The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Joomla: several vulnerabilities
An attacker can use several Joomla vulnerabilities, in order to obtain information, to create Cross Site Scripting or to gain an access...
Linux kernel: reuse of CIFS session
A local attacker can reuse the CIFS session of another user, in order to access to his data...
WebSphere AS: access via LocalOS/RACF
When WebSphere Application Server is installed on z/OS, an attacker can use a vulnerability of System Authorization Facility, in order to access to applications...
Microsoft Host Integration Server: denials of service
An attacker can send malformed SNA packets (on TCP/UDP) to Microsoft Host Integration Server, in order to stop it...
Linux kernel: denial of service via EFI
An attacker can mount a device with a malicious EFI partition, in order to stop the system...
Linux kernel: denial of service via bonding
An attacker can send network packets to an interface using a "bonding", in order to stop the system...
HP NNMi: two vulnerabilities
An attacker can obtain information or create a Cross Site Scripting in HP Network Node Manager i...
Microsoft HTML Help: buffer overflow
An attacker can invite the victim to open a malicious CHM file with Microsoft HTML Help, in order to execute code...
BlackBerry Enterprise Server: Cross Site Scripting via Web Desktop Manager
An attacker can generate a Cross Site Scripting in the BlackBerry Web Desktop Manager component...
LibTIFF: two vulnerabilities
An attacker can invite the victim to open a malicious TIFF image, in order to generate a denial of service or to execute code in applications linked to LibTIFF...
Windows: multiple vulnerabilities of Win32k.sys
A local attacker can use several vulnerabilities of Win32k.sys, in order to create a denial of service or to elevate his privileges...
Windows: code execution via WordPad Text Converter
An attacker can invite the victim to open a malicious Word 97 document with WordPad, in order to execute code...
Windows: privilege elevation via CFF
An attacker can use an OpenType Compact Font Format font, in order to obtain system privileges...
Windows, IE: code execution via JScript/VBScript
An attacker can invite the victim to see an HTML page containing JScript/VBScript code, in order to execute code with user's privileges...
Windows: code execution via LLMNR
An attacker on the local network can send malicious LLMNR packets, in order to execute code in Windows DNS clients...
Windows: code execution via GDI EMF
An attacker can create a malicious EMF image in order to execute code when it is displayed...
Microsoft .NET: code execution
An attacker can invite the victim to execute a malicious .NET application, or to visit a malicious XBAP site, in order to execute code on his computer...
IE: vulnerabilities of several ActiveX
Several ActiveX can be used by a remote attacker to generate a denial of service or to execute code...
Office: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with Microsoft Office, in order to execute code on his computer...
PowerPoint: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with PowerPoint, in order to execute code on his computer...
Excel: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with Excel, in order to execute code on his computer...
Windows: code execution via SMB Transaction
An attacker can connect to the SMB/CIFS server of Windows, in order to generate a denial of service or to execute code on the computer...
Windows: code execution via SMB
An attacker can invite the victim to connect to a malicious SMB server, in order to execute code on his computer...
Internet Explorer: multiple vulnerabilities
An attacker can invite the victim to display a malicious site with Internet Explorer, in order to execute code on his computer...
OTRS: Cross Site Scripting
An attacker can generate several Cross Site Scripting in OTRS, in order to execute JavaScript code in the web browser of visitors...
SAP: several vulnerabilities
Several vulnerabilities were announced in SAP products...
Linux kernel: denial of service via SCTP INIT
A local attacker can send a special SCTP INIT/INIT-ACK packet, in order to stop the kernel...
Linux kernel: memory reading via OCFS2
A local attacker can write and then read from an OCFS2 filesystem, in order to obtain fragments of kernel memory...
VLC: buffer overflow via MP4
An attacker can invite the victim to open a malicious MP4 file with VLC, in order to execute code on his computer...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 299 300 301 302 303 304 305 306 307 309 311 312 313 314 315 316 317 318 319 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022