The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
BMC Patrol for AIX: privilege escalation via bgscollect
A local attacker can create a malicious library, which is loaded by bgscollect of BMC Patrol for AIX, in order to escalate his privileges...
rsync: denial of service via check_secret
An attacker can use an invalid login name, to generate an infinite loop in the check_secret() function of rsync, in order to trigger a denial of service...
CUPS: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of CUPS, in order to execute JavaScript code in the context of the web site...
ScreenOS: denial of service via SSL
An attacker can send a malicious SSL packet to ScreenOS, in order to trigger a denial of service...
OpenSSL: data injection via OPENSSL_NO_BUF_FREELIST
An attacker can establish a connection with a multi-thread application linked to OpenSSL with OPENSSL_NO_BUF_FREELIST, in order to potentially inject data in the session of another user...
WordPress Quick Page/Post Redirect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Quick Page/Post Redirect, in order to force the victim to perform operations...
WordPress Twitget: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Twitget, in order to force the victim to perform operations...
VMware WorkStation, Player: NULL pointer dereference via vmx86.sys
An attacker can dereference a NULL pointer in vmx86.sys of VMware WorkStation or Player, in order to trigger a denial of service...
Nagios: buffer overflow of cmd_submitf
An attacker can generate a buffer overflow in the cmd_submitf() function of Nagios, in order to trigger a denial of service, and possibly to execute code...
Linux kernel: use after free via ping_init_sock
A local attacker can use a freed memory area via ping_init_sock() of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
WordPress Unconfirmed: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Unconfirmed, in order to execute JavaScript code in the context of the web site...
VMware vSphere Client: two vulnerabilities
An attacker can use several vulnerabilities of VMware vSphere Client...
WordPress Lazyest Gallery: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Lazyest Gallery, in order to execute JavaScript code in the context of the web site...
libpng: two vulnerabilities
An attacker can use several vulnerabilities of libpng...
TYPO3 Powermail: bypassing Captcha
An attacker can post a form on TYPO3 Powermail, even if a Captcha is used...
OpenBSD: accepting another certificate via ftp
An attacker can setup a malicious server, with a certificate valid for another server, which is accepted by the ftp client of OpenBSD, in order to invite the victim to connect to a server setup as a Man-in-the-Middle...
Cisco ASA: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco ASA...
Drupal Skeleton: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Skeleton, in order to execute JavaScript code in the context of the web site...
Drupal SimpleCorp: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal SimpleCorp, in order to execute JavaScript code in the context of the web site...
Drupal Revisioning: information disclosure
An attacker can use Drupal Revisioning, in order to obtain sensitive information...
Drupal BlueMasters: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal BlueMasters, in order to execute JavaScript code in the context of the web site...
Junos: denial of service via EWF
An attacker can use a special url on SRX Series with Enhanced Web Filtering, in order to trigger a denial of service of Junos...
Junos: denial of service via MPC
An attacker can send IP packets to generate an error in the Modular Port Concentrator of Junos, in order to trigger a denial of service...
Junos: denial of service via Dynamic IPsec VPN
An attacker can block connections on Dynamic IPsec VPN of Junos with Branch SRX Series, in order to trigger a denial of service...
Junos: Cross Site Scripting of J-Web
An attacker can trigger a Cross Site Scripting in J-Web of Junos, in order to execute JavaScript code in the context of the web site...
Junos: denial of service via IGMP
An attacker can send numerous IGMP packets to Junos with PIM, in order to trigger a denial of service...
Junos: Cross Site Scripting of J-Web
An attacker can trigger a Cross Site Scripting in J-Web of Junos, in order to execute JavaScript code in the context of the web site...
Joomla Com_inneradmission: SQL injection
An attacker can use a SQL injection of Joomla Com_inneradmission, in order to read or alter data...
WordPress Core: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress Core...
WordPress VideoWhisper Live Streaming: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress VideoWhisper Live Streaming, in order to execute JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 433 434 435 436 437 438 439 440 441 443 445 446 447 448 449 450 451 452 453 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102