The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress wp-rss-poster: SQL injection
An attacker can use a SQL injection of WordPress wp-rss-poster, in order to read or alter data...
WordPress BookX: directory traversal
An attacker can traverse directories of WordPress BookX, in order to read a file outside the service root path...
SSL: revocation of CCA
The Government of India Controller of Certifying Authorities certification authority emitted certificates to spoof several Google domains...
WordPress Polldaddy Polls and Ratings: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Polldaddy Polls and Ratings, in order to execute JavaScript code in the context of the web site...
Cisco ASA: infinite loop of Filter Inspect
When the Filter and Inspect features are enabled, an attacker can generate an infinite loop in Cisco ASA, in order to trigger a denial of service...
glibc: directory traversal of Locale
An attacker can traverse directories with a special Locale path sent to an application compiled for the glibc, in order to read a file located outside the Locales directory for example...
X.Org: directory traversal of Intel backlight_helper
An attacker can traverse directories via Intel backlight_helper of X.Org, in order to read a file with root privileges...
Cisco Unified Communications Manager: directory traversal of RTMT
An attacker can traverse directories in RTMT of Cisco Unified Communications Manager, in order to read a file outside the service root path...
Citrix XenDesktop: privilege escalation via Pooled Random Desktop Groups
An attacker can use a Pooled Random Desktop Group of Citrix XenDesktop, in order to escalate his privileges...
Cisco Unified Communications Manager: Cross Site Scripting of DNA viewfilecontents.do
An attacker can trigger a Cross Site Scripting in DNA viewfilecontents.do of Cisco Unified Communications Manager, in order to execute JavaScript code in the context of the web site...
Cisco Unified Communications Manager: file upload via DNA
An attacker can upload a malicious file via DNA on Cisco Unified Communications Manager, in order for example to upload a Trojan...
Cisco Unified Communications Manager: denial of service via DNA
An attacker can delete files via DNA of Cisco Unified Communications Manager, in order to trigger a denial of service...
Cisco Unified Communications Manager: directory traversal of /dna/viewfilecontents.do
An attacker can traverse directories in /dna/viewfilecontents.do of Cisco Unified Communications Manager, in order to read a file outside the service root path...
Junos: denial of service via NAT IPv4/IPv6
An attacker can send a malicious IPv4 packet to SRX Series with the IPv4/IPv6 NAT enabled, in order to trigger a denial of service...
Junos: Cross Site Scripting of SRX Web Authentication
An attacker can trigger a Cross Site Scripting in SRX Web Authentication of Junos, in order to execute JavaScript code in the context of the web site...
Junos: denial of service via PIM
An attacker can send a malicious PIM packet to Junos, in order to trigger a denial of service...
Junos: denial of service via NAT IPv4/IPv6
An attacker can send a malicious IPv4 packet to SRX Series with the IPv4/IPv6 NAT enabled, in order to trigger a denial of service...
Junos: privilege escalation via CLI Command
A local attacker can use several CLI commands of Junos, in order to escalate his privileges...
Junos: denial of service via SIP ALG
An attacker can send a malicious SIP packet to SRX Series with SIP ALG enabled, in order to trigger a denial of service...
ruby-lz4: memory corruption
An attacker can generate a memory corruption of ruby-lz4, in order to trigger a denial of service, and possibly to execute code...
Drupal LoginToboggan: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal LoginToboggan, in order to execute JavaScript code in the context of the web site...
WordPress BSK PDF Manager: SQL injection
An attacker can use a SQL injection of WordPress BSK PDF Manager, in order to read or alter data...
Cisco Small Business SPA300/500 IP Phones: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Small Business SPA300/500 IP Phones, in order to execute JavaScript code in the context of the web site...
Cisco Small Business SPA300/500 IP Phones: privilege escalation
A local attacker can access to the debug interface of Cisco Small Business SPA300/500 IP Phones, in order to escalate his privileges...
Cisco IOS, IOS XE: bypassing NTP access-group
An attacker can bypass NTP access-group of Cisco IOS or IOS XE, in order to access to the NTP service...
FreeBSD: information disclosure via SCTP
A local attacker can read a memory fragment via SCTP of FreeBSD, in order to obtain sensitive information...
FreeBSD: information disclosure via Control Message
A local attacker can read a memory fragment via a Control Message of FreeBSD, in order to obtain sensitive information...
WordPress MailPoet Newsletters: vulnerability
A vulnerability of WordPress MailPoet Newsletters was announced...
Microsoft Service Bus: denial of service via AMQP
An attacker can send AMQP messages to Microsoft Service Bus for Windows Server, in order to trigger a denial of service...
Windows: privilege escalation via DirectShow
A local attacker can use DirectShow of Windows, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 448 449 450 451 452 453 454 455 456 458 460 461 462 463 464 465 466 467 468 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020