The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco Secure ACS: obtaining administration port
An attacker can guess the port number used by the administration server in order to access session just opened by administrator...
DNS: denial of service via UDP echo services
An attacker can generate a message loop between a DNS server and UDP services such as echo...
Courier: denial of service via equal character
An attacker can send an email using an address containing the equal character in order to overload Courier...
HP-UX: denial of service of kernel
A local attacker can generate an integer overflow in kernel in order to stop it...
Usermin: deactivating root's shell
A local attacker can change root's shell, using Usermin interface...
IE: us-ascii data unfiltered
An attacker can create an HTML page in us-ascii, in order to bypass softwares protecting Internet Explorer...
Webmin: file reading under Windows
When Webmin is installed under Windows, an attacker can use a special url to read a file of server...
WebSphere AS 6.0.2: several vulnerabilities
Several vulnerabilities of WebSphere AS permit an attacker to obtain information...
Excel: execution of Javascript located in a Shockwave Flash object
An attacker can create an Excel file leading to Javascript code execution when it is opened...
Linux kernel: denial of service of SCTP
An attacker can generate an infinite loop in kernel by sending a SCTP packet...
xine-lib: buffer overflow of HTTP plugin
An attacker can setup a malicious web server generating an overflow in connecting xine clients...
Excel, Word: buffer overflow of a link
An attacker can create a document containing a link, generating an overflow when user clicks on it...
netpbm: overflow of pamtofits
An attacker can create de malicious PNM/PAM image in order to generate an overflow in pamtofits...
GnuPG: denial of service of parse-packet
An attacker can create a file leading to a denial of service in parse-packet.c of GnuPG...
Excel: code execution
An attacker can create a malicious Excel document leading to code execution when it is opened...
Cisco Secure ACS: Cross Site Scripting of LogonProxy.cgi
An attacker can use the LogonProxy.cgi script for a Cross Site Scripting attack...
aRts: privilege elevation via artswrapper
In some cases, the artswrapper program does not loose its root privileges...
wv: memory corruption
An attacker can create a malicious Word document generating an overflow in wv...
iPlanet Messaging Server: file reading with pipe_master
A local attacker can use pipe_master to read the first line of read protected files...
HP-UX: denial of service of Support Tools Manager
A local attacker can generate a denial of service on Support Tools Manager...
Horde: several Cross Site Scripting
Several Cross Site Scripting permit an attacker to run script in the context of a Horde user...
KDE: file reading via KDM
A local attacker can use KDM to read a system file with root privileges...
Sendmail: denial of service via a MIME message
An attacker can create an email containing deeply nested MIME in order to exhaust memory space of process...
libgd: infinite loop via a GIF image
An attacker can create a GIF image generating an infinite loop in libgd...
PHP: variables not unset because of zend_hash_del
Due to an error in zend_hash_del() function, some variables are not unset...
Linux kernel: buffer overflow of USB OID_GEN_SUPPORTED_LIST
A local attacker can corrupt memory using a RNDIS OID_GEN_SUPPORTED_LIST request...
WebVPN: Cross Site Scripting
An attacker can use a Cross Site Scripting attack on WebVPN clientless mode...

   

Direct access to page 1 21 41 61 81 101 121 141 145 146 147 148 149 150 151 152 153 155 157 158 159 160 161 162 163 164 165 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1023