The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
JDK, JRE, SDK: denial of service of JSSE
An attacker can connect to SSL services created with JSSE in order to generate a denial of service...
NetWare: IP address disclosure via Apache
When IP address of web server is translated, an attacker can obtain the real IP address...
RHEL, Debian: permissions modification via xfs
A local attacker can force the xfs init script to modify permissions of a file...
SquirrelMail: several vulnerabilities of GPG plugin 2.1
The G/PGP Encryption plugin, version 2.1 and anterior, of SquirrelMail has several vulnerabilities permitting an attacker to execute commands...
IE, Firefox: command execution with FirefoxURL and FirefoxHTML
An attacker can use FirefoxURL and FirefoxHTML uris to inject chrome commands under Windows...
Flash Player: code execution
Three vulnerabilities affect Adobe Flash Player, the worst one leading to code execution...
JDK, JRE: code execution via XSLT style sheets
When a XML signature contains a malicious style sheet, code can run with privileges of application...
TippingPoint IPS: bypassing via fragmentation
An attacker can fragment packets in order to bypass the IPS...
ClamAV, unrar: denial of service
An attacker can create a malicious RAR archive in order to stop ClamAV or unrar...
SquirrelMail: several vulnerabilities of GPG plugin 2.0
The G/PGP Encryption plugin, version 2.0 and anterior, of SquirrelMail has several vulnerabilities permitting an attacker to execute commands...
AVG: memory corruption via avg7core.sys
A local attacker can generate an overflow in avg7core.sys in order to corrupt memory...
McAfee ePO: several vulnerabilities of agent
Four vulnerabilities of McAfee ePO agent lead to denials of service or to code execution...
TippingPoint IPS: bypassing via Unicode
An attacker can use urls containing Unicode characters in order to bypass the IPS...
curl: non rejected SSL certificates
The date field in SSL certificates is not correctly checked by libcurl...
Windows Active Directory: vulnerabilities of LDAP
An attacker can use malicious LDAP queries in order to generate a denial of service or to execute code...
Windows Vista: information disclosure via Teredo
An attacker can use Teredo to obtain some information on victim's system...
Microsoft Publisher: code execution via PUBCONV.DLL
An attacker can create a malicious Publisher file and invite victim to open it in order to execute code on his computer...
Excel: several vulnerabilities
Three vulnerabilities of Excel permit an attacker to execute code on computers of victims accepting to open a malicious file...
Microsoft .NET: 4 vulnerabilities
Four vulnerabilities of .NET (ASP.NET) permit an attacker to execute code, to obtain information, or to create a Cross Site Scripting...
Linux kernel: denial of service on PowerPC
On a PowerPC processor, a local attacker can generate a floating point error in order to stop the system...
Java Web Start: buffer overflow of JNLP
An attacker can create a malicious JNLP file in order to execute code on computer of victims with Java Web Start installed...
GIMP: several integer overflows
An attacker can create malicious images leading to a denial of service or to code execution on computer of victim opening them with GIMP...
AIX: buffer overflow of libodm
A local attacker can elevate his privileges via an overflow in libodm...
Firefox: accessing and altering cached data
Cached data can be reached via a redirection to a wyciwyg uri...
Linux kernel: denial of service of nf_conntrack_h323
An attacker can use malicious H.323 packets in order to generate a denial of service in Netfilter...
SAP: several vulnerabilities
Several vulnerabilities affect SAP products...
WordPress: several vulnerabilities
Three vulnerabilities affect WordPress...
gfax: privilege elevation
A local attacker can force gfax to add malicious entries in the /etc/crontab file...
DAR: weakness of Blowfish encryption
The initialisation vector used by DAR to encrypt data with Blowfish algorithm is predicable...

   

Direct access to page 1 21 41 61 81 101 121 141 161 180 181 182 183 184 185 186 187 188 190 192 193 194 195 196 197 198 199 200 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020