The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: denial of service of drivers
A local attacker can use vulnerabilities of several drivers in order to create a denial of service...
Opera: code execution
Two Opera vulnerabilities lead to code execution or to a memory disclosure...
PCRE: buffer overflow via an option
When attacker can change the regular expression used by a program, he can corrupt its memory in order for example to execute code...
Ruby: denial of service of rb_ary_fill
When a Ruby program uses the Array.fill() method with incorrect parameters, it stops...
Thunderbird: several vulnerabilities
Several vulnerabilities were announced in Thunderbird, the worst one leading to code execution...
Firefox/Seamonkey: several vulnerabilities
Several vulnerabilities were announced in Firefox/Seamonkey, the worst one leading to code execution...
OpenLDAP: denial of service via ASN.1 BER
A non authenticated attacker can send a malicious ASN.1 packet in order to stop the service...
Wireshark: denials of service
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
Novell Client: privilege elevation via NWFS.SYS
A local attacker can use the NWFS.SYS of Novell Client in order to obtain privileges of system...
Solaris: denial of service of snmpXdmid
A network attacker can send malformed packets in order to stop snmpXdmid...
IE: changing the content of a FRAME
An attacker can create a malicious HTML page changing the content of the FRAME of another site...
IE 6: Cross Site Scripting via location
An attacker can create an HTML document in order to generate a Cross Site Scripting in Internet Explorer 6...
NASM: several vulnerabilities
Several memory corruptions occur when a malicious file is compiled by NASM...
Squid: buffer overflow of a url
An attacker can send a malicious query in order to generate an overflow in Squid...
Linux kernel: memory reading via the emulation
A local attacker can create a malicious program in order to read memory fragments...
Linux kernel: memory corruption via gcc
An attacker can exploit a suid program compiled with gcc 4.3 in order to corrupt the memory, and possibly to execute code with high privileges...
Linux kernel: denial of service via ptrace
A local attacker can create a denial of service with a program using PTRACE_ATTACH and PTRACE_DETACH...
Linux kernel: reading memory on x86_64
A local attacker, on a x86_64 processor, can use the copy_user_generic() function in order to obtain kernel memory fragments...
Perl: changing rights via rmtree
A local attacker can use a symbolic link in order to force the rmtree function of lib/File/Path.pm to change rights of a file...
Xen: denial of service via PVFB
A local attacker can create a denial of service by using a long FrameBuffer...
phpMyAdmin: Cross Site Scripting of libraries
An attacker can create a Cross Site Scripting attack in phpMyAdmin...
RHEL: privilege elevation via sblim
A local attacker can create a malicious library in order to execute code with rights of applications using SBLIM...
Adobe Acrobat/Reader: code execution
An attacker can create a PDF document containing malicious JavaScript code in order to execute code on the computer of victims opening the document...
Ruby: several vulnerabilities
Several Ruby vulnerabilities lead to denials of service or to code executions...
PHP: bypassing safe_mode
An attacker can use a file name starting with "http://" in order to bypass safe_mode restrictions...
Firefox 3.0: no warning
When user clicks on a link such as mailto, and if a warning message is configured, this warning is not displayed...
Cisco IPS: denial of service via jumbo Ethernet
An attacker can send a jumbo Ethernet frame in order to stop Cisco IPS in inline mode...
Sun Calendar Server: denial of service of logging
When Access Logging is enabled, an attacker can stop Sun Java System Calendar Server...
fetchmail: denial of service in verbose mode
When fetchmail is used in verbose mode, an attacker can create a long message in order to stop it...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 211 212 213 214 215 216 217 218 219 221 223 224 225 226 227 228 229 230 231 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1050