The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: denial of service via NFS
An attacker can truncate a NFS file, in order to stop the kernel, and possibly to execute code...
libpng: denial of service during the decompression
An attacker can create an extremely compressed image, and invite the victim to open it with libpng, in order to generate a denial of service on his computer...
Apache httpd: denials of service of of modules
An attacker can generate a denial of service in mod_proxy_ajp and mod_isapi modules of Apache httpd...
Lotus Domino: Cross Site Scripting of help
An attacker can invite the victim to display a malicious url, in order to execute JavaScript code in the context of the Lotus Domino server...
EMC NetWorker, IBM Informix: vulnerabilities of librpc.dll
An attacker can connect to the RPC service of EMC NetWorker and IBM Informix, in order to execute code...
Opera: two vulnerabilities
Two vulnerabilities were announced in Opera. The first one can be used to inject data in a TLS session...
TYPO3: SQL injection in Calendar Base
An attacker can inject SQL queries in the Calendar Base extension of TYPO3...
Lotus iNotes: 2 vulnerabilities
Two vulnerabilities were announced in Lotus iNotes (DWA, Domino Web Access)...
Linux kernel: denial of service via DVB
An attacker can send a malformed DVB/MPEG2-TS frame, in order to block the system...
Windows, IE: execution of HLP code via VBScript
An attacker can invite the victim to press the F1 key from Internet Explorer, in order to execute code on his computer...
FreeBSD: denial of service via SCHED_ULE
When the SCHED_ULE scheduler is used, a local attacker on a multiprocessor system can block FreeBSD...
PHP: several vulnerabilities
An attacker can use several vulnerabilities of PHP in order to bypass file access restrictions...
AIX 5.3: denial of service via LDAP
A local attacker may forbid the access to users authenticated by LDAP...
Asterisk: bypassing ACLs
An attacker, who is normally blocked by ACLs, can send SIP INVITE messages to Asterisk...
GNU M4: file modification via dist and distcheck
When the dist and distcheck targets of GNU M4 are used, a local attacker can alter a file...
Adobe Flash, Reader: software installation
The Adobe Download Manager product can be used to install an unwanted software...
vixie-cron: changing timestamp
A local attacker can use vixie-cron to reset a file modification time...
Linux kernel: executable page on Sparc
On a Sparc processor, memory pages tagged as non executable are actually executable...
Linux kernel: denial of service via automount
A local attacker can use automount, in order to generate a denial of service...
Avast: privilege elevation via aavmker4.sys
A local attacker can corrupt the memory of the aavmker4.sys driver, in order to generate a denial of service or to execute code...
sudo: group elevation
When the /etc/sudoers file contains "runas_default", a local attacker can execute a command with privileges of root's groups...
sudo: privilege elevation via sudoedit
A local attacker, allowed to execute sudoedit, can execute commands with root privileges...
TYPO3: four vulnerabilities
An attacker can use four vulnerabilities of TYPO3, in order to obtain information, to create a Cross Site Scripting, or to bypass the authentication...
Linux kernel: denial of service via RTO
When a Linux 2.6.32.x system proposes a TCP service, an attacker can force an error in the computation of the RTO (Retransmission Timeout), which overloads the system...
Linux kernel: denial of service via Intel HD Audio
On a system with an Intel HD Audio compatible device, a local attacker can generate a division by zero...
Asterisk: unwanted call
An attacker can use SIP, in order to inject numbers to call via the Dial() function...
Symantec AV, Norton AV: several vulnerabilities
Three vulnerabilities of Symantec and Norton products can be used by an attacker to disable the antivirus or to execute code...
Linux kernel: denial of service via GRE/Tunnel
When the system starts, an attacker can send a tunneled packet, in order to stop the system...
Firefox, SeaMonkey, Thunderbird: several vulnerabilities
Several vulnerabilities of Firefox, SeaMonkey and Thunderbird can be used by an attacker to execute code on victim's computer...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 263 264 265 266 267 268 269 270 271 273 275 276 277 278 279 280 281 282 283 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1012