The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Adobe Shockwave Player: several vulnerabilities
Several Adobe Shockwave Player vulnerabilities can be used by an attacker to execute code or to create a denial of service...
Adobe Reader, Acrobat: several vulnerabilities
Several Adobe Reader/Acrobat vulnerabilities can be used by an attacker to execute code or to create a denial of service...
Adobe LiveCycle: two vulnerabilities
An attacker can use two vulnerabilities of Adobe LiveCycle, in order to create a class or to create a denial of service...
Internet Explorer: code execution via VML
An attacker can invite the victim to display a malicious VML image, in order to execute code on his computer...
Windows: Cross Site Scripting of AD Certificate Services Web Enrollment
An attacker can generate a Cross Site Scripting in the Active Directory Certificate Services Web Enrollment web site, in order to execute script code in the context of victim's web browser...
Internet Explorer: multiple vulnerabilities
An attacker can invite the victim to display a malicious site with Internet Explorer, in order to execute code on his computer...
SQL Server, InfoPath, Visual Studio: information disclosure
An attacker can invite the victim to open a Web Service Discovery file, in order to obtain information...
Windows: denial of service via SMB
An unauthenticated attacker can send a special SMB packet in order to stop the system...
Windows 2008 Hyper-V: denial of service via VMBus
An attacker, who is inside a guest system, can send a malicious VMBus packet, in order to stop Hyper-V...
Windows: privilege elevation via AFD
A local attacker can create an error in Ancillary Function Driver in order to execute code with system privileges...
Excel: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with Excel, in order to execute code on his computer...
Microsoft .NET: code execution
An attacker can invite the victim to execute a malicious .NET application, or to visit a malicious XBAP site, in order to execute code on his computer...
Windows: code execution via SMB
An attacker can invite the victim to connect to a malicious SMB server, in order to execute code on his computer...
Windows: two vulnerabilities of DFS
An attacker can use two vulnerabilities of DFS, in order to execute code or to create a denial of service...
Windows: code execution via OpenType
An attacker can invite the victim to display a malicious OpenType font located on a network share, in order to execute system code on his 64 bit computer...
Microsoft Forefront TMG 2010 Client: code execution
An attacker can invite the victim to send malicious queries via Microsoft Forefront Threat Management Gateway 2010 Client, in order to execute code on his computer...
Microsoft .NET: code execution
An attacker can invite the victim to execute a malicious .NET application, or to visit a malicious XBAP site, in order to execute code on his computer...
Windows: code execution via OLE Automation
An attacker can invite the victim to display a malicious WMF image, in order to execute code on his computer...
Windows: script execution via MHTML
An attacker can invite the victim to click on a "mhtml:" link, in order to execute script code on his computer...
TYPO3: vulnerabilities of extensions
An attacker can use two vulnerabilities of TYPO3 extensions in order to inject SQL code...
Linux kernel: four vulnerabilities of Alpha OSF
On an Alpha processor, a local attacker can use OSF/1 system calls, in order to obtain information or to corrupt the memory...
Linux kernel: denial of service via hfs_find_init
A local attacker, who is allowed to mount an HFS filesystem, can stop the system...
PHP: partial filtering of _FILES
When a PHP application allows a file upload, an attacker can use a special file name, which is not correctly filtered...
Mutt: man-in-the-middle via SSL
An attacker can be positioned in Man-in-the-middle, between Mutt and a SMTP server, in order to read or modify the exchanged data...
D-Bus: denial of service via endianness
A local attacker can send a D-Bus message with an invalid endianness, in order to stop the service...
Aastra IP Phone: password disclosure
An attacker can connect to the web service of the Aastra IP Phone, in order to read the user password...
HP OpenView Storage Data Protector: code execution
A remote attacker can use a vulnerability of HP OpenView Storage Data Protector, in order to execute code...
Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
HP LoadRunner: buffer overflow via Virtual User
An attacker can create a malicious Virtual User file, in order to create a buffer overflow in HP LoadRunner, and to execute code...
XScreenSaver: no locking in Blank Screen Only
When XScreenSaver is configured in Blank Screen Only mode, without DPMS, the screen does not lock...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 305 306 307 308 309 310 311 312 313 315 317 318 319 320 321 322 323 324 325 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022