The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Windows Media Player: code execution
An attacker can invite the victim to reload a multimedia document from Internet Explorer or Firefox, in order to execute code on his computer...
Windows: code execution via comctl32.dll and SVG
An attacker can invite the victim to open a malicious SVG image, in order to execute code in comctl32.dll...
Excel: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with Excel, in order to execute code on his computer...
Word: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with Word, in order to execute code on his computer...
Windows: privilege elevation via OpenType
An attacker can use an OpenType Font, in order to obtain system privileges...
Microsoft .NET: code execution via JIT
An attacker can create a malicious .NET application executing code in the JIT compiler...
Windows: code execution via Embedded OpenType Font
An attacker can create a Web or Office document containing a malicious Embedded OpenType Font, and then invite the victim to display it, in order to execute code on his computer...
Windows Media Player: code execution via Network Sharing Service
When Windows Media Player Network Sharing Service is enabled, an attacker can send malicious RTSP data, in order to corrupt the memory, which leads to code execution...
Windows: several vulnerabilities of kernel
Several vulnerabilities of the Windows kernel can be used by a local attacker to create a denial of service or to elevate his privileges...
SharePoint: Cross Site Scripting
An attacker can inject script code in a SharePoint site using the SafeHTML method to filter data...
Internet Explorer: multiple vulnerabilities
An attacker can invite the victim to display a malicious site with Internet Explorer, in order to execute code on his computer...
Opera: five vulnerabilities
An attacker can invite the victim to display a malicious site with Opera, in order to execute JavaScript code on his computer or to read information...
Microsoft Visio 2007: code execution via DLL Preload
An attacker can use a malicious mfc80esn.dll DLL in order to execute code in Microsoft Visio...
ZODB: denial of service on Mac OS X
When Zope Object Database is installed on Mac OS X, an attacker can interrupt the network session, in order to stop the service...
Joomla: Cross Site Scripting
An attacker can use HTML entities, in order to generate a Cross Site Scripting in Joomla...
Samba: denial of service via NetBIOS
An attacker can send a malicious NetBIOS packet, in order to stop Samba...
Windows: buffer overflow de LPC SendRequest
A local attacker can create a buffer overflow in the LPC SendRequest() function, in order to create a denial of service, and possibly to elevate his privileges...
Xpdf: three vulnerabilities
An attacker can create a malicious PDF document leading to a denial of service and possibly to code execution, on computers of users opening it with Xpdf, or its derivatives...
libc, glibc: denial of service via glob
An attacker can use a special file path, in order to force the system to consume a lot of memory resources...
RSA Authentication Client: disclosure of secret keys
When the RSA Authentication Client stores a secret key in an RSA SecurID 800 Authenticator, an attacker can read it...
Linux kernel: memory reading via ipc
A local attacker can use an IPC, in order to read bytes stored in the kernel memory...
MIT krb5: memory corruption via merge_authdata
An attacker can send a TGS ticket request to the MIT krb5 KDC, in order to stop it, and possibly to alter its data or to execute code...
TYPO3: several vulnerabilities
Several vulnerabilities of TYPO3 can be used by an attacker to obtain information, to elevate his privileges, or to create a denial of service...
PostgreSQL: privilege elevation via PL
A local attacker can redefine a function of a procedural language, and use a role changing mechanism, in order to elevate his privileges on PostgreSQL...
Adobe Reader, Acrobat: code executions
An attacker can create a malicious PDF document, in order to execute code on the computer of victims opening this document...
FreeType: integer overflow in FT_Stream_Seek
An attacker can invite the victim to display a malicious character font, with an application linked to FreeType, in order to create a denial of service and possibly to execute code...
Dovecot: incorrect processing of ACLs
In some cases, ACLs defined by the administrator are not honored by Dovecot...
Trend Micro Internet Security: code execution via extSetOwner
An attacker can invite the victim to browse a web page containing the UfPBCtrl.dll ActiveX of Trend Micro Internet Security, in order to execute code on his computer...
MySQL: several denials of service
A local attacker can use several malicious queries, in order to stop MySQL...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 282 283 284 285 286 287 288 289 291 293 294 295 296 297 298 299 300 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102