The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
CUPS: several vulnerabilities
Several vulnerabilities of CUPS can be used by an attacker to create a denial of service or to execute code...
eterm, rxvt: launching without display
When eterm or rxvt is executed without a display, it automatically starts on the display ":0", which can be the display of another user...
PowerDNS: predictability of query ids
An attacker can predict query ids in order for example to poison the DNS server cache...
phpMyAdmin: obtaining the password
A local attacker can read the session file in order to obtain sensitive data such as the phpMyAdmin password...
avast: memory corruption of aavmker4.sys
A local attacker can corrupt the memory of aavmker4.sys in order to create a denial of service or to execute code...
OpenSSH: execution of rc command
When the ~/.ssh/rc file exists, the ForceCommand directive is not honoured...
Wireshark: denials of service
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
Apache Tomcat: information disclosure
Two vulnerabilities of Apache Tomcat can be used by an attacker to obtain information...
exiftags: several vulnerabilities
An attacker can create malicious JPEG images in order to create a denial of service or code execution when they are handled by exiftags...
FreeBSD, Linux, NetBSD: integer overflow of strfmon
An attacker controlling the strfmon() format string can generate an integer overflow leading to a denial of service, and possibly to code execution...
policyd-weight: file corruption
A local attacker can create a symbolic link in order to force policyd-weight to corrupt a file...
Namazu: Cross Site Scripting via UTF-7
An attacker can use UTF-7 encoded data in order to create a Cross Site Scripting in Namazu...
Smarty: PHP function execution
An attacker allowed to edit a Smarty template can execute PHP functions...
IOS: denials of service of DLSw
An attacker can send UDP or IP Proto 91 packets in order to create a denial of service if DLSw is used...
Catalyst IOS: denial of service of OSPF and MPLS VPN
An attacker can send several packets in order to create a denial of service when OSPF and MPLS VPN are configured...
IOS: denial of service via IPv6 and IPv4/UDP
An attacker can send malicious IPv6 packets to IPv4/UDP services of the router in order to create a denial of service...
IOS: obtaining data via MVPN
A attacker can send malicious MDT messages in order to receive data belonging to a MPLS VPN...
IOS: denials of service of VPDN
An attacker can create two denials of service in Virtual Private Dial-up Network...
GnuPG: memory corruption during the import
An attacker can create OpenPGP keys corrupting memory when they are imported...
Solaris: vulnerability under SPARC T5120 and T5220
Some Sun SPARC Enterprise T5120 and T5220 servers are shipped with a Solaris 10 image allowing root logins via ssh...
Thunderbird: several vulnerabilities
Several vulnerabilities were announced in Thunderbird, the worst one leading to code execution...
Seamonkey: several vulnerabilities
Several vulnerabilities were announced in Seamonkey, the worst one leading to code execution...
Firefox: several vulnerabilities
Several vulnerabilities were announced in Firefox, the worst one leading to code execution...
OpenSSH: obtaining X11 cookie
A local attacker can listen to a TCP port in order to obtain the X11 session cookie...
PHP: buffer overflow of APC
An attacker, allowed to upload a malicious PHP script, can execute code via the APC module...
PHP: integer overflow of printf
An attacker, allowed to upload a malicious PHP script, can execute code via printf() functions...
Word: code execution via Jet
An attacker can create a malicious Word file leading to code execution when opened...
Windows Vista/2008: NoDriveTypeAutoRun not honoured
The NoDriveTypeAutoRun key, which disables AutoPlay, is not honoured by Windows Vista/2008, and enables the AutoRun...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 204 205 206 207 208 209 210 211 212 214 216 217 218 219 220 221 222 223 224 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1014