The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Windows: privilege escalation via pprFlattenRec
An attacker can use a PATHRECORD object, to corrupt the memory of the Windows win32k!EPATHOBJ::pprFlattenRec() function, in order to escalate his privileges...
Joomla: SQL injection of S5 Clan Roster
An attacker can use a SQL injection in S5 Clan Roster of Joomla, in order to read or alter data...
WordPress: Cross Site Request Forgery of Digg Digg
An attacker can trigger a Cross Site Request Forgery in Digg Digg of WordPress, in order to force the victim to perform operations...
Xen: buffer overflow of pyxc_vcpu_setaffinity
When the system uses the Python libxc Toolstack, a guest administrator can generate a buffer overflow in pyxc_vcpu_setaffinity() of Xen, in order to trigger a denial of service, and possibly to execute code...
Wireshark: multiple vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service...
Bintec R, X: infinite loop of A-MPDU
An attacker can send a malformed A-MPDU (Aggregated MAC Protocol Data Unit) packet, to generate an infinite loop in Bintec R/X, in order to trigger a denial of service...
WordPress: Cross Site Request Forgery of WP CleanFix
An attacker can trigger a Cross Site Request Forgery in WP CleanFix of WordPress, in order to force the victim to perform operations...
EMC VNX/Celerra Control Station: privilege escalation via nasadmin
An attacker, who is member of the nasadmin group, can alter scripts of EMC VNX/Celerra Control Station, in order to escalate his privileges...
RSA SecurID: obsolete algorithm
Several products related to RSA SecurID use an obsolete encryption algorithm, and a short key size...
WordPress: Cross Site Request Forgery of Mail On Update
An attacker can trigger a Cross Site Request Forgery in Mail On Update of WordPress, in order to force the victim to perform operations...
libvirt: descriptor leak via PoolListAllVolumes
An attacker can create a file descriptor leak in the remoteDispatchStoragePoolListAllVolumes() function of libvirt, in order to trigger a denial of service...
Cisco Secure ACS: session replay
An attacker can capture the session identifier of Cisco Secure ACS, in order to reuse it to access to user's space...
Cisco ACE: denial of service via SSL Logs
An attacker can open numerous SSL sessions, to fill in the Cisco ACE log files, in order to trigger a denial of service...
Drupal: two vulnerabilities of Google Authenticator login
An attacker can use two vulnerabilities of the Google Authenticator login module of Drupal, in order to bypass the authentication...
WordPress: file reading via wp-FileManager
An attacker can change the directory of wp-FileManager of WordPress, in order to read a file located outside the site root...
WordPress: Cross Site Scripting of Newsletter
An attacker can trigger a Cross Site Scripting in Newsletter of WordPress, in order to execute JavaScript code in the context of the web site...
McAfee Security for Microsoft Exchange: Cross Site Scripting of Configuration Console
An attacker can trigger a Cross Site Scripting in the Configuration Console of McAfee Security for Microsoft Exchange, in order to execute JavaScript code in the context of the web site...
Cisco Unified Communications Manager: denial of service via Authentication
An attacker can send several parallel authentication queries to Cisco Unified Communications Manager, in order to trigger a denial of service...
ArcGIS Server: SQL injection
An attacker can use a SQL injection in ArcGIS Server, in order to read or alter data...
strongSwan: buffer overflow of atodn
When Opportunistic Encryption is enabled ("oe=yes"), an attacker can generate a buffer overflow in strongSwan, in order to trigger a denial of service, and possibly to execute code...
Openswan: buffer overflow of atodn
When Opportunistic Encryption is enabled ("oe=yes"), an attacker can generate a buffer overflow in Openswan, in order to trigger a denial of service, and possibly to execute code...
Libreswan: buffer overflow of atodn
When Opportunistic Encryption is enabled ("oe=yes"), an attacker can generate a buffer overflow in Libreswan, in order to trigger a denial of service, and possibly to execute code...
Microsoft System Center 2012 Endpoint Protection: memory corruption via Microsoft Malware Protection Engine
An attacker can generate a memory corruption in Microsoft Malware Protection Engine of Microsoft System Center 2012 Endpoint Protection, in order to trigger a denial of service, and possibly to execute code...
Windows, IE: vulnerabilities of ActiveX
An attacker can create an HTML page calling vulnerable ActiveX, and then invite the victim to display this page, in order to execute code on his computer...
Windows: privilege elevation via kernel
A local attacker can use several kernel vulnerabilities, in order to gain system privileges...
Windows Essentials: information disclosure via Proxy
An attacker can invite the victim to open a malicious url with Windows Essentials Writer, to edit the proxy configuration, in order to obtain sensitive information...
Microsoft Visio: information disclosure via an XML entity
An attacker can invite the victim to open a malicious file with Microsoft Visio, in order to force it to include a file, which can then be returned to the attacker...
Word 2003: memory corruption via Shape
An attacker can invite the victim to open a malicious file with Word 2003, to generate a memory corruption in Shape processing, in order to trigger a denial of service, and possibly to execute code...
Microsoft Publisher: multiple vulnerabilities
An attacker can invite the victim to open a malicious file with Publisher, in order to execute code on his computer...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 375 376 377 378 379 380 381 382 383 385 387 388 389 390 391 392 393 394 395 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1012