The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Custom Background: file upload
An attacker can upload a malicious file on WordPress Custom Background, in order for example to upload a Trojan...
Xalan-Java: vulnerabilities of FEATURE_SECURE_PROCESSING
An attacker can use several vulnerabilities of the FEATURE_SECURE_PROCESSING implementation in Xalan-Java...
Cacti: code execution
An attacker can inject shell commands in Cacti, in order to execute code...
Cacti: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cacti, in order to force the victim to perform operations...
Cacti: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cacti, in order to execute JavaScript code in the context of the web site...
Word: memory corruption via RTF
An attacker can create a malicious RTF file, to generate a memory corruption in Word, in order to trigger a denial of service, and possibly to execute code...
Xen: denial of service via Linux netback
An attacker, who is administrator in a guest system, can send a malicious netback packet to Xen installed on Linux, in order to trigger a denial of service...
OpenSSL: disclosure of ECDSA secret
A local attacker can guess the ECDSA secret used by the OpenSSL implementation, in order to obtain sensitive information...
Nessus: privilege escalation via wmi_malware_scan.nbin
A local Windows attacker can use a vulnerability of wmi_malware_scan.nbin of Nessus, in order to escalate his privileges...
WordPress WP-Filebase Download Manager: code execution via Admin.php
An attacker can use Admin.php of WordPress WP-Filebase Download Manager, in order to execute code...
Siemens SIMATIC S7-1200 CPU: multiple vulnerabilities
An attacker can use several vulnerabilities of Siemens SIMATIC S7-1200 CPU...
Linux kernel: information disclosure via skb_zerocopy
A local attacker can use network data, in order to obtain memory areas from the Linux kernel memory...
Linux kernel: NULL pointer dereference via rds_ib_laddr_check
A local attacker can dereference a NULL pointer in the rds_ib_laddr_check() function of the Linux kernel, in order to trigger a denial of service...
NSS: accepting Wildcard IDN
An attacker can create a Wildcard IDN certificate, which is accepted by NSS, in order to perform a Man-in-the-Middle...
WordPress User Domain Whitelist: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress User Domain Whitelist, in order to force the victim to perform operations...
WordPress Post Expirator: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Post Expirator, in order to force the victim to perform operations...
Drupal Nivo Slider: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Nivo Slider, in order to execute JavaScript code in the context of the web site...
Drupal Xapian integration: information disclosure
An attacker can use Drupal Xapian integration, in order to obtain sensitive information...
Cisco ESA, SMA: privilege escalation via FTP/SLBL
An authenticated attacker can use the FTP and SLBL services of Cisco ESA and SMA, in order to escalate his privileges...
Cisco Catalyst 6500: denial of service via Sup2T
An attacker can send multicast packets via Supervisor Engine 2T of Cisco Catalyst 6500, in order to trigger a denial of service...
EMC Connectrix Manager Converged Network Edition: directory traversal of FileUploadController
An attacker can traverse directories in FileUploadController of EMC Connectrix Manager Converged Network Edition, in order to read a file outside the service root path...
IBM WebSphere MQ Internet Pass-Thru: denial of service via CommandPort
An attacker can connect on the CommandPort of IBM WebSphere MQ Internet Pass-Thru, in order to trigger a denial of service...
Firefox, Kaspersky: denial of service via RegExp
An attacker can create an HTML page containing a complex regular expression, and transmit it to a Firefox or Kaspersky user, in order to trigger a denial of service...
WordPress mTouch Quiz: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress mTouch Quiz, in order to execute JavaScript code in the context of the web site...
WordPress Duplicate Post: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Duplicate Post, in order to execute JavaScript code in the context of the web site...
Cisco ASA: Cross Site Scripting of WebVPN Login Page
An attacker can trigger a Cross Site Scripting in the WebVPN Login Page of Cisco ASA, in order to execute JavaScript code in the context of the web site...
WordPress Subscribe To Comments Reloaded: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Subscribe To Comments Reloaded, in order to execute JavaScript code in the context of the web site...
Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox, Thunderbird and SeaMonkey...
nginx: buffer overflow of SPDY
An attacker can generate a buffer overflow in SPDY of nginx, in order to trigger a denial of service, and possibly to execute code...
libvirt: NULL pointer dereference via qemuMonitorGetSpiceMigrationStatus
An attacker can dereference a NULL pointer in qemuMonitorGetSpiceMigrationStatus of libvirt, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 429 430 431 432 433 434 435 436 437 439 441 442 443 444 445 446 447 448 449 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1104