The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
CiscoWorks: overflow of IPM CORBA GIOP
When CiscoWorks IPM (Internetwork Performance Monitor) is installed on Windows, an attacker can send a CORBA GIOP query to create a buffer overflow, leading to code execution...
Cisco IOS XR: denial of service via SSH
An unauthenticated attacker can send a malicious SSHv2 packet to Cisco IOS XR, in order to generate a denial of service...
SAP WebAS: code execution via ITS
An attacker can generate a buffer overflow in SAP Internet Transaction Server, via SAP Web Application Server, in order to execute code...
Linux kernel: denial of service of routing
An attacker can send several packets going through a Linux router, in order to generate a denial of service...
gunzip: code execution via LZW
An attacker can create a malicious compressed ".Z" archive, in order to execute code on computers of victims opening it with gunzip...
gunzip: code execution via Huffman
An attacker can create a malicious compressed ".gz" archive, in order to execute code on computers of victims opening it with gunzip...
Windows: privilege elevation via NtVdm
A local attacker, on a x86 processor, can use the 16 bit compatibility system, in order to elevate his privileges...
BIND: cache poisoning with NXDOMAIN
A remote attacker can send a malicious DNS NXDOMAIN reply, in order to poison the cache of a server with DNSSEC enabled...
BIND: cache poisoning with DNSSEC
A remote attacker can send a malicious DNS request/reply, in order to poison the cache of a recursive server with DNSSEC enabled...
WebSphere AS 6.1.0: several vulnerabilities
Several vulnerabilities of WebSphere AS can be used to attack the service...
Linux kernel: denial of service via do_mremap
A local attacker can call the mmap()/mremap() system call, in order to stop the system...
Sun Web Server: memory corruption via TRACE
An attacker can use the HTTP TRACE method, in order to overwrite or to read the memory content...
IBM WebSphere MQ 7.0.1: several vulnerabilities
Several vulnerabilities of WebSphere MQ can be used by an attacker to obtain information, to create denial of service or to attack the service...
IBM WebSphere MQ 6.0.2: several vulnerabilities
Several vulnerabilities of WebSphere MQ can be used by an attacker to obtain information, to create denial of service or to attack the service...
Linux kernel: memory corruption via FASYNC
A local attacker can use an asynchronous file descriptor, in order to corrupt the kernel memory, which generates a denial of service or leads to code execution...
GNOME: second screen non locked
After unplugging and plugging back a second screen, it is not locked by GNOME ScreenSaver...
IE: code execution via createEventObject
An attacker can invite the victim to display a malicious HTML page, in order to execute code on his computer...
Domino: denial of service via LDAP
An attacker can send a malicious LDAP query, in order to stop Lotus Domino...
Linux kernel: denial of service via ipv6_hop_jumbo
An attacker an use an IPv6 packet with an Hop-by-Hop header in order to stop the kernel...
TYPO3: authentication via OpenID
An attacker, who knows the OpenID identity of a TYPO3 user, can authenticate under his account...
Bouncy Castle JCE: timing attack
An attacker can measure the computation time of Bouncy Castle JCE, in order to obtain potentially sensitive information...
OpenSSL: memory leak of CRYPTO_cleanup_all_ex_data
An attacker can generate a memory leak in some applications using the OpenSSL CRYPTO_cleanup_all_ex_data() function...
Sun Identity Manager: privilege elevation
A local or remote attacker can obtain administrator privileges via Sun Identity Manager...
Solaris 10: privilege elevation via Trusted Extensions
When Solaris Trusted Extensions are enabled, a local attacker can elevate his privileges...
Linux kernel: altering ebtables
When Linux is used in Bridge mode, with an ebtables mode, a local attacker can modify rules...
NetBSD: denial of service via mount_get_vfsops
A local attacker can mount a VFS filesystem, in order to stop the kernel...
Zope 2: Cross Site Scripting via standard_error_message
An attacker can generate a Cross Site Scripting in the error template of Zope version 2...
TYPO3: vulnerabilities of extensions
An attacker can use several vulnerabilities of TYPO3 extensions in order to generate a Cross Site Scripting or to inject SQL code...
Oracle WebLogic: several vulnerabilities of January 2010
Several vulnerabilities of WebLogic are corrected by the CPU of January 2010...
Oracle Application Server: several vulnerabilities of January 2010
Several vulnerabilities of Oracle Application Server are corrected by the CPU of January 2010...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 259 260 261 262 263 264 265 266 267 269 271 272 273 274 275 276 277 278 279 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013