The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco NX-OS: filtering bypassing because of packet logging
An attacker can send a large amount of redundant packets to Cisco NX-OS, in order to bypass the filtering rules...
nginx: injection of SMTP commands though an SSL tunnel
An attacker who is able to capture and inject network traffic can insert SMTP commands into the nginx 's proxy, for instance in order to retrieve secret data...
WordPress Gmedia Gallery: file upload
An attacker can upload a malicious file on WordPress Gmedia Gallery, in order for example to upload a Trojan...
Splunk Enterprise: two vulnerabilities
An attacker can use two vulnerabilities of Splunk Enterprise...
IBM Security Directory Server: privilege escalation via the embedded WAS
An attacker can exploit the installation script of the embedded WAS of IBM Security Directory Server, in order to escalate his privileges...
Symantec Endpoint Protection: buffer overflow of sysplant
An attacker can generate a buffer overflow in sysplant of Symantec Endpoint Protection, in order to trigger a denial of service, and possibly to execute code...
Drupal Superfish: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Superfish, in order to execute JavaScript code in the context of the web site...
WordPress Plugin SI CAPTCHA Anti-Spam: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of SI CAPTCHA Anti-Spam for WordPress, in order to execute JavaScript code in the context of the web site...
WordPress Spider Video Player plugin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Spider Video Player plugin, in order to execute JavaScript code in the context of the web site...
WordPress MyBand Theme: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress MyBand Theme, in order to execute JavaScript code in the context of the web site...
Microsoft Exchange: information disclosure
An attacker can user the "Client Access Server of Microsoft Exchange, in order to obtain sensitive information...
Samba: buffer overflow of nmbd
An attacker can generate a buffer overflow in nmbd of Samba, in order to trigger a denial of service, and possibly to execute code with administrator privileges...
Wireshark: four denials of service via the protocol dissectors
An attacker can trigger a fault in some dissectors, in order to trigger a denial of service or mask illicit network traffic...
GnuPG: buffer overflow of gpgme
An attacker can generate a buffer overflow in gpgme of GnuPG, in order to trigger a denial of service, and possibly to execute code...
Drupal Storage API: unsafe configuration
An attacker can upload a malicious file on Drupal Storage API, in order for example to upload a Trojan...
Drupal Date: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Drupal Date, in order to execute JavaScript code in the context of the web site...
WordPress WhyDoWork AdSense: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WhyDoWork AdSense, in order to execute JavaScript code in the context of the web site...
Joomla Kunena Forum: Cross Site Scripting
An attacker can trigger Cross Site Scripting of Joomla Kunena Forum, in order to execute JavaScript code in the context of the web site...
Joomla Kunena Forum: SQL injection
An attacker can use SQL injections of Joomla Kunena Forum, in order to read or alter data...
WordPress Slider Revolution Responsive: directory traversal
An attacker can traverse directories in Slider Revolution Responsive of WordPress, in order to read a file outside the service root path. By reading the wp-config.php file, the site can then be compromised...
WordPress Lead-Octopus-Power: SQL injection
An attacker can use a SQL injection in Lead-Octopus-Power of WordPress, in order to read or alter data...
WordPress FBGorilla: SQL injection
An attacker can use a SQL injection in FBGorilla of WordPress, in order to read or alter data...
Cisco Prime Data Center Network Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Prime Data Center Network Manager, in order to execute JavaScript code in the context of the web site...
Linux kernel: memory corruption via ptrace
An attacker can write into the Linux kernel memory, in order to trigger a denial of service, and possibly to run code with kernel privileges...
rsync: file not synchronized via MD5 collisions
A local attacker can trigger MD5 collisions in rsync, in order to prevent file synchronization...
WordPress My Calendar: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress My Calendar, in order to execute JavaScript code in the context of the web site...
McAfee Network Security Manager: Cross Site Request Forgery of User Management
An attacker can trigger a Cross Site Request Forgery in User Management of McAfee Network Security Manager, in order to change user accounts...
Cacti: Cross Site Scripting of utilities.php
An attacker can trigger a Cross Site Scripting in utilities.php of Cacti, in order to execute JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 451 452 453 454 455 456 457 458 459 461 463 464 465 466 467 468 469 470 471 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1047