The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Refraction: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Refraction, in order to execute JavaScript code in the context of the web site...
WordPress All In One WordPress Firewall: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress All In One WordPress Firewall, in order to execute JavaScript code in the context of the web site...
RSYSLOG: integer overflow of PRI
An attacker can generate an integer overflow via PRI in RSYSLOG, in order to trigger a denial of service, and possibly to execute code...
WordPress Users Ultra Plugin: SQL injection
An attacker can use a SQL injection of WordPress Users Ultra Plugin, in order to read or alter data...
Adobe Acrobat: Cross Site Scripting of Help Page
An attacker can trigger a Cross Site Scripting in the Help Page of Adobe Acrobat, in order to execute JavaScript code in the context of the web site...
WordPress Infusionsoft Gravity Forms: file upload
An attacker can upload a malicious file on WordPress Infusionsoft Gravity Forms, in order for example to upload a Trojan...
Linux kernel: multiple vulnerabilities of Ceph
An attacker can use several vulnerabilities of the Ceph support by the Linux kernel...
WordPress N-Media: file upload
An attacker can upload a malicious file on WordPress N-Media, in order for example to upload a Trojan...
bash: command execution in the function parser
An attacker can define a special environment variable, which is transmitted (via CGI or OpenSSH for example) to bash, in order to execute code...
bash: memory corruption in the function parser
An attacker can define a special environment variable, which is transmitted (via CGI or OpenSSH for example) to bash, in order to execute code...
bash: two denial of service
An attacker can use several vulnerabilities of bash...
libvirt: unreachable memory reading via qemuDomainGetBlockIoTune
An attacker can force a read at an invalid address in qemuDomainGetBlockIoTune() of libvirt, in order to trigger a denial of service...
TYPO3 JobControl: two vulnerabilities
An attacker can use several vulnerabilities of TYPO3 JobControl...
Joomla JDownloads: file upload
An attacker can upload a malicious file on Joomla JDownloads, in order for example to upload a Trojan...
Joomla HikaShop/HikaMarket: code execution
An attacker can use Joomla HikaShop, in order to execute code...
WordPress WP Google Maps: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Google Maps, in order to execute JavaScript code in the context of the web site...
WordPress MaxButtons: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress MaxButtons, in order to execute JavaScript code in the context of the web site...
Perl: denial of service via Data-Dumper
When an attacker can provide a complex data structure to Perl Data::Dumper(), he can thus trigger a denial of service...
Drupal Safeword: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Safeword, in order to execute JavaScript code in the context of the web site...
Drupal Webform Patched: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Webform Patched, in order to execute JavaScript code in the context of the web site...
Drupal Twilio: information disclosure
An attacker can use of Drupal Twilio, in order to obtain sensitive information...
Drupal Services: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Services, in order to execute JavaScript code in the context of the web site...
Cisco IOS, XE: denial of service via SIP
An attacker can send a malicious SIP packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
Cisco IOS, XE: denial of service via RSVP
An attacker can send a malicious RSVP packet to Cisco IOS, XE, in order to trigger a denial of service...
Cisco IOS: denial of service via SIP NAT
An attacker can send a malicious SIP NAT packet to Cisco IOS, in order to trigger a denial of service...
Cisco IOS: two vulnerabilities of RSVP Metadata
An attacker can use several vulnerabilities of RSVP of Cisco IOS...
Cisco IOS: two vulnerabilities of mDNS
An attacker can use several vulnerabilities of mDNS of Cisco IOS...
Cisco IOS, XE: denial of service via DHCPv6
An attacker can send a malicious DHCPv6 packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
bash: code execution via Function Variable
An attacker can define a special environment variable, which is transmitted (via CGI or OpenSSH for example) to bash, in order to execute code...
NSS, CyaSSL, GnuTLS: bypassing the certification chain via ASN.1
An attacker can create a malicious X.509 certificate, which is accepted as valid, in order to deceive services using the RSA signature (such as SSL/TLS sessions)...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 462 463 464 465 466 467 468 469 471 473 474 475 476 477 478 479 480 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020