The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Adobe Flash Player: multiple vulnerabilities
Several vulnerabilities of Adobe Flash Player can be used by an attacker to execute code...
Windows: privilege elevation via USB
A local attacker can insert an invalid USB device, in order to execute code with system privileges...
Microsoft Office Outlook for Mac: loading content
When Microsoft Office Outlook for Mac opens an email, it loads external contents, so the sender can detect if the mail was opened...
Microsoft OneNote: memory reading
An attacker can invite the victim to open a special OneNote file, in order to read the content of the memory of his computer...
Microsoft SharePoint Server 2010: four vulnerabilities
A remote attacker can use four vulnerabilities of Microsoft SharePoint Server 2010, in order to elevate his privileges...
Microsoft Visio Viewer 2010: code execution
An attacker can invite the victim to display a malicious Visio document, in order to execute code on his computer...
Microsoft Silverlight: code execution
An attacker can invite the victim to browse a malicious Microsoft Silverlight site with his web browser, in order to execute code on his computer...
Internet Explorer: multiple vulnerabilities
An attacker can invite the victim to display a malicious site with Internet Explorer, in order to make his computer execute code...
SAP NetWeaver Logviewer: server access
An attacker can use a vulnerability of SAP NetWeaver Logviewer, in order to access to the server...
SAP NetWeaver Classification: file access via SMB Relay
An attacker can use a SMB Relay vulnerability, in order to access to SAP NetWeaver Classification files...
SAP: vulnerability 1789611
An unknown vulnerability was announced in SAP products...
SAP NetWeaver: Cross Site Scripting of Performance Provider
An attacker can trigger a Cross Site Scripting in SAP NetWeaver Performance Provider, in order to execute JavaScript code in the context of the web server...
SAP: vulnerability 1806435
An unknown vulnerability was announced in SAP products...
SAP: vulnerability 1786822
An unknown vulnerability was announced in SAP products...
SAP: vulnerability 1789823
An unknown vulnerability was announced in SAP products...
SAP: vulnerability 1813734
An unknown vulnerability was announced in SAP products...
SAP: vulnerability 1771567
An unknown vulnerability was announced in SAP products...
Linux kernel: bypassing ASLR via sa_restorer
A command which is launched by an exec() function can obtain the memory structure of its parent process, to bypass ASLR, in order to facilitate the development of an attack tool...
Linux kernel: integer overflow of _gem_execbuffer_relocate_slow
A local attacker can trigger an integer overflow in the i915 driver, in order to stop the system, or to execute code...
Squid: buffer overflow via httpMakeVaryMark
An attacker, who is located on both sides of the Squid proxy, can use the HTTP Vary header, in order to trigger a buffer overflow, leading to a denial of service, and possibly to code execution...
Squid: infinite loop via strHdrAcptLangGetItem
An attacker can use a malformed Accept-Language header, in order to trigger an infinite loop in Squid, which leads to a denial of service...
Linux kernel: buffer overflow via SCTP_GET_ASSOC_STATS
A local attacker can use the SCTP_GET_ASSOC_STATS option on a SCTP socket, in order to trigger a buffer overflow in the kernel, which may lead to code execution...
Firefox, Thunderbird, SeaMonkey: memory corruption via nsHTMLEditor
An attacker can execute script code when the nsHTMLEditor class is used, in order to force the usage of a freed memory area, which leads to code execution...
Cisco Prime Infrastructure: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery on Cisco Prime Infrastructure, in order to perform operations with victim's privileges...
HP ServiceCenter: denial of service
A remote attacker can trigger a denial of service in HP ServiceCenter...
linux-user-chroot: file reading via chdir
An attacker can use linux-user-chroot, in order to access to files located in protected directories...
Linux kernel: denial of service via install_user_keyrings
A local attacker can use the keyctl() function, in order to dereference a NULL pointer, which stops the kernel...
Linux kernel: denial of service via DCCP getsockopt
A local attacker can use the getsockopt() function on a DCCP socket, in order to dereference a NULL pointer, which stops the kernel...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 364 365 366 367 368 369 370 371 372 374 376 377 378 379 380 381 382 383 384 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1012