The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Akeeba Backup for WordPress and Joomla: information disclosure
An attacker can send many requests of backups access to Akeeba Backup, in order to retrieve the authentication secret...
WordPress All in One SEO Pack: Cross Site Scripting of /wp-admin/post.php
An attacker can trigger a Cross Site Scripting in /wp-admin/post.php of WordPress All in One SEO Pack, in order to execute JavaScript code in the context of the web site...
Drupal Marketo MA: Cross Site Scripting of titles
An attacker can trigger a Cross Site Scripting in some titles of Drupal Marketo MA, in order to execute JavaScript code in the context of the web site...
Drupal Site Banner: Cross Site Scripting of settings
An attacker can trigger a Cross Site Scripting in the settings of Drupal Site Banner, in order to execute JavaScript code in the context of the web site...
Drupal Social Stats: Cross Site Scripting of configuration
An attacker can trigger a Cross Site Scripting in the configuration of Drupal Social Stats, in order to execute JavaScript code in the context of the web site...
Drupal RedHen CRM: Cross Site Scripting of redhen_dedup
An attacker can trigger a Cross Site Scripting in redhen_dedup of Drupal RedHen CRM, in order to execute JavaScript code in the context of the web site...
Panda Security: buffer overflow of PavTPK.sys
An attacker can generate a buffer overflow in PavTPK.sys of Panda Security, in order to trigger a denial of service, and possibly to execute code with the kernel privilege level...
Embarcadero Delphi: buffer overflow of VCL
An attacker can generate a buffer overflow in the VCL library of Embarcadero Delphi, in order to trigger a denial of service, and possibly to execute code...
FortiNet FortiGate: buffer overflow of FortiManager Service
An attacker can generate a buffer overflow of FortiNet FortiGate FortiManager Service, in order to trigger a denial of service, and possibly to execute code...
WordPress Mobile Pack: retrieval of protected posts
An attacker can retrieve password protected articles managed by WordPress Mobile Pack...
WordPress Mobiloud: several Cross Site Scripting
An attacker can trigger Cross Site Scripting of WordPress Mobiloud, in order to execute JavaScript code in the context of the web site...
WordPress Disqus Comment System: Cross Site Request Forgery
An attacker can trigger Cross Site Request Forgeries of WordPress Disqus Comment System, in order to force the victim to perform operations...
Asterisk: buffer overflow of __ast_string_field_ptr_build_va
An attacker can generate a buffer overflow in __ast_string_field_ptr_build_va of Asterisk, in order to trigger a denial of service, and possibly to execute code...
WebSphere AS 8.5: multiple vulnerabilities
An attacker can use several vulnerabilities of IBM WebSphere AS 8.5...
WordPress wp-source-control: directory traversal in downloadfiles/download.php
An attacker can traverse directories in downloadfiles/download.php of WordPress wp-source-control, in order to read a file outside the service root path...
Cisco NX-OS: VLAN identifier retrieval via SNMP
An attacker can query the SNMP server of Cisco NX-OS, in order to get valid VLAN identifiers...
WordPress Efence: Cross Site Scripting of callback.php
An attacker can trigger a Cross Site Scripting in callback.php of WordPress Efence, in order to execute JavaScript code in the context of the web site...
IBM AIX: denial of service via "Transactional Memory "
An attacker can use vector operations within a transaction, in order to trigger a denial of service...
WordPress Cakifo: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Cakifo, in order to execute JavaScript code in the context of the web site...
phpMyAdmin: several Cross Site Scripting
An attacker can trigger a Cross Site Scripting of phpMyAdmin, in order to execute JavaScript code in the context of the web site...
Apache HttpComponents HttpClient: erroneous certificate validation
An attacker can create an SSL certificate which will be wrongly validated by Apache HttpComponents HttpClient, in order to capture traffic and bypass encryption...
FFmpeg: buffer overflow of proresenc_kostya.c
An attacker can generate a buffer overflow in proresenc_kostya.c of Ffmpeg, in order to trigger a denial of service, and possibly to execute code...
RiverBed Stingray Traffic Manager: Cross Site Scripting of locallog.cgi
An attacker can trigger a Cross Site Scripting in locallog.cgi of RiverBed Stingray Traffic Manager, in order to execute JavaScript code in the context of the web site...
IBM TSM Client: privilege escalation via SetUID
A local attacker can create a malicious library, which is loaded by a suid program of IBM TSM Client, in order to escalate his privileges...
IBM TSM for Space Management: read-write access via Backup-Archive
An attacker can bypass access restrictions of IBM TSM for Space Management files, in order to read or alter data...
IBM TSM Client: buffer overflow of GUI
An attacker can generate a buffer overflow in the GUI of IBM TSM Client, in order to trigger a denial of service...
Xen: denial of service via log_dirty
A local attacker can manipulate the memory of a HVM Xen guest system, in order to trigger a denial of service...
WordPress ck-and-syntaxhighlighter: file upload
An attacker can upload a malicious file on WordPress ck-and-syntaxhighlighter, in order for example to upload a Trojan...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 454 455 456 457 458 459 460 461 462 464 466 467 468 469 470 471 472 473 474 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020