The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Lotus Notes: seven vulnerabilities
An attacker can invite the victim to open a malicious document with Lotus Notes, in order to create a denial of service or to execute code...
Xen: buffer overflow via libxc
An attacker can use a malicious kernel image in order to create a denial of service or to execute code...
Dovecot: denial de service via names mail header
An attacker can send a mail with a malicious "names" mail header in order to create a denial of service...
Cisco IOS XR: denial of service via SPA Interface Processor
A remote attacker can send a malicious IPv4 packet to a router Cisco 12000 IOS XR with a Shared Port Adapters Interface Processor in order to restart it...
Cisco IOS XR: denial of service via IPv4
A remote attacker can send a malicious IPv4 packet on a Cisco IOS XR in order to create a denial of service...
Cisco IOS XR: denial of service via SSH
An unauthenticated attacker can use a SSHv1 connection to Cisco IOS XR, in order to create a denial of service...
Lotus Notes: memory corruption via Excel
An attacker can invite the victim to preview a malicious Excel file with Lotus Notes, in order to create a denial of service or to execute code...
PHP: buffer overflow via socket_connect
An attacker can employ the PHP socket_connect() function, to lead a stack overflow, in order to create a denial of service or to execute code...
Ruby: memory corruption via BigDecimal
When an attacker can force a Ruby application to use a large BigDecimal on a 64 bit computer, he can corrupt the memory of the application, in order to stop it, or to execute code...
Ruby: Cross Site Scripting via WEBrick
An attacker can invite the victim to display a malicious web document, in order to create a Cross Site Scripting in web sites developed with Ruby WEBrick...
SAP: several vulnerabilities
Several vulnerabilities were announced in SAP products...
phpMyAdmin: two vulnerabilities
An attacker can use two vulnerabilities of phpMyAdmin, in order to create a Cross Site Scripting, or to redirect the victim to another site...
Apache APR, httpd: denial of service via apr_fnmatch
An attacker can create an infinite loop in applications using the apr_fnmatch() function of APR...
QEMU-KVM: privilege escalation via acpi_piix4
A local attacker located in a QEMU-KVM guest system can remove a PCI non-hotpluggable device to create a denial of service, or to execute code with kernel privileges...
OpenSSL, OpenLDAP, Cyrus-SASL: privilege escalation via setuid/dump
An attacker can use applications linked to OpenSSL, OpenLDAP and Cyrus-SASL libraries, in order to elevate his privileges or to overwrite a file...
Cisco Unified Operations Manager: five vulnérabilities
An attacker can use five vulnerabilities of Cisco Unified Operations Manager, in order to access data or to inject SQL code...
libwww-perl: man-in-the-middle via SSL
An attacker can be positioned in Man-in-the-middle, between an application using libwww-perl and a server, in order to read or modify the data exchanged...
Opera: memory corruption via FRAMESET
An attacker can create an HTML document a malicious FRAMESET tag, leading to a denial of service or to code execution...
Linux kernel: denial of service via ip_expire/icmp_send
A network attacker can use a malicious request in order to create a denial of service...
OpenSSL: information disclosure via ECDSA
When a TLS server uses ECDSA authentication, an attacker can obtain the server's private key...
MySQL: several denials of service
A local attacker can use several malicious queries, in order to stop MySQL...
Tomcat: ignored ServletSecurity annotation
An attacker can access to HTTP methods which should be blocked by ServletSecurity annotations...
Joomla: SQL injection via DOCman
An attacker can inject SQL requests via DOCman extension...
Debian: denial of service via nbd-server
A network attacker can create a denial of service via nbd-server...
Vmware vSphere: privilege escalation via vMA
A local attacker can use the command vmatargetcon, to gain root privileges...
IBM Informix Dynamic Server: access to librpc.dll via ISM
A network attacker can spoof UDP packets, in order to alter RPC services of IBM Informix Storage Manager, or to obtain information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 303 304 305 306 307 308 309 310 311 313 315 316 317 318 319 320 321 322 323 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1069