The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Quagga Routing Suite: denials of service
Two vulnerabilities in Quagga Routing Suite can be used by an attacker to create a denial of service...
OTRS 2.x: five vulnerabilities
Five vulnerabilities of Open Ticket Request System can be used by an attacker to create a denial of service or to obtain information...
OTRS 2.4: four vulnerabilities
Four vulnerabilities of Open Ticket Request System can be used by an attacker to create a denial of service or to obtain information...
OTRS 2.3: six vulnerabilities
Six vulnerabilities of Open Ticket Request System can be used by an attacker to create a denial of service or to obtain information...
OTRS 2.3: command injection
An attacker can use a malicious email address, in order to inject a shell command in OTRS...
OTRS 3.0: three vulnerabilities
Several vulnerabilities of Open Ticket Request System can be used by an attacker to create a denial of service or to obtain information...
Linux kernel: buffer overflow of IrDA
An attacker with a physical access can send malicious IrDA data, in order to create an overflow in the Linux kernel, leading to a denial of service or to code execution...
Linux kernel: denial of service via PaX
When the PaX patch is installed on the Linux kernel, a local attacker can generate an infinite loop...
Wireshark: buffer overflow via pcap-ng
An attacker can invite the victim to open a malicious pcap-ng file with Wireshark, in order to create an overflow, which leads to a denial of service and possibly to code execution...
PHP 5.3: denials of service
Several PHP vulnerabilities can be used by an attacker to create a denial of service...
Linux kernel: buffer overflow of ROSE
A local or remote attacker can use several ROSE vulnerabilities, in order to stop the kernel, or to execute code...
Linux kernel: memory reading via netfilter
A local attacker with the CAP_NET_ADMIN capability can read bytes coming from the kernel memory...
Novell NetWare: buffer overflow of NWFTPD DELE
An attacker can generate a buffer overflow in the FTP service of NetWare, in order to create a denial of service, and possibly to execute code...
MaraDNS: denial of service via labels
An attacker can send a special DNS packet, in order to stop MaraDNS...
Apache HttpComponents HttpClient: obtaining proxy password
When HttpClient connects to a proxy requiring an authentication, the login and password are sent to the remote server...
Linux kernel: memory corruption via via AudioScience HPI
A local attacker, who is member of the audio group, can use an ioctl, in order to corrupt the kernel memory, which stops it, and may lead to code execution...
Pure-FTPd: command injection with STARTTLS
Even when the FTP client checks the TLS certificate of the server, an attacker can inject commands in the session...
PHP: buffer overflow via precision
An attacker can create a PHP script changing the precision of floating point numbers, in order to create an overflow, leading to a denial of service and possibly to code execution...
Xen: denial of service via arch_set_info_guest
A local attacker in a x86 64 bit guest can change the mode of a VCPU, in order to stop the Xen host...
glibc: corruption of mtab via RLIMIT_FSIZE
A local attacker can use the RLIMIT_FSIZE limit, in order to corrupt the /etc/mtab file...
Asterisk: denials of service
A remote attacker can use two vulnerabilities of Asterisk, in order to stop it...
acpid: denial of service via socket
A local attacker can connect to the acpid socket, in order to create a denial of service...
MIT krb5: double memory free in KDC via PKINIT
When PKINIT is enabled, an attacker can send a malicious query to the MIT krb5 KDC, in order to stop it or to execute code...
Linux kernel: memory reading via an OSF partition
A local attacker can insert a device with a malicious OSF partition, in order to obtain values coming from the kernel memory...
TYPO3: vulnerabilities of Direct Mail
An attacker can generate a Cross Site Scripting or inject SQL data in the TYPO3 Direct Mail (direct_mail) extension...
Adobe Flash, Reader: code execution
An attacker can invite the victim to display a malicious Flash document, or a PDF document containing malicious Flash data, in order to execute code on his computer...
Linux kernel: memory disclosure via TPM
A local attacker can use TPM features, in order to read a fragment of the kernel memory...
PHP: format string in Phar
An attacker can provide a malicious Phar archive, in order to create a format string attack, leading to a denial of service or to code execution...
SAP Netweaver: Cross Site Scripting of HelperServlet
An attacker can use the HelperServlet script of SAP Netweaver, in order to generate a Cross Site Scripting...
Check Point Endpoint: privilege elevation
A local attacker can use a vulnerability of Check Point Endpoint Security Client, Endpoint Connect or SSL Network Extender, in order to gain privileges of the Windows system...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 296 297 298 299 300 301 302 303 304 306 308 309 310 311 312 313 314 315 316 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022