The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: double memory free of squashfs
A local attacker can mount a malicious squashfs image to generate a denial of service or to execute code...
NVIDIA driver: buffer overflow
The NVIDIA driver for Unix contains a buffer overflow permitting a local attacker to obtain root privileges...
Ingo: shell command execution
An authenticated user can execute shell commands via Ingo...
PAM LDAP: access via a deactivated account
An attacker can for example unlock the X screen by using the account of an user deactivated on LDAP...
PHP: buffer overflow of htmlentities and htmlspecialchars
An attacker can use data encoded in UTF-8 in order to generate an overflow in htmlentities() and htmlspecialchars()...
SAP Web AS: several vulnerabilities
A remote attacker can read a file or generate a denial of service, and a local attacker can elevate his privileges...
libX11: descriptor leak
A file descriptor is unnecessarily opened in libX11, but permits an attacker to access a file...
phpMyAdmin: Cross Site Scripting of the error displaying script
An attacker can use the error displaying script to inject HTML code in phpMyAdmin...
Outpost Firewall: denial of service of SandBox
A local attacker can send malicious data to the Sandbox driver in order to stop Outpost Firewall...
Informix DS: vulnerabilities during the installation
A local attacker can alter files during the installation of Informix DS...
Linux kernel: denial of service of /proc/net/ip6_flowlabel
A local attacker can access to /proc/net/ip6_flowlabel in order to generate an infinite loop or to stop the system...
Sun Java Web, AS, DS: denial of service of NSS
A remote attacker can stop service by using a malicious SSLv2 session...
HP-UX: vulnerability of su
A local attacker can use a vulnerability of the su command in order to obtain root privileges...
Visual Studio 2005, IE: code execution via WMI Object Broker
A vulnerability of the WMI Object Broker ActiveX leads to code execution on user's computer...
ImageMagick, GraphicsMagick: memory corruption of DCM and PALM
An attacker can create a malicious DCM or PALM image leading to code execution on computers of ImageMagick or GraphicsMagick users...
Windows: denial of service of Internet Connection Sharing
An attacker on the internal network can generate a denial of service on the computer with Internet Connection Sharing...
3Com SS3 4400: obtaining the SNMP community string
An attacker in the management VLAN can obtain the SNMP community string...
Sophos: several denial of service
Four vulnerabilities of the Sophos antivirus permit an attacker to generate a denial of service, and eventually to execute code...
Adobe Acrobat/Reader: information disclosure via ADBC/SOAP
A PDF document can contain a script obtaining information on user's databases...
Ruby: denial of service of cgi.rb by dashes
An attacker can send a HTTP request containing malformed MIME data in order to generate an infinite loop in cgi.rb...
Internet Explorer: injection of content in another window
An attacker can inject data into a window of Internet Explorer associated to another web site...
Xsupplicant: buffer overflow
An attacker can generate an overflow in Xsupplicant in order to execute code...
Wireshark, Ethereal: several vulnerabilities
Several vulnerabilities of Wireshark permit a remote attacker to conduct a denial of service or to run code...
wvWare: integer overflow of LFO and LVL
An attacker can create a malicious Word document generating two overflows in wvWare...
GNU screen: denial of service
When some Unicode characters are displayed, the screen program can stop...
Internet Exporer: spoofing url of a popup
An attacker can create a popup window whose url seems to be legitimate...
Outlook Express, Internet Explorer: access to data of another site via mhtml
An attacker can create a website using a redirection and a mhtml: uri in order to access data of another web site...
Firefox: denial of service of JavaScript
An attacker can use a malicious Javascript code in order to stop the browser...
HP-UX: buffer overflow of TZ
A local attacker can elevate his privileges via programs using localtime_r()...
FreeBSD: denial of service via /dev/crypto
A local attacker can change crypto parameters in order to stop system...

   

Direct access to page 1 21 41 61 81 101 121 141 156 157 158 159 160 161 162 163 164 166 168 169 170 171 172 173 174 175 176 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1047