The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
QEMU: two vulnerabilities of VNC
An attacker can use VNC in order to generate a denial of service or to execute code via QEMU...
LibGd, PHP: memory corruption via gdGetColors
An attacker can use an application linked to the GD library, in order to corrupt the memory, which generates a denial of service, and can possibly leads to code execution...
Solaris: gain of file ownership on ZFS
On a ZFS filesystem, a local attacker can gain ownership of a file that does not belong to him...
Linux kernel: reading 2 bytes via tc_fill_node
A local attacker can create a PF_NETLINK/NETLINK_ROUTE socket, in order to read two bytes coming from the kernel memory...
Xpdf: multiple vulnerabilities
An attacker can create a malicious PDF document leading to code execution on computer of users opening it with Xpdf, or its derivatives...
Windows, Office, IE, SQL Server: several vulnerabilities of GDI
A local or remote attacker can create malicious programs or images in order to generate a denial of service or code execution on victim's computer...
Microsoft .NET: code execution
An attacker can invite the victim to display a malicious web page with an XBAP web browser (such as Internet Explorer), in order to execute code on his computer...
Microsoft Office: code execution via ATL
Several vulnerabilities of Microsoft ATL (Active Template Library) impact Microsoft Office products...
Windows: denial of service of LSASS via NTLM
When authenticating to a server, a network attacker can send a malformed NTLM packet, in order to reboot it...
Windows: privilege elevation
A local attacker can use three vulnerabilities of the Windows kernel, in order to generate a denial of service or to execute code with system privileges...
Microsoft Indexing Service: code execution
An attacker can invite the victim using Indexing Service to connect to a malicious IIS web server, in order to execute code on his computer...
Windows, IE: vulnerabilities of several Microsoft ActiveX
Several Microsoft ActiveX can be used by a remote attacker to generate a denial of service or to execute code...
Internet Explorer: multiple vulnerabilities
Several vulnerabilities of Internet Explorer lead to code execution...
Windows Media Player 6.4: code execution
An attacker can invite the victim to open a malicious ASF document, in order to execute code on his computer...
Windows Media Runtime: code execution
An attacker can invite the victim to open a malicious audio document, in order to execute code on his computer...
Windows: several vulnerabilities of SMBv2
An attacker can send a malicious SMB 2.0 packet, in order to execute code on the system, or to generate a denial of service...
Unbound: non verification of NSEC3
When an attacker can spoof DNS packets, he can poison the Unbound cache with fake data...
AWStats: Cross Site Scripting
An attacker can use a Cross Site Scripting of AWStats in order to execute JavaScript code in the context of victim's web browser...
CA Anti-Virus: code execution via arclib
An attacker can create a malformed RAR archive, which corrupts the memory, in order to stop the Anti-Virus, or to execute code...
VMware ACE, Player, Workstation: denial of service of vmware-authd
An attacker can send a malicious authentication query to the vmware-authd service of VMware ACE, Player or Workstation in order to stop it...
Adobe Reader, Acrobat: code execution
An attacker can create a malicious PDF document in order to execute code on the computer of victims opening the document...
AIX: buffer overflow of libcsa.a
An attacker can use rpc.cmsd in order to generate an overflow in libcsa.a to execute code on the system...
Linux kernel: denial of service via AX.25
A local attacker can use an AX.25 socket, in order to stop the system...
Linux kernel: privilege elevation via eCryptfs
A local attacker can create a hard link on an eCryptfs file system, in order to generate a denial of service, or to execute code...
Apache httpd: denial of service under Solaris
An attacker can open several sessions when Apache httpd is installed under Solaris, in order to stop it...
OpenBSD: denial of service via XMM
On an i386 processor, a local attacker can generate an XMM exception, in order to stop OpenBSD...
FreeBSD: privilege elevation via devfs and VFS
A local attacker can use devfs and VFS, in order to obtain kernel privileges...
FreeBSD: privilege elevation via kqueue
A local attacker can use close() and kqueue(), in order to obtain kernel privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 250 251 252 253 254 255 256 257 258 260 262 263 264 265 266 267 268 269 270 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103