The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
ISC BIND: denial of service via findnoqname
An attacker can setup a malicious DNS server, and then query an ISC BIND recursive server, in order to stop it...
AIX: denial of service via IPv6
When the system has a configured IPv6 address, a remote attacker can send a malformed IPv6 packet to AIX, in order to trigger a denial of service...
OpenBSD: denial of service via SIOCSIFADDR
A local attacker can use the SIOCSIFADDR ioctl on OpenBSD, in order to trigger a denial of service...
WordPress qTranslate: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery in WordPress qTranslate, in order to force the victim to perform operations...
WordPress Content Slide: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Content Slide, in order to force the victim to perform operations...
WordPress underConstruction: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery in WordPress underConstruction, in order to force the victim to perform operations...
Xen: denial of service via XSETBV
An attacker located in a PV guest can use XSETBV, in order to trigger a denial of service of the Xen hypervisor...
Xen: denial of service via XRSTOR
An attacker located in a PV guest can use XRSTOR, in order to trigger a denial of service of the Xen hypervisor...
Xen: information disclosure during arithmetic operations
When Xen is installed on AMD processors Family 15 (or greater), an attacker located in a guest system can obtain information during arithmetic operations...
HP Data Protector: multiple vulnerabilities
An attacker can use several vulnerabilities of HP Data Protector, in order to trigger a denial of service or to execute code...
Joomla flashChart Content Plugin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Joomla flashChart Content Plugin, in order to execute JavaScript code in the context of the web site...
Joomla Master Password: information disclosure
An attacker can use a vulnerability of Joomla Master Password, in order to obtain sensitive information...
Joomla CiviCRM: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Joomla CiviCRM, in order to execute JavaScript code in the context of the web site...
Joomla Jinc: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Joomla Jinc, in order to execute JavaScript code in the context of the web site...
IBM DB2: privilege escalation via Audit Facility
A local attacker can use a vulnerability in Audit Facility of IBM DB2, in order to escalate his privileges...
Linux kernel: memory reading via tkill/tgkill
A local attacker can call tkill() or tgkill(), in order to obtain sensitive information from the Linux kernel memory...
TYPO3 Multishop: SQL injection
An attacker can use a SQL injection in the TYPO3 Multishop extension, in order to read or alter data...
TYPO3 Extensions: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3 extensions...
TYPO3 powermail: vulnerability
A vulnerability was announced in the TYPO3 powermail extension...
WordPress AntiVirus for WordPress: two vulnerabilities
An attacker can use several vulnerabilities of AntiVirus for WordPress of WordPress...
Subversion: three vulnerabilities
An attacker can use several vulnerabilities of Subversion, in order to trigger a denial of service or to execute code...
Linux kernel: buffer overflow of iSCSI Key
A remote attacker can send an iSCSI packet containing a long key, to generate a buffer overflow in the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
IBM Eclipse Help System: Cross Site Scripting via iehs.war
An attacker can use iehs.war to generate a Cross Site Scripting in several IBM products, in order to execute JavaScript code in the context of the victim's web browser...
Cisco Prime Infrastructure: Cross Site Scripting via Rogue AP SSID
An attacker can use a rogue SSID with a malicious SSID, to trigger a Cross Site Scripting in Cisco Prime Infrastructure, in order to execute JavaScript code in the context of the web site...
Joomla: file creation via Jinc
An attacker can use the Jinc extension of Joomla, in order to create a file...
Check Point VSX Virtual System: no policy
When Check Point VSX Virtual System R75.40VS/R76 (VSX mode) is restarted, the security policy may be not applied...
Linux kernel: denial of service via tcp_collapse and splice
A local attacker can call the splice() function on a TCP socket, in order to trigger a denial of service of the Linux kernel...
GnuTLS 2: denial of service via _gnutls_ciphertext2compressed
An attacker can use a malformed TLS packet, to force GnuTLS 2 to read at an invalid memory address, in order to trigger a denial of service...
KDE: weak password generation by Paste Applet
When the user generated a password via KDE Plasma Paste Applet, an attacker can use a brute force, in order to guess the password...
WordPress Exploit Scanner: two vulnerabilities
An attacker can use several vulnerabilities of Exploit Scanner of WordPress...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 377 378 379 380 381 382 383 384 385 387 389 390 391 392 393 394 395 396 397 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1012