock, in order to run JavaScript code in the context of the web site...
Zabbix: information disclosure via Blank Link Referrer
An attacker can bypass access restrictions to data via Blank Link Referrer of Zabbix, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1136 1137 1138 1139 1140 1141 1142 1143 1144 1146