The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
PC-cillin: incorrect file permissions
Files installed by the antivirus can be accessed by all users...
NetWare, OES: usage of a weak encryption over SSL
A SSL server can use a weak encryption algorithm, whereas other algorithms are available...
snmptrapfmt: file corruption
An attacker can use snmptrapfmt to alter a local file...
WebLogic: denial of service using XML documents
An attacker can create XML data using all system memory...
WebLogic Portal: access to protected data
An attacker can access to data from a portlet...
WebLogic Portal: information disclosure with JSR-168
Cached data associated to a JSR-168 portlet can be returned to attacker...
WebLogic: file reading
An attacker can read files of a server installed under Windows...
FreeRADIUS: access and denial of service of EAP-MSCHAPv2
An attacker can stop the EAP-MSCHAPv2 behavior in order to access service or to stop server...
X.Org: privilege elevation with modulepath or logfile
A local attacker can use -modulepath or -logfile parameters to run privileged code or to overwrite a file...
Avast: incorrect file permissions
Files installed by the antivirus can be accessed by all users...
Evolution: denial of service using an inline attachment
Using an email with an inline attachment, an attacker can stop Evolution and prevent its normal restart...
vserver: multiple vulnerabilities
Two vulnerabilities of vserver permit an attacker to escape chroot, or to own privileged capabilities...
cURL: buffer overflow of a ftp url
An attacker can use a long tftp url in order to execute code in cURL...
phpMyAdmin: Cross Site Scripting of set_theme
An attacker can use the set_theme parameter to inject HTML code in phpMyAdmin...
Netware: denial of service of NWFTPD.NLM
An attacker can use a malicious MDTM command in order to stop FTP service...
IE: memory corruption using event handlers
An attacker can create an HTML page containing numerous Javascript event handlers in order to corrupt memory, which may lead to code execution...
HP-UX: incorrect file access rights changed by usermod
When usermod is used, access rights of some files are incorrectly changed...
Drupal: several vulnerabilities
Several vulnerabilities have been discovered in Drupal, which permit a remote attacker to bypass access controls, realize cross-site scripting attacks or to connect with another account...
wzdftpd: commands execution
An attacker can use the SITE command to run shell commands on wzdftpd server...
xpvm: file corruption
During xpvm.tcl execution, a local attacker can alter a file...
Horde: file reading with go.php
An attacker can use the services/go.php script to read a file located on the computer...
AIX: privilege elevation via mklvcopy
A vulnerability of mklvcopy permits a local attacker member of system group to elevate his privileges...
Flash Player: code execution
Several vulnerabilities of Macromedia Flash Player permit a remote attacker to execute code on user's computer...
Linux, IOS: using computer for an idle scan
An attacker can use the computer to do an idle scan on another computer...
WebCalendar: several vulnerabilities
Several vulnerabilities of WebCalendar permit an attacker to inject SQL code, to overwrite file or to modify HTTP headers...
Office: several vulnerabilities leading to code execution
Several vulnerabilities of Office lead to code execution when a malicious document is opened...
Lurker: several vulnerabilities
An attacker can use several vulnerabilities of Lurker in order to read or to create files, or in order to conduct a Cross Site Scripting attack...
sa-exim: file deletion with greylistclean.cron
An attacker can create a malicious email address to force greylistclean.cron to remove a file...
Perl: weak cyphertext of Crypt-CBC
When Crypt::CBC uses an encryption algorithm using blocks of more than 8 bytes, the cyphertext can be cryptanalyzed...
Squid: memory leak of connstate
A network attacker can use malicious requests in order to progressively use all system memory...

   

Direct access to page 1 21 41 61 81 101 121 137 138 139 140 141 142 143 144 145 147 149 150 151 152 153 154 155 156 157 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020