The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: denial of service via F_SETFL and O_DIRECT
A local attacker can manipulate F_SETFL and O_DIRECT on the Linux kernel, in order to trigger a denial of service...
WebSphere MQ: bad filtering of CHLAUTH
An attacker can bypass CHLAUTH rules of IBM WebSphere MQ, in order to access to the service...
Linux kernel: denial of service via do_umount
An attacker can unmount a file system on the Linux kernel, in order to trigger a denial of service...
HP Operations Manager for UNIX: code execution
An attacker can use a vulnerability of HP Operations Manager for UNIX, in order to execute code...
Linux kernel: infinite loop of pivot_root
An attacker can generate an infinite loop in the pivot_root() function of the Linux kernel, in order to trigger a denial of service...
Drupal OAuth2 Client: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal OAuth2 Client, in order to execute JavaScript code in the context of the web site...
Drupal Nodeaccess: privilege escalation
An authenticated attacker can use Drupal Nodeaccess, in order to edit nodes...
ArubaOS: privilege escalation via SSH
An attacker can use SSH of ArubaOS, in order to escalate his privileges...
Cisco IPS: infinite loop of MainApp
An attacker can use an incorrect authentication, to generate an infinite loop in MainApp of Cisco IPS, in order to trigger a denial of service...
Junos: multiple vulnerabilities
An attacker can use several vulnerabilities of Junos...
JunosE: denial of service via ICMP
An attacker can send a malicious ICMP packet to JunosE, in order to trigger a denial of service...
Cisco ASA: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco ASA...
OpenSSH: access to /proc via SFTP
An authenticated attacker can read the /proc/self/maps file via SFTP of OpenSSH, in order to obtain sensitive information, or he can also write in the /proc/self/mem file to alter the memory content...
Cisco ASA: denial of service via SSL VPN and SharePoint
An attacker can use SharePoint via the SSL VPN of Cisco ASA, in order to trigger a denial of service...
Magento Enterprise Edition: CSV file upload
A privileged attacker can upload a malicious PHP.CSV file on Magento Enterprise Edition, in order to execute code...
Cisco IOS XR: bypassing ACL via compression
An attacker can bypass ACLs of Cisco IOS XR which use ranges, in order to access to a service which should be filtered...
Cisco ASA: information disclosure via Software Version
An attacker can use the SSL VPN to read the software version of Cisco ASA, in order to obtain sensitive information...
WordPress BulletProof Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress BulletProof Security, in order to execute JavaScript code in the context of the web site...
QEMU: NULL pointer dereference via sosendto
A local attacker can force a NULL pointer to be dereferenced in the sosendto() function of QEMU, in order to trigger a denial of service...
libvirt: denial of service via virConnectListAllDomains
An attacker can lock the virConnectListAllDomains() function of libvirt, in order to trigger a denial of service...
HP Data Protector: two vulnerabilities
An attacker can use several vulnerabilities of HP Data Protector...
Internet Explorer: use after free via Script Debugging
An attacker can force the usage of a freed memory area in Script Debugging of Internet Explorer, in order to trigger a denial of service, and possibly to execute code...
RSYSLOG: integer overflow of PRI
An attacker can generate an integer overflow via PRI in RSYSLOG, in order to trigger a denial of service, and possibly to execute code...
phpMyAdmin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of phpMyAdmin, in order to execute JavaScript code in the context of the web site...
Linux kernel: predictability of net_get_random_once
An attacker can predict randoms of features using the net_get_random_once() function of the Linux kernel, in order to spoof a network session...
WordPress Content Audit: SQL injection
An attacker can use a SQL injection of WordPress Content Audit, in order to read or alter data...
Splunk Enterprise: multiple vulnerabilities
An attacker can use several vulnerabilities of Splunk Enterprise...
Joomla: denial of service
An attacker can use Joomla, in order to trigger a denial of service...
Akeeba Backup: code execution via restore.php
An attacker can use restore.php of Akeeba Backup, in order to execute code...
Xen: information disclosure via x2APIC
A local attacker can read a memory fragment via x2APIC of Xen, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 462 463 464 465 466 467 468 469 470 472 474 475 476 477 478 479 480 481 482 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020