The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: denial of service via SCTP sk_ack_backlog
An attacker can send a malicious SCTP packets to the Linux kernel, in order to trigger a denial of service...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
LZ4 Core: memory corruption of LZ4_decompress_generic
An attacker can generate an memory corruption in the lz4_uncompress() function of LZ4 Core, in order to trigger a denial of service, and possibly to execute code...
Linux kernel: memory corruption of lz4_uncompress
An attacker can generate an memory corruption in the lz4_uncompress() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
FFmpeg: integer overflow of av_lzo1x_decode
An attacker can generate an integer overflow in the av_lzo1x_decode() function of FFmpeg, in order to trigger a denial of service, and possibly to execute code...
Libav: integer overflow of av_lzo1x_decode
An attacker can generate an integer overflow in the av_lzo1x_decode() function of Libav, in order to trigger a denial of service, and possibly to execute code...
Linux kernel: integer overflow of lzo1x_decompress_safe
An attacker can generate an integer overflow in the lzo1x_decompress_safe() function of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
liblzo2: integer overflow of lzo1x_decompress_safe
An attacker can generate an integer overflow in the lzo1*_decompress_safe() functions of liblzo2, in order to trigger a denial of service, and possibly to execute code...
WordPress Simple Share Buttons Adder: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Simple Share Buttons Adder, in order to execute JavaScript code in the context of the web site...
pfSense: multiple vulnerabilities
An attacker can use several vulnerabilities of pfSense...
WordPress Login rebuilder: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Login rebuilder, in order to force the victim to perform operations...
Cisco IOS: denial of service via IPsec
An authenticated attacker can send a malicious IPsec packet to Cisco IOS, in order to trigger a denial of service...
Sophos Antivirus Configuration Console: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Sophos Antivirus Configuration Console, in order to execute JavaScript code in the context of the web site...
Xen: information disclosure via GNTTABOP_setup_table
A local attacker can read a memory fragment via GNTTABOP_setup_table of Xen, in order to obtain sensitive information...
Linux kernel: information disclosure via aio_read_events_ring
A local attacker can read a memory fragment via aio_read_events_ring() of the Linux kernel, in order to obtain sensitive information...
FreeBSD: NULL pointer dereference via iconv
An attacker can transmit malicious GB2312+HZ or VIQR data to a FreeBSD application using iconv, in order to trigger a denial of service...
WordPress TimThumb: code execution via WebShot
An attacker can use the WebShot feature of WordPress plugins/themes using TimThumb, in order to execute code...
Linux kernel: multiple vulnerabilities of ALSA
An attacker can use several vulnerabilities of ALSA of the Linux kernel...
WebSphere AS: privilege escalation via addFileRegistryAccount
An attacker can use an account of WebSphere AS, in order to escalate his privileges...
WebSphere AS 8.0: multiple vulnerabilities
An attacker can use several vulnerabilities of WebSphere AS 8.0...
WebSphere AS 7.0: multiple vulnerabilities
An attacker can use several vulnerabilities of WebSphere AS 7.0...
Linux kernel: use after free via __do_follow_link
An attacker can use a freed memory area in the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
GnuPG: infinite loop of Truncated zlib
An attacker can send an encrypted message with truncated compressed data, to generate an infinite loop in GnuPG, in order to trigger a denial of service...
Qemu: use after free via PCIe
An attacker can use a freed memory area in PCIe of Qemu, in order to trigger a denial of service, and possibly to execute code...
LibreOffice: macro execution
An attacker can invite the victim to open a malicious document with LibreOffice, in order to execute code...
Samba: two vulnerabilities
An attacker can use several vulnerabilities of Samba...
phpMyAdmin: Cross Site Scripting of Table Navigation
An attacker can trigger a Cross Site Scripting in Table Navigation of phpMyAdmin, in order to execute JavaScript code in the context of the web site...
phpMyAdmin: Cross Site Scripting of Hide Navigation
An attacker can trigger a Cross Site Scripting in the Hide Navigation feature of phpMyAdmin, in order to execute JavaScript code in the context of the web site...
WordPress: Cross Site Request Forgery of wp-comments-post.php
An attacker can trigger a Cross Site Request Forgery in wp-comments-post.php of WordPress, in order to force the victim to perform operations...
Symantec PGP Desktop, Encryption Desktop: file manipulation on OS X
A local attacker can alter a file of Symantec PGP Desktop or Encryption Desktop installed on OS X, in order to create a file or to change permissions...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 445 446 447 448 449 450 451 452 453 455 457 458 459 460 461 462 463 464 465 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020