The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco IP Communicator: two vulnerabilities
An attacker can use two vulnerabilities of Cisco IP Communicator, in order to deceive the victim or to obtain a password...
Cisco Catalyst 37x0, IOS: denial of service via login
An attacker can authenticate quickly, in order to stop the Catalyst 3750 or 3760 switch...
Cisco IOS: denial of service via BGP Update
An attacker can send a special BGP Update packet to Cisco IOS, in order to stop it...
HP ArcSight Connector, Logger: Cross Site Scripting
An attacker can invite the victim to import a malicious file with ArcSight Connector or Logger, in order to execute JavaScript code in his browser...
Cisco IOS: crosstalk via H.323 Multicast MoH
When CUCM (Cisco Unified Communications Manager) is configured with a multicast H.323 music on hold, an attacker can listen to other talks...
WebSphere AS 8.0: five vulnerabilities
An attacker can use several vulnerabilities of WebSphere Application Server...
FreeBSD: denial of service via SCTP
A remote attacker can send a special SCTP packet to FreeBSD, in order to stop the kernel...
HP NNMi: Cross Site Scripting
An attacker can use several Cross Site Scripting of HP Network Node Manager i, in order to execute JavaScript code in the context of the web site...
phpMyAdmin: path disclosure via show_config_errors.php
An attacker can call the show_config_errors.php script of phpMyAdmin, in order to generate an error displaying the installation access path...
IcedTea-Web: memory corruptions
An attacker can use two memory corruptions of IcedTea-Web, in order to stop the web bowser, or to execute code...
Opera: four vulnerabilities
An attacker can invite the victim to display a malicious site with Opera, in order to deceive the victim, to obtain information, or to generate a Cross Site Scripting...
PHP: denial of service via PDO
When an attacker can inject data in a prepared PDO query, he can stop the PHP interpreter...
SPIP: disclosure of the database name
An attacker can generate an error in SPIP, in order to obtain the database name...
NVIDIA UNIX Driver: privilege elevation
A local attacker can use the NVIDIA UNIX driver, in order to write in memory, so he can gain kernel privileges...
NVIDIA UNIX Driver: privilege elevation
A local attacker can use the NVIDIA UNIX driver, in order to write in memory, so he can gain kernel privileges...
Linux kernel: denial of service via sfc
When the system uses a Solarflare network device, a remote attacker can use large TCP data, in order to lock the kernel...
LibreOffice, OpenOffice: buffer overflow via ODF
An attacker can invite the victim to open a malicious ODF document with LibreOffice/OpenOffice, in order to execute code on his computer...
libvirt: denial of service via RPC
A network attacker can send special queries to the libvirtd daemon, in order to stop it, and possibly to execute code...
GNOME vte: denial of service via repetition
An attacker can invite the victim to display a text document with gnome-terminal (GNOME vte), in order to create a denial of service...
MIT krb5: memory corruption via AS-REQ
An attacker can send a malformed AS-REQ message to the MIT krb5 service, in order to stop it, and possibly to execute code...
ICONICS GENESIS32: privilege elevation via Security Configurator
A local attacker can use a vulnerability of ICONICS GENESIS32 and BizViz applications, in order to elevate his privileges...
libxml2: integer overflows
An attacker can send malformed XML data to an application linked to libxml2, in order to stop it, and possibly to execute code...
Spark: decrypting the password
A local attacker, who is allowed to read the "spark.properties" file of a user, can retrieve his password saved in Spark...
Siemens SIMATIC S7-400 V5: denial of service via IP/HTTP
An attacker can send a malformed IP/HTTP packet to a product of the SIMATIC S7-400 V5 PN CPU family, in order to stop it...
Siemens SIMATIC S7-400 V6: denial of service via ICMP
An attacker can send a malformed ICMP packet to a product of the SIMATIC S7-400 V6 PN CPU family, in order to stop it...
ImageMagick: integer overflow via Magick_png_malloc
An attacker can create a malicious PNG image which generates an integer overflow in Magick_png_malloc, leading to a denial of service...
Xen: denial of service via HVM MMIO
An attacker can manipulate MMIO operations in a Xen HVM guest system, in order to stop his guest system...
Linux kernel: memory reading via RDS recv
A local attacker can use the functions recvfrom() and recvmsg() on a RDS socket, in order to obtain a memory fragment from the kernel...
AIX: denial of service via dupmsg
A local attacker can use the dupmsg() system call, in order to stop the kernel...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 342 343 344 345 346 347 348 349 351 353 354 355 356 357 358 359 360 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1005