The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco IOS, IOS XE: denial of service via IKE Main Mode
An attacker can send IKE Main Mode packets to Cisco IOS or IOS XE, in order to trigger a denial of service...
PolarSSL: accepting a certificate expired in its timezone
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
PolarSSL: accepting a certificate not yet valid
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
PolarSSL: accepting a certificate with a CA not authorized for server
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
PolarSSL: accepting a certificate with a CA not authorized to handshake
An attacker can create a malicious certificate, which is accepted as valid by PolarSSL, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
GnuTLS: accepting a certificate self-signed
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
GnuTLS: accepting a certificate with an unknown critical extension
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
GnuTLS: accepting a certificate with a CA not authorized for server
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
GnuTLS: accepting a certificate with a CA not authorized to handshake
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
GnuTLS: accepting a certificate with a CA not authorized to sign
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
GnuTLS: accepting a certificate with an Intermediate CA not authorized
An attacker can create a malicious certificate, which is accepted as valid by GnuTLS, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
Oracle Identity Manager: open redirect via backUrl
An attacker can deceive the user of backUrl of Oracle Identity Manager, in order to redirect him to a malicious site...
Cacti: shell injection via lib/rrd.php
An attacker can inject shell commands via lib/rrd.php, in order to escalate his privileges...
WordPress Maps Marker Pro: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Maps Marker Pro, in order to execute JavaScript code in the context of the web site...
Drupal CAS Server: ticket replay
An attacker, who captured a ticket, can replay it on Drupal CAS Server, in order to escalate his privileges...
Drupal Custom Search: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Custom Search, in order to execute JavaScript code in the context of the web site...
Drupal Printer, email and PDF versions: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Printer, email and PDF versions, in order to execute JavaScript code in the context of the web site...
Jasig CAS Server: bypassing authentication via Google Accounts Integration
An attacker can transmit malicious XML data to Jasig CAS Server with Google Accounts Integration, in order to bypass the authentication...
Cisco Web Security Appliance: injecting HTTP headers
An attacker can inject HTTP headers, to deceive the user of Cisco Web Security Appliance, in order to redirect him to a malicious site...
Linux kernel: NULL pointer dereference via mac80211
An attacker can dereference a NULL pointer in the mac80211 module of the Linux kernel, in order to trigger a denial of service...
Cisco Unity Connection: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unity Connection, in order to execute JavaScript code in the context of the web site...
WordPress Disable Comments: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Disable Comments, in order to force the victim to perform operations...
OTRS Help Desk: two vulnerabilities
An attacker can use several vulnerabilities of OTRS Help Desk...
Linux kernel: NULL pointer dereference via rds_ib_laddr_check
A local attacker can dereference a NULL pointer in the rds_ib_laddr_check() function of the Linux kernel, in order to trigger a denial of service...
Linux kernel: use after free via AIO ioctx_alloc
A local attacker can use a freed memory area in the AIO ioctx_alloc() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
ModSecurity: bypassing via Chunked
An attacker can use HTTP Chunked data, in order to bypass ModSecurity rules...
Apache httpd: bypassing mod_headers unset
An attacker can use HTTP Chunked data, in order to bypass the "RequestHeader unset" directive of Apache httpd mod_headers...
Cacti: SQL injection of graph_xport.php
An attacker can use a SQL injection in graph_xport.php of Cacti, in order to read or alter data...
WordPress Business Intelligence: file upload
An attacker can upload a malicious file on WordPress Business Intelligence, in order for example to upload a Trojan...
Linux kernel: denial of service via arch_dup_task_struct
A local attacker can use a sequence of PowerPC instructions on the Linux kernel, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 431 432 433 434 435 436 437 438 439 441 443 444 445 446 447 448 449 450 451 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1048