The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Firefox: several vulnerabilities
Several vulnerabilities were announced in Firefox, the worst one leading to code execution...
Windows: buffer overflow in the SafeDisc driver
A local attacker can exploit a buffer overflow in the Macrovision SafeDisc driver in order to gain SYSTEM rights...
Cisco PIX/ASA: denials of service of MGCP and TLS
An attacker can send malicious MGCP or TLS packets in order to stop the firewall...
Cisco IOS, CatOS: multiple vulnerabilities of FWSM
Several vulnerabilities permit an attacker to generate a denial of service or to bypass ACEs...
FLAC: integer overflows
Several integer overflows of FLAC permit an attacker to execute code on computer of victim...
Internet Explorer: missing warning dialog
An attacker can use a special url which does not display the warning dialog about a potentially dangerous transfer...
Opera: vulnerabilities
Two vulnerabilities of Opera permit an attacker to execute commands or to change a Javascript code...
Apache Tomcat: reading files via WebDAV
An attacker allowed with a write access via WebDAV can read a file located on the system...
Oracle AS, Portal: several vulnerabilities of October 2007
Several vulnerabilities are corrected by CPU of October 2007...
Oracle Database: several vulnerabilities of October 2007
Several vulnerabilities are corrected by CPU of October 2007...
MadWifi: denial of service via a beacon
An attacker can send a malicious beacon packet in order to stop MadWifi and to panic the kernel...
SUSE Linux Enterprise Server 10: denial of service of BIND
A remote attacker can create a denial of service of the named (BIND) service with a GSS-TSIG request...
Fedora Core 6, RH: characters injection in openSSH logs
A attacker accessing the SSH service can inject characters in openSSH log files...
Tar: denial of service via safer_name_suffix
An attacker can create a denial of service of tar using a malicious document...
HPLIP: command injection in hpssd
A local attacker can run a command with hpssd daemon rights...
Websphere AS: vulnerability in wsadmin
An unknown vulnerability has been announced in wsadmin...
OpenSSL: vulnerability in DTLS implementation
An error in the implementation of DTLS can permit an attacker to run code or to create a denial of service...
Solaris: denial of service of automountd et mountd
A local or remote attacker can stop the automountd and mountd daemons on Solaris systems...
HP-UX: privilege elevation via HP Select Identity
A remote attacker can gain access to the system using a vulnerability in HP Select Identity...
phpMyAdmin: Cross Site Scripting of setup.php
An attacker can use parameters of setup.php script in order to inject HTML code in phpMyAdmin...
Solaris: denial of service during a BSM audit
A local attacker can stop system during BSM audit on a network...
Alsaplayer: buffer overflow via a ogg file
An attacker can construct a malicious ogg file in order to run code on computer of victims listening this file...
Asterisk: buffer overflow of a voicemail via IMAP
A local or remote attacker can send a voicemail in order to execute code on Asterisk when it is read via IMAP...
PHP: bypassing disable_functions via aliases
An attacker can use alias names of functions in order to bypass disable_functions...
Windows XP, 2003, IE 7: program execution via mailto
An attacker can create a special mailto uri, which executes a command when user clicks on it...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 189 190 191 192 193 194 195 196 197 199 201 202 203 204 205 206 207 208 209 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020