The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
dkim-milter: denial of service
An attacker can use a revoked DKIM key in order to stop dkim-milter...
PHP: several vulnerabilities
An attacker can use several vulnerabilities of PHP in order to create a denial of service or to execute code...
Firefox: new homographs
Several homographs characters are not recognized by Firefox...
Cisco Unified MeetingPlace: Cross Site Scripting
A user of Cisco Unified MeetingPlace can create a Cross Site Scripting in the web browser of other users...
Apache Tomcat: reading posted data
When Apache Tomcat displays posted HTTP data, an attacker can obtain fragments of previously posted data...
PyCrypto: buffer overflow of ARC2
An attacker can use a long ARC2 key in order to generate an overflow in PyCrypto...
Linux kernel: sending a signal to parent via clone
A process can use clone() to kill its parent process, even if it does not have sufficient privileges...
Cisco Unified MeetingPlace Web Conferencing: bypassing authentication
An attacker can bypass the authentication to obtain an administrator access on Cisco Unified MeetingPlace Web Conferencing...
Linux kernel: denials of service via ext4
An attacker can create a malicious ext4 filesystem and then mount it in order to stop the kernel...
Flash Player: several vulnerabilities
Several Adobe Flash Player vulnerabilities can be used by an attacker to execute code, to obtain information or to interact with the victim to force him to execute actions...
WebSphere MQ: privilege elevation via setmqaut, dmpmqaut and dspmqaut
A local attacker can use the setmqaut, dmpmqaut and dspmqaut commands in order to obtain WebSphere MQ privileges...
Excel: code execution
An attacker can create a malicious Excel file leading to code execution when it is opened...
Squid, ProxySG: connection to an private service
An attacker can use an active technology in order to obtain information from a private service...
AIX: buffer overflow of pppdial
A attacker can execute code with a buffer overflow of pppdial...
Adobe Acrobat/Reader: code execution via JBIG2
An attacker can create a PDF file containing a malicious JBIG2 image in order to execute code on the computer of victims opening the document...
OpenBSD: denial of service of bgpd
An attacker can send a BGP message with a long AS path, in order to stop the bgpd daemon...
libpng: memory corruption via free
An attacker can create a malicious PNG image in order to corrupt the memory of applications linked to libpng...
libpng: memory corruption via png_check_keyword
An attacker can write a null byte in memory via png_check_keyword()...
libpng: memory leak via tEXT
An attacker can create an image containing a malicious tEXT field in order to create a denial of service in applications linked to libpng...
HTTPS: man-in-the-middle in the middle attack by using http, SSLstrip
An attacker located as a man-in-the-middle can deceive the victim to connect to an http site instead of an https (HTTP over SSL) site...
Linux kernel: reading 4 bytes via getsockopt
A local attacker can use getsockopt() in order to read 4 bytes from the kernel memory...
Linux kernel: erasing skfp statistics
A local attacker can delete statistics of the SysKonnect FDDI PCI driver...
MySQL: denial of service via booleans
An attacker can use a complex boolean query in order to create a denial of service...
xine-lib: multiple vulnerabilities
Several vulnerabilities can be used by an attacker to create a denial of service or to execute code on victim's computer...
Fail2ban: denial of service
An attacker can connect to a server with a special client name in order to force Fail2ban to block the access...
FreeBSD: privilege elevation via telnetd
An attacker, allowed to upload a file on the system, can obtain a root access via a telnetd vulnerability...
WebSphere AS 6.0.2: several vulnerabilities
Several vulnerabilities of WebSphere AS can be used to attack the service...
Sun Java Directory Proxy Server: denial of service
An attacker can use a malicious LDAP query in order to stop Sun Java Directory Proxy Server...
squidGuard: bypassing with a dot
An attacker can add a dot in the url in order to bypass the restriction imposed by squidGuard...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 230 231 232 233 234 235 236 237 238 240 242 243 244 245 246 247 248 249 250 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022