The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Internet Explorer: HTTP injection
An attacker can create a web site altering the HTTP session in order to create Request Splitting/Smuggling attacks...
XWine: vulnerabilities
A local attacker can elevate his privileges or print a file via XWine...
Xine: several heap overflows
Several heap overflows of Xine can be used by an attacker to execute code on victim's computer...
Audacity: file deletion
A local attacker can delete files belonging to Audacity users...
Perl Net-DNS: denial of service
An attacker owning a DNS server can return a malicious answer in order to stop applications using Perl Net::DNS...
HP-UX: privilege elevation via LTT
A local attacker can elevate his privileges via HP StorageWorks Library and Tape Tools...
Red Hat DS: privilege elevation
A local attacker can replace the redhat-idm-console script in order to elevate his privileges on Red Hat Directory Server 8.0...
MPlayer, VLC, Xine: buffer overflow via RTSP
An attacker can create a malicious RTSP stream in order to create an overflow on computer of victims connecting to it with MPlayer, VLC or Xine...
BusinessObjects: buffer overflow of RptViewerAX.dll
An attacker can create an overflow in the RptViewerAX.dll ActiveX of BusinessObjects 6.5...
Asterisk: several vulnerabilities
Several vulnerabilities of Asterisk permit a remote attacker to generate a denial of service or to execute code...
CUPS: buffer overflow of CGI
An attacker can send a malicious query to CUPS in order to execute code...
MIT krb5: several vulnerabilities
An attacker can use several vulnerabilities of MIT Kerberos 5 in order to create a denial of service or to execute code...
VPN-1: denial of service and information disclosure
In some cases, an attacker with a SecuRemote (SecureClient, SNX) access can intercept data of a site-to-site VPN...
UnZip: memory corruption via NEEDBITS
An attacker can create a malicious ZIP archive and invite victims to open it with UnZip in order to execute code on their computers...
Solaris: denial of service of rpc.metad
A network attacker can connect to rpc.metad in order to stop it...
Archive tools: several vulnerabilities
Several vulnerabilities were announced in programs opening ACE, ARJ, BZ2, CAB, GZ, LHA, RAR, TAR, ZIP and ZOO archives...
VMware: several vulnerabilities
Several vulnerabilities impact VMware ACE, VMware Player, VMware Server and VMware Workstation...
Backup Manager: obtaining FTP password
A local attacker can obtain the FTP password during Backup Manager usage...
Solaris: unlocking XscreenSaver
A local attacker can unlock the screensaver of JDS...
CiscoWorks IPM: shell access
An attacker can connect to a TCP port of systems where CiscoWorks Internetwork Performance Monitor 2.6 is installed in order to obtain a shell access...
McAfee ePO: format string attack of _naimcomn_Log
An attacker can create a format string attack in McAfee ePolicy Orchestrator in order to execute code...
WebSphere MQ: usage of runmqsc
A local attacker can use runmqsc to conduct administrative operations on WebSphere MQ for HP NSS...
Ruby: file access via WEBrick
The WEBrick web server of Ruby can be used by attackers to access to forbidden files...
Dovecot: user access
An attacker can connect to the mail account of a user via Dovecot without knowing his password...
Dovecot: file access with mail_extra_groups
When the mail_extra_groups directive of Dovecot is used, a local attacker can read or alter mail files of users...
Cisco Secure ACS: vulnerabilities of UCP
Two vulnerabilities of Windows User-Changeable Password can be used by an attacker to execute code or create a Cross Site Scripting...
Nagios: Cross Site Scripting and memory leak
An attacker can use a Cross Site Scripting and a memory leak of Nagios...
IE: injection of FTP commands
An attacker can use a special uri in order to inject FTP commands in the session...
WebSphere AS 6.1.0: several vulnerabilities
Several vulnerabilities of WebSphere AS can be used by an attacker to obtain information, to create denial of service or to attack the service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 203 204 205 206 207 208 209 210 211 213 215 216 217 218 219 220 221 222 223 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1014