The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Microsoft SharePoint: seven vulnerabilities
An attacker can use several vulnerabilities of SharePoint, in order to create Cross Site Scripting, or to read a file...
Office: two vulnerabilities
An attacker can invite the victim to open a malicious document with Microsoft Office, in order to execute code on his computer...
Excel: multiple vulnerabilities
An attacker can invite the victim to open a malicious document with Excel, in order to execute code on his computer...
Windows: code execution via DLL Preload
An attacker can create a malicious DLL and invite the victim to open a document in the same directory, in order to execute code...
Adobe Reader, Acrobat: several vulnerabilities
Several Adobe Reader/Acrobat vulnerabilities can be used by an attacker to execute code or to create a denial of service...
SAP: several vulnerabilities
Several vulnerabilities were announced in SAP products...
WebSphere AS 7.0: seven vulnerabilities
An attacker can use several vulnerabilities of WebSphere Application Server...
Windows: privilege elevation via WINS ECommEndDlg
When WINS is enabled on a Windows server, a local attacker can send a malicious query, to corrupt the memory, in order to create a denial of service or to execute privileged code...
QEMU: buffer overflow of scsi_disk_emulate_command
A privileged attacker located in a QEMU guest system can use a malicious SCSI command, in order to stop the host service...
FFmpeg: four vulnerabilities
An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer...
Evolution: no TLS encryption of Sent
When the directory of sent messages is stored on a remote server, the session is not encrypted by Evolution, even if the configuration requests it...
Cyrus IMAPd: buffer overflow de NNTP
An attacker can use a malicious NNTP command, in order to create an overflow in the NNTP service of Cyrus IMAPd, which leads to a denial of service or to code execution...
Avast: vulnerabilities
Several vulnerabilities or security problems impact the Avast antivirus...
Wireshark 1.4: two vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code...
Wireshark 1.6: five vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code...
Linux kernel: denial of service via FUSE_NOTIFY_INVAL_ENTRY
A local attacker, who is allowed to mount a FUSE file system, can use a malicious notification, in order to stop the system...
TYPO3: vulnerabilities of extensions
An attacker can use several vulnerabilities of TYPO3 extensions in order to execute code, to generate a Cross Site Scripting or to inject SQL code...
Apple QuickTime: buffer overflow via QuickTimePlayer.dll
An attacker can invite the victim to display a malicious document with Apple QuickTime, in order to create a denial of service, and possibly to execute code...
OpenSSL: denial of service via ECDH
When an application uses an Ephemeral ECDH Cyphersuite, a remote attacker can send messages in an incorrect order, in order to stop it...
OpenSSL: using invalid CRL
In some cases, the OpenSSL internal feature which checks certificates accepts invalid CRL...
PL/SQL Developer: privilege elevation
In some cases, PL/SQL Developer does not correctly process an Oracle privilege, so an attacker can obtain this privilege...
Ingres Database: buffer overflow via IIPROMPT
When Ingres Database is installed on Windows, an attacker can generate an overflow, in order to execute code...
McAfee GroupShield, Symantec Enterprise Vault: three vulnerabilities of Oracle Outside In
Three vulnerabilities of the Oracle Outside In module impact McAfee GroupShield and Symantec Enterprise Vault...
rsyslog: buffer overflow via TAG
An attacker who is allowed to send a message to the rsyslog daemon can generate an overflow of two bytes, in order to create a denial of service...
IBM WebSphere AS CE: vulnerability of Tomcat Webdav Servlet
A vulnerability of the Tomcat Webdav Servlet implementation impacts WebSphere Application Server Community Edition...
Opera: two vulnerabilities
An attacker can invite the victim to display a malicious site with Opera, which appears as secured...
Xen: denial of service via __addr_ok
An attacker, who is administrator in a Xen guest system, can use some hypercalls, in order to stop the host system...
Xen: denial of service via SAHF
An attacker in a Xen guest system can call the SAHF instruction, in order to stop the system...
Apache Tomcat: injection of AJP messages
A remote attacker can inject AJP messages, in order to bypass the authentication or IP address restrictions, to access to a private document or application...
IE, Firefox, SeaMonkey, Opera: revokation of DigiNotar root certificate
Due to an error in the procedure of the DigiNotar certification authority, web browsers revoked its root certificate...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 313 314 315 316 317 318 319 320 321 323 325 326 327 328 329 330 331 332 333 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020