The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Joomla MijoSEF: SQL injection
An attacker can use a SQL injection of Joomla MijoSEF, in order to read or alter data...
Cisco ASR901: denial of service BGP
An attacker can send speciallt crafted IPv4 packets to a Cisco ASR901 router, in order to disturb BGP exchanges and so trigger a denial of service...
ProcessOne ejabberd: information disclosure via TLS bypas
An attacker can make ProcessOne ejabberd use unencrypted communications, in order to obtain sensitive information...
WordPress Flash Player: SQL injection
An attacker can use a SQL injection of WordPress Flash Player, in order to read or alter data...
WordPress HT-Poi: file upload
An attacker can upload a malicious file on WordPress HT-Poi, in order for example to upload a Trojan...
WordPress gallery-bank: file upload
An attacker can upload a malicious file on WordPress gallery-bank, in order for example to upload a Trojan...
WordPress Download Manager: directory traversal
An attacker can traverse directories of WordPress Download Manager, in order to read a file outside the service root path...
WordPress Count-per-Day: file upload
An attacker can upload a malicious file on WordPress Count-per-Day, in order for example to upload a Trojan...
Linux kernel: multiple vulnerabilities of KVM
An attacker can use several vulnerabilities of KVM of the Linux kernel...
Cisco IOS, XE: denial of service via CFM
An attacker can send a malicious CFM packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
Linux kernel: denial of service via QEMU/KVM emulation
An attacker can use several vulnerabilities of KVM/QEMU, in order to trigger an host kernel panic...
SAP NetWeaver: denial of service via POST
An attacker can send a malicious POST query to SAP NetWeaver, in order to trigger a denial of service...
SAP NetWeaver HTTPd: denial of service via POST
An attacker can send a malicious POST query to SAP NetWeaver HTTPd, in order to trigger a denial of service...
SAP NetWeaver AS Java: external XML entity injection
An attacker can transmit malicious XML data to SAP NetWeaver AS Java, in order to read a file, scan sites, or trigger a denial of service...
SAProuter: integer overflow
An attacker can generate an integer overflow of SAProuter, in order to trigger a denial of service...
SAP HANA: SQL injection of metadata.xsjs
An attacker can use a SQL injection in metadata.xsjs of SAP HANA, in order to read or alter data...
Joomla Creative Contact Form: file upload
An attacker can upload a malicious file on Joomla Creative Contact Form, in order for example to upload a Trojan...
WordPress Sexy Contact Form: file upload
An attacker can upload a malicious file on WordPress Sexy Contact Form, in order for example to upload a Trojan...
WordPress CP Multi View Event Calendar: SQL injection
An attacker can use a SQL injection of WordPress CP Multi View Event Calendar, in order to read or alter data...
VMware vSphere Data Protection: information disclosure via Java
An attacker can use the Java API of Vmware vSphere Data Protection, in order to obtain sensitive information...
Apple QuickTime: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple QuickTime...
Mulesoft Mule ESB: code execution
An attacker can inject Java code into the management console of Mulesoft Mule ESB, in order to, for instance, raise his privileges...
Drupal Document: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Document, in order to execute JavaScript code in the context of the web site...
Drupal Ubercart: Cross Site Scripting of administration links
An attacker can trigger a Cross Site Scripting in some administration links of Drupal Ubercart, in order to execute JavaScript code in the context of the web site...
Drupal Bad Behavior: getting secrets from log files
A local attacker can get user names and passwords from the log files of Drupal Bad Behavior...
EMC NetWorker: information disclosure via NMMEDI
An attacker can use NMMEDI (Module for MEDITECH) of EMC NetWorker, in order to obtain sensitive information...
EMC Avamar: information disclosure
An attacker can use the Java API of EMC Avamar, in order to retrieve credentials of accounts MCUser et GSAN for monitored systems...
EMC Avamar: vulnerability of Password Storage
An attacker can use a brute force attack, in order to guess EMC Avamar passwords...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 465 466 467 468 469 470 471 472 473 475 477 478 479 480 481 482 483 484 485 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1023