The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Apache Struts 1: code execution via ClassLoader
An attacker can use the "class" parameter, to manipulate the ClassLoader, in order to execute code...
Apache Struts 2: multiple vulnerabilities
An attacker can use several vulnerabilities of Apache Struts 2...
Cisco IOS XE: denial of service via PPPoE
An attacker can send a malicious PPPoE packet to Cisco IOS XE on ASR1000, in order to trigger a denial of service...
libvirt: external XML entity injection via XML_PARSE_NOENT
An attacker can transmit malicious XML data to libvirt, in order to read a file, scan sites, or trigger a denial of service...
WordPress Conversionninja: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Conversionninja, in order to execute JavaScript code in the context of the web site...
WordPress bib2html: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress bib2html, in order to execute JavaScript code in the context of the web site...
WordPress Search Everything: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Search Everything, in order to force the victim to perform operations...
Webmin, Usermin: Cross Site Scripting of Popup Windows
An attacker can trigger a Cross Site Scripting in Popup Windows of Webmin/Usermin, in order to execute JavaScript code in the context of the web site...
WordPress Simple Popup Images: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Simple Popup Images, in order to execute JavaScript code in the context of the web site...
Internet Explorer 8: use after free via CMarkup
An attacker can use a freed memory area in the CMarkup class of Internet Explorer, in order to trigger a denial of service, and possibly to execute code...
TYPO3: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3...
TYPO3 powermail: two vulnerabilities
An attacker can use several vulnerabilities of TYPO3 powermail...
Drupal: information disclosure via Site Reports
An attacker, who has the "access site reports" or "View site reports" permission of Drupal, can obtain sensitive information...
Drupal Password Policy: bypassing the policy
An attacker can continue to use the same password with Drupal Password Policy, in order to bypass the security policy...
Drupal Commerce Moneris: information disclosure
An attacker can access to the database of Drupal Commerce Moneris, in order to obtain sensitive information...
Drupal Require Login: information disclosure
An attacker can use Drupal Require Login, in order to obtain sensitive information...
Drupal Views: information disclosure
An attacker can use Drupal Views, in order to obtain sensitive information...
HP Operations Manager i: privilege escalation
An authenticated attacker can use a vulnerability of HP Operations Manager i, in order to escalate his privileges...
Cisco NX-OS: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco NX-OS...
Sendmail: privilege escalation via File Descriptors
A local attacker can access to file descriptors of Sendmail, in order to escalate his privileges...
WordPress Booking System: SQL injection
An attacker can use a SQL injection of WordPress Booking System, in order to read or alter data...
Microsoft DIA SDK: memory corruption via msdia.dll
An attacker can invite the victim to open a malicious PDB file, to generate a memory corruption in msdia.dll of Microsoft DIA SDK, in order to trigger a denial of service, and possibly to execute code...
Panda AV, IS: privilege escalation
A local attacker can use a vulnerability of Panda AV Pro or Internet Security, in order to escalate his privileges...
Nagios Plugins: information disclosure via check_icmp
An attacker can use check_icmp of Nagios Plugins, to read a file with INI format, in order to obtain sensitive information...
IBM GSKit: infinite loop of SSL
An attacker can send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service...
Cisco IOS: denial of service via RTCP
An attacker can send RTCP packets in a specific sequence, to block the CUBE (Cisco Unified Border Element) queue of Cisco IOS, in order to trigger a denial of service...
Cisco ASA: denial of service via RADIUS
An attacker can send a malicious RADIUS packet to Cisco ASA, in order to trigger a denial of service...
Cisco IOS XR: denial of service via DHCPv6
An attacker can send a malicious DHCPv6 packet to Cisco IOS, in order to trigger a denial of service...
Cisco IOS XR: denial of service via DHCPv6
An attacker can send a malicious DHCPv6 packet to Cisco IOS, in order to trigger a denial of service...
Cisco IOS: denial of service via LLDP
An attacker can send a malicious LLDP packet to Cisco IOS, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 440 441 442 443 444 445 446 447 448 450 452 453 454 455 456 457 458 459 460 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1104