The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress: Cross Site Scripting of Top 10
An attacker can trigger a Cross Site Scripting in Top 10 of WordPress, in order to execute JavaScript code in the context of the web site...
Linux kernel: use after free via veth
An attacker can use a freed memory area in veth of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
Linux kernel: privilege escalation via scm_set_cred
An attacker can use a suid/sgid application using SCM, in order to escalate his privileges...
Linux kernel: privilege escalation via uid_map
An attacker can edit the content of the /proc/pid/uid_map file of the Linux kernel, in order to escalate his privileges...
Cisco IOS XR: memory leak via SNMP
An attacker can create a memory leak in SNMP of Cisco IOS XR, in order to trigger a denial of service...
Cisco IPS: denial of service via Regex
An authenticated attacker can perform regular expression operations on Cisco IPS, in order to trigger a denial of service...
WordPress: vulnerability of open-flash-chart-core
A vulnerability was announced in Open Flash Chart of the open-flash-chart-core plugin of WordPress...
McAfee ePO: directory traversal
An unauthenticated attacker can upload a file outside the root of the storage directory of McAfee ePO, in order for example to put a Trojan Horse on the system...
McAfee ePO: SQL injection
An unauthenticated attacker can use a SQL injection in Agent-Handler of McAfee ePO, which leads to code execution with system privileges...
Linux kernel: multiple vulnerabilities of user namespaces
An attacker can use several vulnerabilities of user namespaces of the Linux kernel...
Linux kernel: denial of service via EXT4_ORPHAN_FS
An attacker can mount an ext4 filesystem with no journal and using an orphan extend, to create an infinite loop in the Linux kernel, in order to trigger a denial of service...
VMware vCenter Server: multiple vulnerabilities
An attacker can use several vulnerabilities of VMware vCenter Server...
Joomla: Cross Site Scripting of ALFContact
An attacker can trigger a Cross Site Scripting in ALFContact of Joomla, in order to execute JavaScript code in the context of the web site...
F-Secure Anti-Virus: SQL execution via an ActiveX
An attacker can invite the victim to display a malicious web site with Internet Explorer, to load an ActiveX installed by F-Secure Anti-Virus, in order to execute SQL queries on ODBC drivers...
Joomla: multiple vulnerabilities
An attacker can use several vulnerabilities of Joomla...
Cisco ASA: privilege escalation via vpnclient
A local attacker can use the vpnclient command of Cisco ASA 5505, in order to escalate his privileges...
WordPress: Cross Site Scripting of WP Super Cache
An attacker can trigger a Cross Site Scripting in WP Super Cache of WordPress, in order to execute JavaScript code in the context of the web site...
WordPress: privilege escalation via W3 Super Cache
An attacker can inject PHP code in W3 Super Cache of WordPress, in order to escalate his privileges...
phpMyAdmin: PHP code execution
An authenticated attacker can use two vulnerabilities of phpMyAdmin, in order to execute PHP code...
HP Data Protector: privilege escalation
A local attacker can use a vulnerability of HP Data Protector, in order to escalate his privileges...
ClamAV: vulnerabilities of PE, PDF and SIS
An attacker can use several vulnerabilities of ClamAV, in order to trigger a denial of service or to execute code...
SAP NetWeaver: privilege escalation via OpenText/IXOS ECM
An attacker can inject ABAP code via the OpenText/IXOS ECM module of SAP NetWeaver, in order to escalate his privileges...
WordPress: Cross Site Scripting of Facebook Members
An attacker can trigger a Cross Site Scripting in Facebook Members of WordPress, in order to execute JavaScript code in the context of the web site...
WordPress: privilege escalation via W3 Total Cache
An attacker can inject PHP code in W3 Total Cache of WordPress, in order to escalate his privileges...
Cisco ASA, FWSM: bypassing ACL via time-range
An attacker can bypass an ACL of Cisco ASA and FWSM, which uses the time-range object...
WordPress: Cross Site Scripting of jPlayer
An attacker can trigger a Cross Site Scripting in jPlayer of WordPress, in order to execute JavaScript code in the context of the web site...
WordPress: Cross Site Scripting of FourSquare Checkins
An attacker can trigger a Cross Site Scripting in FourSquare Checkins of WordPress, in order to execute JavaScript code in the context of the web site...
WordPress: Cross Site Request Forgery of All in One Webmaster
An attacker can trigger a Cross Site Request Forgery in All in One Webmaster of WordPress, in order to force the victim to perform operations...
Cisco Unified Contact Center Express: reading scripts
An unauthenticated attacker can read scripts of Cisco Unified Contact Center Express, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 371 372 373 374 375 376 377 378 379 381 383 384 385 386 387 388 389 390 391 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1069