The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WebSphere AS 8.5: thirteen vulnerabilities
An attacker can use several vulnerabilities of WebSphere Application Server...
Firefox, Thunderbird, SeaMonkey: several vulnerabilities
Several vulnerabilities of Firefox, Thunderbird and SeaMonkey can be used by an attacker to execute code on victim's computer...
EMC Avamar Client for VMware: obtaining root password
An attacker, who can access to EMC Avamar Client for VMware 6.1, can obtain the root password of Avamar Server...
Xen: denial of service via Kernel/RamDisk Size
An attacker, who is administrator in a guest system, can enlarge the kernel/ramdisk size, in order to create a denial of service on the host system...
Exim: buffer overflow via DKIM
An attacker can send a message to Exim, and then a long DKIM DNS reply, in order to generate a buffer overflow in Exim, leading to a denial of service and possibly to code execution...
Perl: memory corruption via the x operator
When an attacker can modify parameters of the "x" operator of a Perl program, he can obtain a memory fragment, stop the application, or possibly execute code...
Linux kernel: file reading via fallocate on ext4
When an ext4 filesystem is used, a local attacker can call the fallocate() function, in order to read fragments of deleted files...
VLC: denial of service via PNG
An attacker can invite the victim to open a malicious PNG document, in order to stop VLC...
Check Point Security Gateway: denial of service via SYN Flood
When the Check Point Security Gateway firewall receives more than 120 000 TCP SYN packets per second, it consumes numerous CPU resources...
Adobe Shockwave Player: several vulnerabilities
Several Adobe Shockwave Player vulnerabilities can be used by an attacker to execute code or to create a denial of service...
IBM Informix Dynamic Server: memory corruption via DRDA
An attacker can use the DRDA protocol, in order to generate an overflow of one byte in IBM Informix Dynamic Server, leading to a denial of service or possibly to code execution...
HP/3Com Switch, Router: password disclosure via SNMP
An attacker can use the SNMP service, in order to obtain the password of local users on HP/3Com switches/routers...
Linux kernel: memory reading via binfmt_script
A local attacker can use a recursive script, in order to read a fragment of kernel memory, and to obtain potentially sensitive data...
CA ARCserve Backup: two vulnerabilities
An attacker can use two vulnerabilities of CA ARCserve Backup, in order to execute code or to create a denial of service...
AIX: privileged read via ftp
An authenticated attacker can use the ftp client, in order to read files which are read protected...
IBM DB2 9.7: five vulnerabilities
An attacker can use five vulnerabilities of IBM DB2, in order to create a denial of service or to elevate his privileges...
xlockmore: unlocking via dclock
When the screen is locked with the dclock/random mode of xlockmore, it can stop on some systems, so a local attacker can access to user's session...
FFmpeg: three vulnerabilities
An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer...
ModSecurity: bypassing rules with PHP
An attacker can use a special HTTP multipart/form-data query, in order to bypass security rules of ModSecurity...
MySQL: several vulnerabilities of October 2012
Several vulnerabilities of MySQL are corrected by the CPU of October 2012...
Solaris: several vulnerabilities of October 2012
Several vulnerabilities of Solaris are corrected by the CPU of October 2012...
Oracle GlassFish, Sun Java System AS: denial of service via CORBA
An attacker can use a vulnerability of CORBA, in order to create a denial of service in Oracle GlassFish and Sun Java System Application Server...
Oracle Outside In Technology: several vulnerabilities of October 2012
Several vulnerabilities of Oracle Outside In Technology are corrected by the CPU of October 2012...
Oracle Fusion Middleware: several vulnerabilities of October 2012
Several vulnerabilities of Oracle Fusion Middleware are corrected by the CPU of October 2012...
Oracle Database: several vulnerabilities of October 2012
Several vulnerabilities of Oracle Database are corrected by the CPU of October 2012...
JavaFX: three vulnerabilities
An attacker can use several vulnerabilities of JavaFX, in order to obtain information, to alter information, or to create a denial of service...
Java JRE/JDK: several vulnerabilities
Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code...
OTRS Help Desk: Cross Site Scripting via an email
An attacker can send an email to OTRS Help Desk, in order to generate a Cross Site Scripting in the web browser of the victim who reads the message...
Ruby: file creation via IO open
When an attacker can transmit a special file name to a Ruby application, he can use a special character, in order to force the application to create/open another file...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 350 351 352 353 354 355 356 357 358 360 362 363 364 365 366 367 368 369 370 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1023