The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libvirt: use after free via qemuAgentGetVCPUs
An attacker can use a freed memory area in the qemuAgentGetVCPUs function of libvirt, in order to trigger a denial of service, and possibly to execute code...
XnView: multiple vulnerabilities
An attacker can use several vulnerabilities of XnView...
Cisco IOS: traffic flow via GET VPN
An attacker can use UDP packets, which flow through Cisco IOS with Group Encrypted Transport VPN, in order to bypass security policies...
WordPress SWFUpload: image injection
An attacker can trigger an image injection in WordPress applications using SWFUpload, in order to deceive the victim...
libxml2: denial of service via a truncation
An attacker can send a truncated XML file, to an application linked to libxml2, in order to trigger a denial of service...
WordPress WooCommerce: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WooCommerce, in order to execute JavaScript code in the context of the web site...
Avaya Ethernet Routing Switch: denial of service via NanoSSH
An attacker can connect to the NanoSSH service of Avaya Ethernet Routing Switch, in order to trigger a denial of service...
Drupal Hostmaster: access bypass
An authenticated attacker can use the Drupal Hostmaster module, in order to perform tasks...
Drupal MRBS: multiple vulnerabilities
An attacker can use several vulnerabilities of Drupal MRBS...
Cisco Unified CM: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco Unified CM...
Cisco IPS: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco IPS...
Cisco 9900 Series Phone: file reading
An attacker can change the access path in a url of a Cisco 9900 Series Phone, in order to download a file from the system...
EMC Avamar Server: multiple vulnerabilities
An attacker can use several vulnerabilities of EMC Avamar Server...
Zope: denial of service via zlib
An attacker can use a malicious cookie, in order to trigger a denial of service in zlib of Zope...
xlockmore: denial of service via crypt
An attacker can force an error in the crypt() function, in order to stop xlockmore, so a local attacker can access to X...
kde-workspace: two vulnerabilities
An attacker can use several vulnerabilities of kde-workspace...
MySQL: several vulnerabilities of July 2013
Several vulnerabilities of MySQL are fixed by the CPU of July 2013...
Solaris: several vulnerabilities of July 2013
Several vulnerabilities of Solaris are fixed by the CPU of July 2013...
Oracle Outside In Technology: several vulnerabilities of July 2013
Several vulnerabilities of Oracle Outside In Technology are fixed by the CPU of July 2013...
Oracle Fusion Middleware: several vulnerabilities of July 2013
Several vulnerabilities of Oracle Fusion Middleware are fixed by the CPU of July 2013...
Oracle Database: several vulnerabilities of July 2013
Several vulnerabilities of Oracle Database are corrected by the CPU of July 2013...
F5 BIG-IP: code execution via a Java applet
An attacker can use the Java Applet installed with F5 BIG-IP products, in order to execute code on victim's computer...
Linux kernel: use after free via vhost_net_flush
An attacker can use a freed memory area in the vhost_net_flush() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
Linux kernel: denial of service via fib6_add_rt2node
An attacker can send IPv6 Router Advertisment packets to the Linux kernel, in order to trigger a denial of service...
glibc, eglibc: bypassing PTR_MANGLE
When an application is statically compiled with glibc/eglibc, the PTR_MANGLE protection is inefficient, so an attacker can exploit a memory corruption, in order to execute code...
Cisco Secure ACS: information disclosure via System Error
An attacker can read error messages of Cisco Secure ACS, in order to obtain sensitive information...
Cisco Secure ACS: Cross Site Scripting of Admin/View
An attacker can trigger a Cross Site Scripting in the Admin/View pages of Cisco Secure ACS, in order to execute JavaScript code in the context of the web site...
Cisco Secure ACS: Cross Site Scripting of Web Interface
An attacker can trigger a Cross Site Scripting in the web interface of Cisco Secure ACS, in order to execute JavaScript code in the context of the web site...
Cisco Secure ACS: Cross Site Scripting of System Administration
An attacker can trigger a Cross Site Scripting in the System Administration page of Cisco Secure ACS, in order to execute JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 385 386 387 388 389 390 391 392 393 395 397 398 399 400 401 402 403 404 405 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1035