The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco NX-OS: file creation via Output Redirection
A local attacker can use a shell redirection on Cisco NX-OS, in order to create or alter a file...
Cisco NX-OS: file access via sed
A local attacker can use the "r' and 'w' options of sed, in order to read and alter files on Cisco NX-OS...
Cisco NX-OS: code execution via shell
A local attacker can use a shell escape in the ethanalyzer and perf-cmd Cisco NX-OS commands, in order to execute code with root privileges...
Cisco NX-OS: denial of service via BGP
An attacker can send a BGP packet with a malicious AS Path to Cisco NX-OS, in order to trigger a denial of service...
Cisco NX-OS: denial of service via BGP
An attacker can send a BGP packet with a malicious AS Path to Cisco NX-OS, in order to trigger a denial of service...
Cisco NX-OS: denial of service via BGP
An attacker can send a BGP packet with a malicious AS Path to Cisco NX-OS, in order to trigger a denial of service...
Cisco NX-OS: denial of service via RIP
An attacker can send a malicious RIP packet to Cisco NX-OS, in order to trigger a denial of service...
Cisco Nexus 7000: information disclosure via network-operator
An attacker who has the network-operator role can read configuration files of Cisco Nexus 7000, in order to obtain sensitive information...
Cisco NX-OS: code execution via sed
A local attacker can use the '-e' option of the sed utility in some Cisco NX-OS commands, in order to execute code with root privileges...
Cisco NX-OS: code execution via pipe
A local attacker can use the pipe character in some Cisco NX-OS commands, in order to execute code with root privileges...
Cisco NX-OS: code execution via backquote
A local attacker can use the backquote character in some Cisco NX-OS commands, in order to execute code with root privileges...
WordPress Zoo Realty: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Zoo Realty, in order to execute JavaScript code in the context of the web site...
GnuPG: denial of service via I/O Filter
An attacker can generate an infinite recursion in the I/O Filter of GnuPG, in order to trigger a denial of service...
WordPress SEO Watcher: PHP code execution
An attacker can inject a PHP file via WordPress SEO Watcher, in order to execute code...
WordPress WP SlimStat: PHP code execution
An attacker can inject a PHP file via WordPress WP SlimStat, in order to execute code...
Check Point Security Gateway: bypassing Threat Emulation
An attacker can send an email with a MIME attachment, which is not analyzed by the Threat Emulation feature of Check Point Security Gateway, in order to transmit a malware for example...
WordPress Social Hashtag: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Social Hashtag, in order to execute JavaScript code in the context of the web site...
IBM Eclipse Help System: information disclosure
An attacker can generate an error in IBM Eclipse Help System, in order to obtain sensitive information...
AIX: privilege escalation via mkque/mkquedev
A local attacker who is member of a printq group can generate an overflow in mkque/mkquedev of AIX, in order to escalate his privileges...
Drupal Quick Tabs: information disclosure
An attacker can read the content of Drupal Quick Tabs tabs which should be restricted to users with a role, in order to obtain sensitive information...
Rugged Operating System: three vulnerabilities
An attacker can use several vulnerabilities of Rugged Operating System...
WordPress All in One SEO Pack: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress All in One SEO Pack, in order to execute JavaScript code in the context of the web site...
Xen: buffer overflow of SCSI REPORT LUNS
An attacker can generate a buffer overflow via the SCSI REPORT LUNS command of Xen, in order to trigger a denial of service, and possibly to execute code...
Cisco IOS XR: denial of service via UDP Service
An attacker can send several UDP packets to a service listening on Cisco IOS XR version 4.3.1, in order to trigger a denial of service...
IBM Tivoli Storage Manager: buffer overflow of dsmtca
An attacker can generate a buffer overflow in dsmtca of IBM Tivoli Storage Manager, in order to trigger a denial of service, and possibly to elevate his privileges...
WordPress MORE: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress MORE+, in order to execute JavaScript code in the context of the web site...
Linux kernel: information disclosure via ansi_cprng
An attacker can use an application using the ANSI CPRNG generator of the Linux kernel, in order to obtain sensitive information...
VLC: memory corruption via ASF
An attacker can invite the victim to open a malicious ASL document, to generate a memory corruption in VLC, in order to trigger a denial of service, and possibly to execute code...
Cisco Unified Communications Domain Manager: SQL injection
An attacker can use a SQL injection of Cisco Unified Communications Domain Manager, in order to read or alter data...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 398 399 400 401 402 403 404 405 406 408 410 411 412 413 414 415 416 417 418 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1058