The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: NULL pointer dereference via sctp_assoc_update
An attacker can dereference a NULL pointer in sctp_assoc_update of the Linux kernel, in order to trigger a denial of service...
PHP: use after free via SPL Iterators
A local attacker can use a freed memory area in SPL Iterators of PHP, in order to trigger a denial of service, and possibly to execute code...
SIMATIC WinCC: multiple vulnerabilities
An attacker can use several vulnerabilities of SIMATIC WinCC...
Apple QuickTime: memory corruption via MVHD
An attacker can generate a memory corruption via MVHD fields of an Apple QuickTime file, in order to trigger a denial of service, and possibly to execute code...
HP Data Protector: multiple vulnerabilities of crs.exe
An attacker can use several vulnerabilities of crs.exe of HP Data Protector...
Linux kernel: use after free via VFS Symlink
An attacker can use a freed memory area in VFS via a Symlink, in order to trigger a denial of service in the Linux kernel, and possibly to execute code...
Drupal Freelinking: information disclosure
An attacker can use Drupal Freelinking, in order to obtain sensitive information...
Cisco IOS XR: denial of service via NetFlow
An attacker can send IPv4 or IPv6 ill formed packets to NetFlow of Cisco IOS XR, in order to trigger a denial of service...
Apache httpd: NULL pointer dereference via mod_cache
An attacker can dereference a NULL pointer in mod_cache of Apache httpd, in order to trigger a denial of service...
WordPress DW Question and Answer: read-write access
An attacker can bypass access restrictions of WordPress DW Question and Answer, in order to read or alter data...
NSS: multiple vulnerabilities
An attacker can use several vulnerabilities of NSS...
Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox, Thunderbird and SeaMonkey...
Exim: code execution via Double Expansion
A local attacker can edit a configuration file he has access to, in order to execute code with Exim privileges...
WordPress Gallery Objects: SQL injection
An attacker can use a SQL injection of WordPress Gallery Objects, in order to read or alter data...
Apache Xerces Java: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
Apache Xerces-C++: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
CUPS: privilege escalation via RSS
An attacker, member of the lp group, can create a symbolic link, and then read the RSS feed of CUPS, in order to escalate his privileges...
Nessus Web UI: information disclosure via server/properties
An attacker can access to /server/properties of Nessus Web UI, in order to obtain sensitive information...
MIT krb5: denial of service of GSSAPI
An attacker can use several vulnerabilities of MIT krb5...
Windows XP, 2003: vulnerabilities of drivers
An attacker can use two vulnerabilities of Windows drivers...
syslog-ng: memory leak
An attacker can create a memory leak of syslog-ng, in order to trigger a denial of service...
KAuth: privilege escalation via UnixProcess
A local attacker can bypass the KAuth authentication, in order to escalate his privileges...
Cacti: Cross Site Scripting of Item Names
An attacker can trigger a Cross Site Scripting in Item Names of Cacti, in order to execute JavaScript code in the context of the web site...
CUPS: privilege escalation via RSS
An attacker, member of the lp group, can create a symbolic link, and then read the RSS feed of CUPS, in order to escalate his privileges...
phpMyAdmin: multiple vulnerabilities
An attacker can use several vulnerabilities of phpMyAdmin...
McAfee Web Gateway: password hash disclosure
An attacker, who is allowed to see the Accounts tab, can obtain the hash of administrators' passwords of McAfee Web Gateway, in order to perform a brute force...
bozohttpd: information disclosure
An attacker can bypass access restrictions in bozohttpd, in order to obtain sensitive information...
Apache httpd: denial of service via mod_cgid
An attacker, who is allowed to upload a malicious CGI script on the server, can block mod_cgid of Apache httpd, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 450 451 452 453 454 455 456 457 458 460 462 463 464 465 466 467 468 469 470 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022