The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Firefox 3.0: several vulnerabilities
Several vulnerabilities of Firefox 3.0 can be used by an attacker to execute code on victim's computer...
Linux kernel: unchecked capabilities
The kernel does not check some capabilities, which can be used by a local attacker to do some privileged actions...
ArubaOS: denial of service via 802.11 Association Request
An attacker can send a malformed 802.11 Association Request frame, in order to restart ArubaOS...
Microsoft SharePoint Server: reading ASPX files
An attacker can obtain the source code of some pages hosted on Microsoft Office SharePoint Server...
Ghostscript: denial of service via JBIG2
An attacker can create a PDF file containing a malicious JBIG2 image, in order to stop the Ghostscript application...
Asterisk: bypassing ACLs
An attacker, who is normally blocked by ACLs, can send SIP INVITE messages to Asterisk...
Solaris: insufficient locking of XScreenSaver
When accessibility features are enabled, popup windows are displayed through XScreenSaver...
Perl: infinite loop of HTML-Parser
An attacker can send truncated HTML data to the Perl HTML::Parser module, in order to generate an infinite loop...
Perl: denial of service via UTF-8
An attacker can use some UTF-8 characters, in order to stop applications using Perl...
Linux kernel: file modification
In a special case, a local attacker can use /proc/PID/fd in order to alter the file of a user...
Linux kernel: predicting get_random_int
Integers generated by the get_random_int() function are sometimes predictable...
squidGuard: several vulnerabilities
An attacker can use two vulnerabilities of squidGuard, in order to bypass imposed restrictions...
Snort: denials of service of IPv6
When IPv6 is enabled, an attacker can send malformed packets in order to stop Snort...
Linux kernel: integer overflow via kvm_dev_ioctl_get_supported_cpuid
On a 32 bits processor, a local attacker can generate an overflow in the kvm_dev_ioctl_get_supported_cpuid() function, in order to create a denial of service, or possibly to execute code...
Linux kernel: NULL dereference via update_cr8_intercept
A local attacker can use an ioctl on /dev/kvm, in order to stop the kernel or to execute privileged code...
Avast: denial of service
A local attacker can delete the 400.vps file, so the Avast antivirus cannot start...
Avast: several vulnerabilities
A local attacker can use several vulnerabilities of Avast, in order to create a denial of service or to execute code...
TYPO3: several vulnerabilities
An attacker can use several vulnerabilities of TYPO3, in order to create a Cross Site Scripting, to inject SQL code, or to execute commands...
Linux kernel: denial of service via nfsd4
When the nfsd4 service is enabled in the Linux kernel, an attacker can connect with a null authentication, in order to stop the kernel...
Linux kernel: denial of service via get_instantiation_keyring
A local attacker can use cryptographic keys, in order to stop the kernel, and possibly to execute code...
TYPO3: vulnerabilities of extensions
An attacker can use several vulnerabilities of TYPO3 extensions in order to execute code, to generate a Cross Site Scripting or to inject SQL code...
ProFTPD: truncation of X.509 with null
When ProFTPD uses the mod_tls module, an attacker can send a X.509 certificate with a subjectAltName field containing a null character, in order to bypass access restrictions...
Oracle WebLogic: several vulnerabilities of October 2009
Several vulnerabilities of WebLogic are corrected by the CPU of October 2009...
Oracle Application Server: several vulnerabilities of October 2009
Several vulnerabilities of Oracle Application Server are corrected by the CPU of October 2009...
Oracle Database: several vulnerabilities of October 2009
Several vulnerabilities of Oracle Database are corrected by the CPU of October 2009...
3Com OfficeConnect: two vulnerabilities
An attacker can use two vulnerabilities of the 3Com OfficeConnect Firewall/Router, in order to execute commands...
Linux kernel: denial of service via a Unix socket
A local attacker can use a partially closed Unix socket, in order to lock the system...
Linux kernel: NULL dereference via r128
A local attacker can use an ioctl on an ATI Rage 128 video device, in order to stop the kernel or to execute privileged code...
IBM DB2: denial of service of JDBC Applet Server
A network attacker can send a malicious query to the JDBC Applet Server, in order to stop it...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 251 252 253 254 255 256 257 258 259 261 263 264 265 266 267 268 269 270 271 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1089