The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
3Com OfficeConnect: denial of service
An attacker can send a malformed HTTP query, in order to stop the 3Com OfficeConnect ADSL Wireless 11g Firewall Router product...
GNU Libtool: code execution
In some cases, GNU Libtool loads a static library located in the current directory...
Ghostscript: buffer overflow via PDF
An attacker can invite the victim to see a malicious PDF document, in order to stop Ghostscript, or to execute code...
GTK+: unlocking gnome-screensaver
In some cases, a local attacker can unlock gnome-screensaver...
acpid: altering a file
The acpid daemon creates its log file with a mode allowing a local attacker to read or modify it...
AIX: buffer overflow of qoslist and qosmod
A local attacker can generate an overflow in the qoslist and qosmod commands, in order to elevate his privileges...
Cisco ASA: bypassing WebVPN Bookmark
An authenticated attacker can use the WebVPN Bookmark feature, in order to access to sites which are not limited by an ACL...
GNU Automake: file modification via dist and distcheck
When the dist and distcheck targets of GNU Automake are used, a local attacker can alter a file...
Wireshark: denials of service
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
PHP 5.2: several vulnerabilities
An attacker can use several vulnerabilities of PHP in order to generate a Cross Site Scripting, to create a denial of service, or to execute code...
Kaspersky AV: privilege elevation
A local attacker can replace files of Kaspersky products, in order to execute code with System privileges...
NetworkManager: two vulnerabilities
Two vulnerabilities of NetworkManager can be used by an attacker to obtain information...
HP OpenView Storage Data Protector: code execution
Two vulnerabilities of HP OpenView Storage Data Protector can be used by a remote attacker to execute code...
Horde: two Cross Site Scripting
An attacker can use two Cross Site Scripting in Horde products, in order to execute JavaScript code in the context of the web site...
VMware: Cross Site Scripting via WebWorks Help
An attacker can use the WebWorks Help in order to generate a Cross Site Scripting in VMware applications...
Xpdf, Gpdf, kdegraphics: memory corruption of FoFiType1-parse
An attacker can create a PDF file containing a malicious character font in order to execute code on the computer of victims opening the document...
Linux kernel: denial of service via rtl8169
An attacker can use a memory leak of the rtl8169 driver, in order to generate a denial of service...
Firefox, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox and SeaMonkey can be used by an attacker to execute code on victim's computer...
FreeBSD: creation of suid files on ZFS
When a ZFS file is repaired, files can obtain the 07777 mode...
Linux kernel: NULL dereference via FireWire
An attacker can plug a malicious FireWire device, in order to stop the kernel or to execute privileged code...
Linux kernel: denials of service via ext4
An attacker can create a malicious ext4 filesystem and then mount it in order to stop the kernel...
IBM DB2 9.7: several vulnerabilities
An attacker can use several vulnerabilities of IBM DB2, in order to obtain data, to create a denial of service, or to execute code...
IBM DB2 9.5: several vulnerabilities
An attacker can use several vulnerabilities of IBM DB2, in order to obtain data, to create a denial of service, or to execute code...
IBM DB2 9.1: several vulnerabilities
An attacker can use several vulnerabilities of IBM DB2, in order to obtain data, to create a denial of service, or to execute code...
PostgreSQL: two vulnerabilities
An attacker can use two vulnerabilities of PostgreSQL, in order to access to user's data...
TYPO3: vulnerabilities of extensions
An attacker can use several vulnerabilities of TYPO3 extensions in order to generate a Cross Site Scripting or to inject SQL code...
Sun Ray: user access
In some cases, when a Sun Ray user logs out, he is automatically relogged in...
Linux kernel: denial of service via ISDN
An attacker can send a short ISDN frame, in order to generate a denial of service...
Adobe Acrobat, Reader: code execution via Doc.media.newPlayer
An attacker can create a malicious PDF document in order to execute code on the computer of victims opening the document...
WebSphere AS 7.0.0: several vulnerabilities
Several vulnerabilities of WebSphere AS can be used to attack the service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 257 258 259 260 261 262 263 264 265 267 269 270 271 272 273 274 275 276 277 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102