The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
2 MySQL: privilege elevation via replication
A local attacker with an access to a primary MySQL server can execute SQL code on a secondary SQL server in a superior version...
2 Linux kernel: denial of service via sctp_asoc_get_hmac
An attacker can invite the victim to connect to a malicious SCTP service, in order to stop his computer...
2 Subversion mod_dav_svn: access via SVNPathAuthz short_circuit
When the SVNPathAuthz directive is configured to "short_circuit", some access rules of mod_dav_svn are not honored...
2 FreeRADIUS: denials of service
An attacker can use two denials of service, in order to stop FreeRADIUS...
3 IBM DB2 9.5: thirteen vulnerabilities
An attacker can use thirteen vulnerabilities of IBM DB2, in order to alter data, to create a denial of service, or to execute code...
2 ProxySG: Cross Site Scripting
An attacker can use a Cross Site Scripting of ProxySG, in order to force the execution of CLI commands by the administrator...
2 APR-util: denial of service via apr_brigade_split_line
An attacker can use data containing several objects, in order to create a denial of service in applications using the APR-util apr_brigade_split_line() function...
2 Apache XML-RPC: file access via XML entities
An attacker can provide XML data using an external entity, in order to access to the content of a file or to create a denial of service...
1 Linux kernel: denial of service via OCFS2
A local attacker can mount a malicious OCFS2 filesystem, in order to stop the kernel...
3 libtiff: memory corruption via Scanline
An attacker can invite the victim to open a malicious JPEG/TIFF image, in order to generate a denial of service or to execute code in applications linked to libtiff...
2 PGP Desktop: code execution via DLL Preload
An attacker can use a malicious tsp.dll/tvttsp.dll DLL in order to execute code in PGP Desktop...
3 IBM TSM: several vulnerabilities of FastBack
A remote attacker can use several vulnerabilities of IBM Tivoli Storage Manager Fastback, in order to create a denial of service or to execute code...
2 IIS: execution of uploaded file
An attacker, allowed to create directories and to upload files on the web site, can execute ASP code...
2 Linux kernel: memory corruption via snd_ctl_new
A local attacker can use the SNDRV_CTL_IOCTL_ELEM_ADD and SNDRV_CTL_IOCTL_ELEM_REPLACE ioctls, in order to corrupt the memory, which leads to a denial of service or to code execution...
1 MySQL: several denials of service
A local attacker can use several malicious queries, in order to stop MySQL...
2 SAP Management Console: denials of service
A network attacker can send a malicious query, in order to stop the SAP Management Console...
2 BIND: access to the cache
An attacker, denied by an ACL, can use the recursion in order to access to the BIND cache...
2 Horde: five vulnerabilities
An attacker can generate several Cross Site Scripting and a Cross Site Request Forgery in Horde applications...
3 FFmpeg libavcodec: memory corruption via FLIC
An attacker can create a malicious FLI/FLC video, and invite the victim to display it with an application linked to FFmpeg libavcodec, in order to execute code on his computer...
1 Linux kernel: memory reading via PKT_CTRL_CMD_STATUS
A local attacker can use the PKT_CTRL_CMD_STATUS ioctl, in order to read bytes stored in the kernel memory...
3 Openswan: buffer overflow of client via XAUTH Cisco
An attacker can invite the victim to connect to a malicious gateway with XAUTH Cisco, in order to execute code on his computer...
2 Windows: privilege elevation via Window Class
An attacker can use a malicious window class, in order to corrupt the memory, and to gain system privileges...
2 Windows: privilege elevation via keyboard
An attacker can load a malicious keyboard layout, in order to corrupt an array of function pointers, and to gain system privileges...
1 Linux kernel: memory reading via sys_semctl
A local attacker can use the semctl() system call, in order to read bytes stored in the kernel memory...
1 Linux kernel: memory reading via VIAFB_GET_INFO
A local attacker can use the VIAFB_GET_INFO ioctl, in order to read bytes stored in the kernel memory...
1 Linux kernel: memory reading via SNDRV_HDSP_IOCTL
A local attacker can use the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl, in order to read bytes stored in the kernel memory...
1 Linux kernel: memory reading via FBIOGET_VBLANK
A local attacker can use the FBIOGET_VBLANK ioctl, in order to read bytes stored in the kernel memory...
1 Linux kernel: memory reading via TIOCGICOUNT
A local attacker can use the TIOCGICOUNT ioctl, in order to read bytes stored in the kernel memory...
2 Linux kernel: denial of service via sctp_packet_config
A remote attacker can send malicious SCTP packets, in order to stop the system...
1 VMware Player, Workstation: reading of index.html
During the installation of VMware Player and Workstation, an index.html file located in the current directory is displayed...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 280 281 282 283 284 285 286 287 288 290 292 293 294 295 296 297 298 299 300 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 996