The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
IBM Rational Application Developer: Cross Site Scripting
An attacker can generate a Cross Site Scripting in order to execute code in the context of the infected site...
Cisco VPN Client: denial of service
A local attacker can start Cisco VPN Client from the console in order to generate a denial of service...
WebSphere AS: Cross Site Scripting
An attacker, who can use a Cross Site Scripting, can steal the authentication cookie of WebSphere AS...
HP Operations Manager: remote code execution
A remote attacker can execute code on the server...
IE 6, 7: code execution via getElementsByTagName
An attacker can invite the victim to display an HTML page containing a malicious script, in order to execute code on his computer...
Opera: memory corruption via a floating point number
When the attacker can choose a real value, he can generate an overflow leading to a denial of service or to code execution...
Linux kernel: memory corruption of gdth_read_event
A local attacker can generate an overflow in the gdth_read_event() function, in order to create a denial of service, or possibly to execute code...
PHP: bypass of open_basedir via symlink
A attacker can reads and/or creates a file outside the root of the web site...
Gimp: integer overflow via PSD
An attacker can invite the victim to open a malicious PSD image with Gimp, in order to generate an integer overflow, leading to code execution...
CUPS: denial of service
A remote attacker can ask for current print jobs, in order to generate a denial of service of the CUPS daemon...
HP OpenView Network Node Manager: denial of service
An remote attacker can send a specially crafted packet to port 2690/tcp in order to generate a denial of service...
Avast AV: denial of service via aswRdr.sys
A local attacker can use aswRdr.sys in order to do a denial of service or execute privileged code...
Kaspersky AV, IS: denial of service via kl1.sys
A local attacker can use kl1.sys in order to do a denial of service...
Linux kernel: memory corruption of kvm_vcpu_ioctl_x86_setup_mce
On a 32 bits processor, a local attacker can generate an overflow in the kvm_vcpu_ioctl_x86_setup_mce() function, in order to create a denial of service, or possibly to execute code...
WebSphere AS: Cross Site Scripting
An attacker can use the administration console to generate a Cross Site Scripting in order to execute JavaScript code on administrator's computer...
Windows: denial of service via SMB
A remote attacker can create a malicious SMB server and invite the victim to connect to it in order to create a denial of service...
McAfee NSM: stealing authentication cookie
An attacker, who can use a Cross Site Scripting, can steal the authentication cookie of McAfee Network Security Manager...
McAfee NSM: Cross Site Scripting
An attacker can generate a Cross Site Scripting in the Login.jsp page of McAfee Network Security Manager, in order to execute JavaScript code on administrator's computer...
Gimp: integer overflow via BMP
An attacker can invite the victim to open a malicious BMP image with Gimp, in order to generate an integer overflow, leading to code execution...
OpenSolaris: denial of service via tcp_sendmsg
A local attacker can generate a memory leak when TCP messages are sent, in order to generate a denial of service...
Linux kernel: denial of service via do_mmap_pgoff
On a processor with no MMU, a local attacker can create an error in the do_mmap_pgoff() function, in order to stop the system...
Citrix Online Plug-in, ICA Client: spoofing of X.509 certificate
An attacker can setup a server with a malicious X.509 certificate, in order to deceive victims connecting with Citrix Online Plug-in or an ICA Client...
Tomcat: vulnerability of the Windows Installer
When Tomcat is installed with the Windows installer, the password of the admin user is empty...
libVorbis: memory corruption
An attacker can invite the victim to open a malicious OGG file, in order to generate a denial of service or to execute code in libVorbis...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 254 255 256 257 258 259 260 261 262 264 266 267 268 269 270 271 272 273 274 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1036