The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
PHP: open_basedir bypass with bz2
An attacker can create a PHP program using a compress.bzip2:// uri to bypass open_basedir restriction...
PHP: open_basedir bypass with zip
An attacker can create a PHP program using a zip:// uri to bypass open_basedir restriction...
McAfee ePO: buffer overflow of SiteManager.dll
An attacker can generate two overflows in the SiteManager.Dll ActiveX...
MPlayer, xine-lib: integer overflow via DirectShow
While playing a DirectShow file, an integer overflow can occur in MPlayer or xine-lib and lead to code execution...
PHP: buffer overflow of snmpget
An attacker can create a script using snmpget() in order to execute code...
Oracle DB: local vulnerabilities
A local attacker can exploit several vulnerabilities in order to generate a denial of service or to execute code...
JDK: information disclosure via JMX RMI-IIOP
A local attacker can access to information of users of a JMX RMI-IIOP application...
SQL-Ledger, LedgerSMB: authentication bypass
An attacker can bypass authentication in order to access administration interface of SQL-Ledger or LedgerSMB...
SQL-Ledger, LedgerSMB: code execution via an error
An attacker can generate and error in order to execute code in SQL-Ledger or LedgerSMB...
SQL-Ledger, LedgerSMB: file access
An attacker can access to files using the path cleaning code...
MySQL: denial of service via an ordered sub-select
A local attacker can use a malicious SQL query in order to stop service...
Linux kernel: reading a program via PT_INTERP
A local attacker can read the content of an unreadable program by using PT_INTERP...
Linux kernel: buffer overflow of Omnikey CardMan 4040
A local attacker can elevate his privileges if he is allowed to access the Omnikey CardMan 4040 driver...
Linux kernel: reading memory via ipv6_getsockopt_sticky
A local attacker can read a memory fragment via an IPv6 socket...
Snort Inline: denial of service
An attacker can send a malicious fragmented packet in order to stop Snort Inline...
PHP: buffer overflow of a ZIP uri
An attacker can use a long uri in order to generate an overflow in the ZIP extension of PHP...
Windows: memory corruption via OLE32.DLL
An attacker can create a malicious Word document leading to a denial of service and eventually to code execution...
NetBSD: integer overflow of ktruser
A local attacker can elevate his privileges when FreeBSD or Darwin compatibility is activated...
Windows: insecurity of public directories
A local attacker can create a denial of service or access information when victim creates or uses a file/directory in a public directory...
Ekiga: format string attack
An attacker can execute code by generating a format string attack in Ekiga...
PHP: buffer overflow of crack_opendict
An attacker can create a script using crack_opendict() in order to execute code...
Konqueror, KJS: denial of service via an IFRAME
An attacker can create a HTML document with a FTP IFRAME in order to stop Konqueror or KJS...
PHP: memory reading with substr_compare
A local attacker can use the substr_compare() function in order to read memory content of php process...
OpenBSD: vulnerability of mbuf via IPv6
An attacker located on the local network can generate an error in mbuf handling in order to stop system or to execute code...
phpMyAdmin: Cross Site Scripting of db and table
An attacker can use "db" and "table" parameters in order to inject HTML code in phpMyAdmin...
Linux kernel: denial of service by umounting USB
A local attacker can umount an USB key in order to stop system...
PHP: buffer overflow of mssql_connect
An attacker can create a script using mssql_connect() or mssql_pconnect() in order to execute code...
SeaMonkey, Thunderbird: integer overflow via an email
An attacker can create a very big email generating an integer overflow...
Enigmail, Evolution, GNUMail, KMail, Mutt, Sylpheed: vulnerability of GnuPG
The VIGILANCE-VUL-6610 vulnerability affects Enigmail, Evolution, GNUMail, KMail, Mutt and Sylpheed, which depent on GnuPG...
GnuPG: incorrect display
An attacker can inject data which are displayed as correctly signed...

   

Direct access to page 1 21 41 61 81 101 121 141 161 168 169 170 171 172 173 174 175 176 178 180 181 182 183 184 185 186 187 188 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1053