The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco Wireless LAN Controller: several vulnerabilities
Seven vulnerabilities of Cisco Wireless LAN Controller can be used by an attacker to create a denial of service, to alter the configuration or escalate his privileges...
Firefox 3.5, Thunderbird 3.0, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox 3.5, Thunderbird 3.0 and SeaMonkey can be used by an attacker to execute code on victim's computer...
Firefox 3.6, Thunderbird 3.1: several vulnerabilities
Several vulnerabilities of Firefox 3.6, Thunderbird 3.1 can be used by an attacker to execute code on victim's computer...
Horde: Cross Site Scripting
An attacker can use a feature of the Horde Application Framework in order to generate a Cross Site Scripting in Horde...
Sudo: vulnerability of Runas group
When sudo calls some programs, a local attacker can use the "Runas group" feature, in order to elevate his privileges...
Adobe Flash Player: data disclosure via "Settings Manager"
An attacker can do a Man in The Middle attack to access FlashPlayer data via the "Settings Manager" application...
Linux kernel: memory disclosure via xfs_ioc_fsgetxattr
An attacker can use the XFS_IOC_FSGETXATTR IOCTL of the XFS driver in order to read kernel data...
Squid: denial of service
An attacker can send malicious packets, in order to stop the Squid proxy...
Zope: denial of service
A remote attacker can access a private page of a Plone website, in order to create a denial of service...
Linux kernel: denial of service via KEYCTL_SESSION_TO_PARENT
An attacker can use keyctl(KEYCTL_SESSION_TO_PARENT) in order to stop the kernel...
HP Operations Agent: two vulnerabilities
Two vulnerabilities of HP Operations Agent running on Windows can be used by an attacker to elevate his privileges or to execute code...
TYPO3: vulnerabilities of extensions
An attacker can use several vulnerabilities of TYPO3 extensions in order to execute code, to generate a Cross Site Scripting or to inject SQL code...
phpMyAdmin: Cross Site Scripting via backtrace
An attacker can use backtrace features to generate a Cross Site Scripting in phpMyAdmin...
Apple QuickTime ActiveX: code execution via _Marshaled_pUnk parameter
An attacker can use the _Marshaled_pUnk parameter of QuickTime ActiveX in order to execute code...
Linux kernel: denial of service irda_bind
An attacker can use irda_bind() in order to stop the kernel...
NetWare 6.5: buffer overflow of SSHD.NLM
An authenticated attacker can generate a buffer overflow in the SSHD service of Netware, in order to create a denial of service, and possibly to execute code...
Linux kernel: memory disclosure via ioctl_standard_iw_point
An attacker can use ioctl SIOCxxx in order to read kernel data...
IBM DB2: three vulnerabilities
An attacker can use several vulnerabilities of IBM DB2, in order to modify data or to create a denial of service...
Cisco IOS XR: BGP vulnerability
An attacker can send a BGP prefix with transitive attribute to generate a denial of service...
WebSphere AS: vulnerability of JAX-WS TimeStamps
The runtime Java API for XML Web Services (JAX-WS) does not correctly process TimeStamps in the WS-SecurityPolicy specification...
NetBSD: memory disclosure via venus_ioctl and coda_ioctl
An attacker can use the CODA ioctl in order to read kernel data...
SSSD: connexion without password
An attacker can connect via SSSD and LDAP with an account without knowing the password...
HP-UX: privilege elevation using Software Distributor
A local attacker can elevate his privileges using Software Distributor...
AIX: buffer overflow of ftpd
An attacker can use the NLST command in order to execute code...
Cisco Unified Communications Manager: denials of service
An attacker can use SIP messages, in order to generate denials of service on Cisco Unified Communications Manager...
Adobe Shockwave Player: several vulnerabilities
Several Adobe Shockwave Player vulnerabilities permit to generate a denial of service or to execute code...
Squid: denial of service via DNS
An attacker can send DNS packets with TC flag, in order to stop the Squid proxy...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 277 278 279 280 281 282 283 284 285 287 289 290 291 292 293 294 295 296 297 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013