The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco Unified Communications Manager: Cross Site Request Forgery of OS Administration
An attacker can trigger a Cross Site Request Forgery in OS Administration of Cisco Unified Communications Manager, in order to force the victim to perform operations...
DNS, Windows 2008 DNS: distributed denial of service via Root Hints
An attacker can use the DNS Service of Windows 2008 (or any other service returning Root Hints), in order to trigger a distributed denial of service...
WordPress Zedity: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Zedity, in order to execute JavaScript code in the context of the web site...
WordPress Thanks You Counter Button: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Thanks You Counter Button, in order to execute JavaScript code in the context of the web site...
WordPress EasyMedia Gallery: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress EasyMedia Gallery, in order to execute JavaScript code in the context of the web site...
Technicolor TC7200: information disclosure via GatewaySettings.bin
An attacker can use GatewaySettings.bin of Technicolor TC7200, in order to obtain the administrator password...
libpng: infinite loop of IDAT
An attacker can create a malicious PNG image, to generate an infinite loop during the analysis of IDAT by libpng, in order to trigger a denial of service...
QuickTime: multiple vulnerabilities
An attacker can use several vulnerabilities of QuickTime...
GnuTLS: accepting X.509 CA v1
An attacker can ask a trusted certification authority to create an X.509 v1 certificate, which is accepted by GnuTLS as being a root certificate...
Net-SNMP: denial of service via ICMP-MIB
An attacker can send an ICMP packet with a large type, to a system monitored by the ICMP-MIB of Net-SNMP, in order to trigger a denial of service...
WordPress Search Everything: SQL injection
An attacker can use a SQL injection of WordPress Search Everything, in order to read or alter data...
OTRS Help Desk: Cross Site Scripting of Mail
An attacker can send an email to trigger a Cross Site Scripting in OTRS Help Desk, in order to execute JavaScript code in the context of the web site...
Apache Tomcat: data injection via Content-Length
An attacker can use two Content-Length headers in order to alter behaviour of HTTP data analysis...
Apache Tomcat: obtaining the session identifier even with disableURLRewriting
An attacker can obtain the session identifier of Apache Tomcat, in order to spoof the identity of the current user...
Apache Tomcat: denial of service via Chunked TE
An attacker can use a chunked Transfer-Encoding header, in order to trigger a denial of service on Apache Tomcat...
Apache Tomcat: external XML entity injection via Web Application
An attacker, who is allowed to install a web application, can transmit malicious XML data to Apache Tomcat, in order to read a file, scan sites, or trigger a denial of service...
TYPO3: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3...
McAfee ePO: external XML entity injection
An authenticated attacker can transmit malicious XML data to McAfee ePO, in order to read a file, scan sites, or trigger a denial of service...
Blue Coat ProxySG: delay in account disabling
An attacker, who was recently disabled, can still authenticate on Blue Coat ProxySG, in order to access to the Management Console...
WordPress Media File Renamer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Media File Renamer, in order to execute JavaScript code in the context of the web site...
Joomla Extensions: multiple vulnerabilities of Google Maps
An attacker can use several vulnerabilities of Google Maps of Joomla JoomLeague, Joomla-Base and other modules using Google Maps...
McAfee Web Gateway: directory traversal
An attacker can traverse directories of McAfee Web Gateway, in order to read a file outside the service root path...
WordPress AdRotate: SQL injection
An attacker can use a SQL injection of WordPress AdRotate, in order to read or alter data...
Cisco Unified IP Phone 7960G: altering the CTL
An attacker can bypass access restrictions of the CTL file of Cisco Unified IP Phone 7960G, in order to alter the content of the CTL file, so the phone trusts the attacker...
Cisco ASA: altering Phone Proxy CTL
An attacker can traverse the Cisco ASA Phone Proxy, in order to alter the content of the CTL file of a phone, so it trusts the attacker...
Cisco ASA: traffic passed via Phone Proxy sec_db
An attacker can pass traffic via the Phone Proxy sec_db of Cisco ASA...
Linux kernel: denial of service via S/390 Linkage Stack
A local attacker can use the S/390 Linkage Stack, in order to trigger a denial of service of the Linux kernel...
Adobe Flash Player: three vulnerabilities
An attacker can use several vulnerabilities of Adobe Flash Player...
PostgreSQL: read-write access via make check
When "make check" is run, a local attacker can access to PostgreSQL, in order to read or alter data...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 424 425 426 427 428 429 430 431 432 434 436 437 438 439 440 441 442 443 444 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103