The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress File Gallery: code execution
An attacker, who is administrator in a jailed environment, can use WordPress File Gallery, in order to execute PHP code...
Emacs: multiple vulnerabilities
An attacker can use several vulnerabilities of Emacs...
libxml2: file reading via an entity in xmlParserHandlePEReference
An attacker can transmit malicious XML data to an application linked to libxml2, in order to force it to include a file, which can then be returned to the attacker...
WordPress Acumbamail: information disclosure
An attacker can capture data of WordPress Acumbamail, in order to obtain sensitive information...
Cisco ASA: information disclosure via HTTP Server
An attacker can connect to the HTTP server of Cisco ASA, in order to read files, to obtain sensitive information...
Cisco Nexus 1000V: bypassing ACL via IGMP
An attacker can send IGMPv2 or v3 packets to Cisco Nexus 1000V, in order to bypass Deny ACLs...
Cisco Nexus 7000: denial of service via sed
A local attacker can use the "sed" command on Cisco Nexus 7000, in order to trigger a denial of service...
Apache httpd, nginx: denial of service via PHP-FPM/PHP-CGI
An attacker can open numerous long connections to an Apache httpd or nginx server using PHP-FPM/PHP-CGI, in order to trigger a denial of service...
strongSwan: NULL pointer dereference via ID_DER_ASN1_DN
An attacker can dereference a NULL pointer with ID_DER_ASN1_DN ID, in order to trigger a denial of service of strongSwan...
AIX: denial of service via ptrace
A local attacker can call the ptrace() function of AIX, in order to obtain sensitive information, or to trigger a denial of service...
Linux kernel: memory corruption via n_tty_write
A local attacker can generate a memory corruption in the n_tty_write() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
WordPress Flexolio: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress Flexolio...
Openfire: Cross Site Scripting of Admin Console
An attacker can trigger a Cross Site Scripting in Admin Console of Openfire, in order to execute JavaScript code in the context of the web site...
WebSphere MQ: denial of service via inetd
An attacker can send malicious queries to inetd when used by IBM WebSphere MQ, in order to trigger a denial of service...
WordPress Leaflet Maps Marker: SQL injection
An attacker can use a SQL injection of WordPress Leaflet Maps Marker, in order to read or alter data...
WordPress wp-affiliate-platform: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress wp-affiliate-platform, in order to execute JavaScript code in the context of the web site...
PHP: privilege escalation via sapi/fpm
A local attacker can connect on the PHP sapi/fpm Unix socket, in order to escalate his privileges...
WordPress EZPZ One Click Backup: code execution via ezpz-archive-cmd.php
An attacker can use ezpz-archive-cmd.php of WordPress EZPZ One Click Backup, in order to execute code...
OpenSSL: NULL pointer dereference via SSL_MODE_RELEASE_BUFFERS
An attacker can dereference a NULL pointer in OpenSSL applications using SSL_MODE_RELEASE_BUFFERS, in order to trigger a denial of service...
Drupal Field API Pane Editor: read-write access
An attacker can bypass access restrictions of Drupal Field API Pane Editor, in order to alter data...
Drupal Zen: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Zen, in order to execute JavaScript code in the context of the web site...
Drupal Context Form Alteration: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Context Form Alteration, in order to execute JavaScript code in the context of the web site...
Linux kernel: denial of service via try_to_unmap_cluster
A local attacker can manipulate memory pages of the Linux kernel, in order to trigger a denial of service...
TYPO3 si_bibtex: two vulnerabilities
An attacker can use several vulnerabilities of TYPO3 si_bibtex...
WebSphere AS 8.5: multiple vulnerabilities
An attacker can use several vulnerabilities of WebSphere AS 8.5...
Xen: denial of service via ARM CNTKCTL_EL1
An attacker, located in a guest system on ARM, can use CNTKCTL_EL1, in order to trigger a denial of service of Xen...
FreeBSD 10: privilege escalation via devfs
An attacker, located in a jail, can use devfs of FreeBSD, in order to obtain sensitive information, or to escalate his privileges...
FreeBSD: denial of service via TCP Reassembly
A remote attacker can create a TCP session, and send numerous TCP packets to be reassembled to FreeBSD, in order to trigger a denial of service. A local attacker can possibly read a fragment of the kernel memory...
Nagios: information disclosure via environment
An attacker can use Nagios, in order to obtain sensitive information contained in environment variables...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 437 438 439 440 441 442 443 444 445 447 449 450 451 452 453 454 455 456 457 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103