The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: denial of service in iov_iter_advance
A malicious SMB/CIFS server can use the CountHigh field, in order to stop the CIFS client of the Linux kernel...
PHP: double free of SplObjectStorage
When a PHP application unserializes malicious SplObjectStorage data, a double memory free occurs, and can lead to code execution...
LibTIFF: several vulnerabilities
An attacker can invite the victim to open a malicious TIFF image, in order to generate a denial of service or to execute code in applications linked to LibTIFF...
Trend Micro InterScan Web Security: five vulnerabilities
Five vulnerabilities of Trend Micro InterScan Web Security Virtual Appliance can be used by an attacker to read/alter information or to execute code...
Linux kernel: denial of service via current_clocksource
When the kernel is compiled without GENERIC_TIME, a local attacker can access to current_clocksource, in order to stop the kernel...
Thunderbird: several vulnerabilities
Several vulnerabilities of Thunderbird can be used by an attacker to execute code on victim's computer...
Firefox, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox and SeaMonkey can be used by an attacker to execute code on victim's computer...
SquirrelMail: port scan via Mail Fetch
An attacker authenticated on SquirrelMail can use the Mail Fetch plugin, in order to scan ports of computers reachable from the server...
libtiff: two vulnerabilities
An attacker can invite the victim to open a malicious TIFF image, in order to execute code in applications linked to libtiff...
Opera: ten vulnerabilities
An attacker can invite the victim to display a malicious site with Opera, in order to execute code on his computer...
WebSphere AS 6.1: five vulnerabilities
An attacker can obtain information or generate a denial of service via Websphere Application Server...
WebSphere AS 7: eleven vulnerabilities
An attacker can use several vulnerabilities of WebSphere Application Server...
Spring Framework: code execution
An attacker can use a malicious url, in order to force the Spring Framework to load a JAR file containing code to execute...
CUPS: several vulnerabilities
Several vulnerabilities of CUPS can be used by an attacker to create a denial of service, to obtain information, or to execute code...
Novell Netware: buffer overflow of CIFS.NLM
An attacker can generate a buffer overflow in the CIFS service of Netware, in order to create a denial of service, and possibly to execute code...
Linux kernel: file reading on XFS
On an XFS filesystem, when a file is in write-only mode, a local attacker can use the SWAPEXT ioctl, in order to read the file...
SAP NetWeaver: vulnerability of SAP J2EE Telnet
An attacker can replay authentication data of the SAP J2EE Telnet Administration Console...
Samba: buffer overflow of chain_reply
An unauthenticated attacker can send a malicious SMB query, in order to generate a buffer overflow in Samba, leading to a denial of service or to code execution...
JBoss AS: Cross Site Request Forgery of JMX Console
When the administrator is logged on the JMX Console of JBoss AS, an attacker can invite him to display a malicious web page, in order to automatically deploy a WAR file via the DeploymentFileRepository MBean...
Linux kernel: denial of service of tty_fasync
A local attacker can generate an inter-blocking in tty_fasync(), in order to stop the system...
XnView: buffer overflow via MBM
An attacker can invite the victim to open a malicious MBM document with XnView, in order to execute code on his computer...
Python: buffer overflows of audioop
An attacker can generate several buffer overflows in the audioop module of Python, in order to create a denial of service or to execute code...
Linux kernel: ACL change on btrfs
On a btrfs filesystem, a local attacker can change ACLs of a file belonging to another user...
libtiff: integer overflow of FAX3
An attacker can invite the victim to open a malicious compressed TIFF image in format FAX3, in order to execute code in applications linked to libtiff...
Apache https: data reading via mod_proxy_http
When mod_proxy_http is used on Netware, OS2 or Windows, an attacker can obtain documents belonging to the session of another user...
Xen: denial of service on ia64
When Linux Xen is used on an ia64 processor, a local attacker can generate a denial of service...
Adobe Flash Player: several vulnerabilities
Several Adobe Flash Player vulnerabilities can be used by an attacker to execute code or to create a denial of service...
Windows, IE: command execution via hcp
An attacker can invite the victim to visit a web page calling the Windows Help Centre, in order to execute a command on his computer...
Wireshark: several vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 271 272 273 274 275 276 277 278 279 281 283 284 285 286 287 288 289 290 291 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1047