The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
MIT krb5: memory corruption via RPC
A non authenticated attacker can exploit two vulnerabilities leading to code execution on kadmind...
MaraDNS: memory leaks
An attacker can generate 4 memory leaks in MaraDNS...
VLC: 3 vulnerabilities
An attacker can generate 3 vulnerabilities in VLC, leading to a denial of service or to code execution...
xfsdump: filesystem access via xfs_fsr
A local attacker can read of alter filesystem during xfs_fsr execution...
MadWifi: several vulnerabilities
Three vulnerabilities of MadWifi permit an attacker to generate a denial of service and eventually to execute code...
Fail2Ban: denial of service
An attacker can connect to ssh server and generate a protocol error in order to force Fail2Ban to block access...
Ingres: several vulnerabilities
Several vulnerabilities affects the Ingres database...
Emacs: integer overflow via a GIF image
An attacker can send an email containing a malicious GIF image in order to generate an overflow on computers of victims reading their emails with Emacs...
DenyHosts: denial of service
An attacker can connect to ssh server and generate a protocol error in order to force DenyHosts to block access...
PHP: buffer overflow of tidy_parse_string and tidy_repair_string
An attacker can create a script using tidy_parse_string() or tidy_repair_string() in order to execute code...
PHPMailer: command execution
An attacker can inject shell commands via PHPMailer...
Apache httpd: information disclosure via mod_mem_cache
An attacker can obtain memory fragments when mod_mem_cache is used...
F-Secure AV: scan bypass with LHA or RAR
An attacker can create a malicious LHA or RAR archive in order to bypass antivirus scan...
WebSphere AS 6.1.0: several vulnerabilities
Several vulnerabilities of WebSphere AS permit an attacker to obtain information, to create denial of service or to attack the service...
PostgreSQL: privilege elevation via dblink
In the default configuration, a local attacker can use the dblink feature to elevate his privileges...
Evolution Data Server: integer overflow via IMAP
A malicious IMAP server can execute code on Evolution Data Server clients which connect...
NetWare: buffer overflow of XNFS.NLM
A remote attacker can generate an overflow on the NFS server...
Solaris: denial of service via IPv6 without IPSec
When a system is configured with IPv6, but without the IPSec module, an attacker can send a specific IPv6 packet to stop it...
Subversion: reading properties
In some cases, an attacker can read properties of objects he should not have access to...
Linux kernel: memory leak via PPPIOCGCHAN
A local attacker can create a PPPoE socket and use PPPIOCGCHAN to progressively use system memory...
Linux kernel: denial of service of compat_sys_mount
A local attacker can mount a filesystem in 32 bits compatibility mode in order to stop system...
Solaris: denial of service via NFS
An attacker can use malicious XDR data in order to stop system via NFS...
Sun Java System Directory Server: attribute detection
An attacker can detect if an attribute exists...
Sun Java System Directory Server: data altering
An unprivileged attacker can alter data in the directory...
Apache Tomcat: several Cross Site Scripting
An attacker can exploit two Cross Site Scripting attacks on Apache Tomcat...
open-iscsi: denial of service
A local attacker can generate two denials of service on open-iscsi...
Flash Player: interaction with Unix browser
Under an Unix environment, a Flash applet can receive keyboard events...
libexif: integer overflow of exif_data_load_data_entry
An attacker can create an image generating an integer overflow in exif_data_load_data_entry() of libexif...
libgd: infinite loop in gdPngReadData
An attacker can create a malicious PNG image in order to generate a denial of service on applications linked with libgd...
SpamAssassin: denial of service via vpopmail or virtual
In a particular configuration, a local attacker can use SpamAssassin to alter the content of a file...

   

Direct access to page 1 21 41 61 81 101 121 141 161 178 179 180 181 182 183 184 185 186 188 190 191 192 193 194 195 196 197 198 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020