The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Opera: vulnerability
A vulnerability was announced in Opera...
Cisco Unified Communications Manager ELM: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Unified Communications Manager ELM, in order to force the victim to perform operations...
WordPress Plugins: Cross Site Scripting of GDD FLVPlayer
An attacker can trigger a Cross Site Scripting in GDD FLVPlayer of WordPress Plugins, in order to execute JavaScript code in the context of the web site...
Drupal Flag: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Flag, in order to execute JavaScript code in the context of the web site...
Drupal Node View Permissions: access bypass
An attacker can list pages, in order to bypass the security policy of Drupal Node View Permissions...
Cisco Secure ACS: command execution via EAP-FAST
When Cisco Secure ACS is configured as a RADIUS server, an attacker can send an EAP-FAST packet with a special user name, in order to execute privileged commands...
Cisco Unified IP Phone 8945: denial of service via PNG
An attacker can use a malformed PNG image, in order to trigger a denial of service of Cisco Unified IP Phone 8945...
Asterisk: two vulnerabilities of SIP Channel
An attacker can use several vulnerabilities of the SIP Channel of Asterisk...
NSS, NSPR: denial of service via CERT_DecodeCertPackage
An attacker can force the CERT_DecodeCertPackage() function to read at an invalid address, in order to trigger a denial of service...
libtiff: buffer overflow of gif2tiff
An attacker can generate a buffer overflow in gif2tiff of libtiff, in order to trigger a denial of service, and possibly to execute code...
WordPress WP Simple Login Registration: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Simple Login Registration, in order to execute JavaScript code in the context of the web site...
Cisco Content Security Management: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Content Security Management, in order to execute JavaScript code in the context of the web site...
Cisco ESA, SMA, WSA: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco ESA, SMA and WSA, in order to force the victim to perform operations...
RuggedCom ROX: several vulnerabilities
An attacker can use several vulnerabilities of RuggedCom ROX, in order to elevate his privileges, or to create a denial of service...
Linux kernel: denial of service via KVM_GET_REG_LIST
When an ARM system is configured with KVM, a local attacker can use the KVM_GET_REG_LIST ioctl of the Linux kernel, in order to trigger a denial of service...
Cacti: multiple vulnerabilities
An attacker can use several vulnerabilities of Cacti...
WordPress VideoWhisper Live Streaming Integration: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress VideoWhisper Live Streaming Integration, in order to execute JavaScript code in the context of the web site...
IBM DB2: privilege escalation via EXPLAIN
An attacker who has the EXPLAIN authority on an IBM DB2 database can obtain the SELECT, INSERT, UPDATE and DELETE privileges on a table...
glibc: privilege escalation via pt_chown
An attacker can use the pt_chown program provided with the glibc, in order to change permissions of a pseudo-terminal...
VMware Player, Workstation: privilege escalation via vmware-mount
When VMware Player/Workstation is installed on a Debian Linux system, a local attacker can use vmware-mount, in order to escalate his privileges in the host system...
Joomla VirtueMart: SQL injection of removeAddressST
An attacker can use a SQL injection in removeAddressST of Joomla VirtueMart, in order to read or alter data...
WordPress ThinkIT: Cross Site Scripting of toitcf_current_id
An attacker can trigger a Cross Site Scripting in toitcf_current_id of WordPress ThinkIT, in order to execute JavaScript code in the context of the web site...
FreeBSD: information disclosure via SCTP
An attacker can read SCTP INIT-ACK packets sent by FreeBSD, in order to obtain four bytes coming from the kernel memory...
FreeBSD: integer overflow of IP_MSFILTER
A local attacker can generate an integer overflow with IP_MSFILTER of FreeBSD, in order to trigger a denial of service, and possibly to execute code...
Drupal Zen: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Zen, in order to execute JavaScript code in the context of the web site...
Cisco Unified Communications Manager: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco Unified Communications Manager...
Cisco Unified Communications Manager IM and Presence Service: memory leak via TCP
An attacker can create a memory leak by opening a large number of TCP connections to Cisco Unified Communications Manager IM and Presence Service, in order to trigger a denial of service...
Cisco Prime Central for HCS Assurance: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco Prime Central for HCS Assurance...
WordPress BackWPup: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress BackWPup, in order to execute JavaScript code in the context of the web site...
McAfee Email Gateway: denial of service of ws_inv-smtp
An attacker can send a malformed email to create a loop in ws_inv-smtp of McAfee Email Gateway, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 391 392 393 394 395 396 397 398 399 401 403 404 405 406 407 408 409 410 411 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1090