History of vulnerabilities analyzed by Vigil@nce: Cisco NX-OS: filtering bypassing because of packet logging An attacker can send a large amount of redundant packets to Cisco NX-OS, in order to bypass the filtering rules... nginx: injection of SMTP commands though an SSL tunnel An attacker who is able to capture and inject network traffic can insert SMTP commands into the nginx 's proxy, for instance in order to retrieve secret data... WordPress Gmedia Gallery: file upload An attacker can upload a malicious file on WordPress Gmedia Gallery, in order for example to upload a Trojan... Splunk Enterprise: two vulnerabilities An attacker can use two vulnerabilities of Splunk Enterprise... IBM Security Directory Server: privilege escalation via the embedded WAS An attacker can exploit the installation script of the embedded WAS of IBM Security Directory Server, in order to escalate his privileges... Symantec Endpoint Protection: buffer overflow of sysplant An attacker can generate a buffer overflow in sysplant of Symantec Endpoint Protection, in order to trigger a denial of service, and possibly to execute code... Drupal Superfish: Cross Site Scripting An attacker can trigger a Cross Site Scripting of Drupal Superfish, in order to execute JavaScript code in the context of the web site... WordPress Plugin SI CAPTCHA Anti-Spam: Cross Site Scripting An attacker can trigger a Cross Site Scripting of SI CAPTCHA Anti-Spam for WordPress, in order to execute JavaScript code in the context of the web site... WordPress Spider Video Player plugin: Cross Site Scripting An attacker can trigger a Cross Site Scripting of WordPress Spider Video Player plugin, in order to execute JavaScript code in the context of the web site... WordPress MyBand Theme: Cross Site Scripting An attacker can trigger a Cross Site Scripting of WordPress MyBand Theme, in order to execute JavaScript code in the context of the web site... Microsoft Exchange: information disclosure An attacker can user the "Client Access Server of Microsoft Exchange, in order to obtain sensitive information... Samba: buffer overflow of nmbd An attacker can generate a buffer overflow in nmbd of Samba, in order to trigger a denial of service, and possibly to execute code with administrator privileges... Wireshark: four denials of service via the protocol dissectors An attacker can trigger a fault in some dissectors, in order to trigger a denial of service or mask illicit network traffic... GnuPG: buffer overflow of gpgme An attacker can generate a buffer overflow in gpgme of GnuPG, in order to trigger a denial of service, and possibly to execute code... Drupal Storage API: unsafe configuration An attacker can upload a malicious file on Drupal Storage API, in order for example to upload a Trojan... Drupal Date: Cross Site Scripting An attacker can trigger a Cross Site Scripting in Drupal Date, in order to execute JavaScript code in the context of the web site... WordPress WhyDoWork AdSense: Cross Site Scripting An attacker can trigger a Cross Site Scripting of WordPress WhyDoWork AdSense, in order to execute JavaScript code in the context of the web site... Joomla Kunena Forum: Cross Site Scripting An attacker can trigger Cross Site Scripting of Joomla Kunena Forum, in order to execute JavaScript code in the context of the web site... Joomla Kunena Forum: SQL injection An attacker can use SQL injections of Joomla Kunena Forum, in order to read or alter data... WordPress Slider Revolution Responsive: directory traversal An attacker can traverse directories in Slider Revolution Responsive of WordPress, in order to read a file outside the service root path. By reading the wp-config.php file, the site can then be compromised... WordPress Lead-Octopus-Power: SQL injection An attacker can use a SQL injection in Lead-Octopus-Power of WordPress, in order to read or alter data... WordPress FBGorilla: SQL injection An attacker can use a SQL injection in FBGorilla of WordPress, in order to read or alter data... Cisco Prime Data Center Network Manager: Cross Site Scripting An attacker can trigger a Cross Site Scripting of Cisco Prime Data Center Network Manager, in order to execute JavaScript code in the context of the web site... Linux kernel: memory corruption via ptrace An attacker can write into the Linux kernel memory, in order to trigger a denial of service, and possibly to run code with kernel privileges... rsync: file not synchronized via MD5 collisions A local attacker can trigger MD5 collisions in rsync, in order to prevent file synchronization... WordPress My Calendar: Cross Site Scripting An attacker can trigger a Cross Site Scripting of WordPress My Calendar, in order to execute JavaScript code in the context of the web site... McAfee Network Security Manager: Cross Site Request Forgery of User Management An attacker can trigger a Cross Site Request Forgery in User Management of McAfee Network Security Manager, in order to change user accounts... Cacti: Cross Site Scripting of utilities.php An attacker can trigger a Cross Site Scripting in utilities.php of Cacti, in order to execute JavaScript code in the context of the web site... Previous page Next pageDirect access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1047