The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
FFmpeg: several vulnerabilities
An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer...
RSA Authentication Agent for PAM: Brute Force
An attacker can use a Brute Force attack against RSA Authentication Agent for PAM, in order to guess users' passwords...
Xen: denial of service via Non-Maskable Interrupt
An attacker, located in a guest system based on an Intel processor, can in some configurations use a malformed MSI, to generate a Non-Maskable Interrupt, in order to trigger a denial of service of Xen...
Joomla SectionEx: SQL injection
An attacker can use a SQL injection of Joomla SectionEx, in order to read or alter data...
Joomla JoomSport: directory traversal
An attacker can traverse directories of Joomla JoomSport, in order to obtain sensitive information...
Joomla jDownloads: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla jDownloads, in order to execute JavaScript code in the context of the web site...
Puppet Enterprise: multiple vulnerabilities
An attacker can use several vulnerabilities of Puppet Enterprise...
Puppet: two vulnerabilities
An attacker can use several vulnerabilities of Puppet...
WordPress A Forms: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress A Forms, in order to execute JavaScript code in the context of the web site...
Joomla JoomShopping: Cross Site Scripting of user_name
An attacker can trigger a Cross Site Scripting in the user_name parameter of Joomla JoomShopping, in order to execute JavaScript code in the context of the web site...
WordPress Shareaholic: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Shareaholic, in order to force the victim to perform operations...
Linux kernel: privilege escalation via ARM/perf_event
A local attacker can use the perf_event_open() system call on an ARM processor, with a special group of events, in order to escalate his privileges...
Linux kernel: memory corruption via build_unc_path_to_root
A local attacker can generate a memory corruption in the build_unc_path_to_root() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
PHP: session cookie fixation
An attacker can use any session cookie, which is reused by PHP, even if it was not initialized...
Junos Space: multiple vulnerabilities
An attacker can use several vulnerabilities of Junos Space...
Drupal Password policy: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Password policy, in order to execute JavaScript code in the context of the web site...
Drupal Entity API: privilege escalation
An attacker can bypass access restrictions of Drupal Entity API, in order to escalate his privileges...
Drupal BOTCHA Spam Prevention: information disclosure via logs
An attacker can read logs of Drupal BOTCHA Spam Prevention, in order to obtain passwords...
BIND: bypassing SRTT
An attacker can use a weakness of the SRTT algorithm, in order to force a BIND recursive server to prefer an authoritative server amongst several ones...
PHP: bypassing of X.509 subjectAltName check
An attacker can send an X.509 certificate containing a null byte to a client written in PHP in order to spoof another server...
Windows: information disclosure via AD Federation Services
An attacker can use the AD Federation Services, in order to obtain sensitive information, leading to a denial of service...
Windows: denial of service via ICMPv6
An attacker can send a malformed ICMPv6 packet to Windows, in order to trigger a denial of service...
Windows 2012: denial of service via NAT Driver
An attacker can send a malicious packet to the NAT Driver of Windows 2012, in order to trigger a denial of service...
Windows: multiple vulnerabilities of Kernel
An attacker can use several vulnerabilities of the Windows kernel...
Windows: privilege escalation via RPC
A local attacker can send an asynchronous RPC message to Windows, in order to escalate his privileges...
Windows: memory corruption via Unicode Scripts Processor
An attacker can generate a memory corruption in the Unicode Scripts Processor of Windows, in order to trigger a denial of service, and possibly to execute code...
Internet Explorer: multiple vulnerabilities
An attacker can invite the victim to display a malicious site with Internet Explorer, in order to execute code on his computer...
WordPress All-in-One Event Calendar: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress All-in-One Event Calendar...
TCP: Blind Spoofing facilitated by SYN Cookies
When SYN Cookies are enabled, an attacker can optimize a brute force spoofed TCP session, which is 32 times faster...
Check Point: vulnerabilities of IPMI
An attacker can use IPMI vulnerabilities in several Check Point products, in order to perform management operations on the hardware...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 390 391 392 393 394 395 396 397 398 400 402 403 404 405 406 407 408 409 410 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1050