The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Fancybox for WordPress: SQL injection
An attacker can use a SQL injection of WordPress Fancybox for WordPress, in order to read or alter data...
Fine Free file: unreachable memory reading via ELF
An attacker can force Fine Free file to analyze a malicious ELF file, in order to trigger a denial of service...
Fine Free file: unreachable memory reading via Pascal
An attacker can force Fine Free file to analyze a malicious Pascal file, in order to trigger a denial of service...
Drupal Path Breadcrumbs: information disclosure
An attacker can use Drupal Path Breadcrumbs, in order to obtain sensitive information...
Drupal Facebook Album Fetcher: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Facebook Album Fetcher, in order to execute JavaScript code in the context of the web site...
Drupal Public Download Count: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Public Download Count, in order to execute JavaScript code in the context of the web site...
Drupal Ajax Timeline: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Ajax Timeline, in order to execute JavaScript code in the context of the web site...
Drupal Commerce WeDeal: open redirect
An attacker can deceive the user of Drupal Commerce WeDeal, in order to redirect him to a malicious site...
GNU patch: infinite loop via Nul
An attacker can create a malicious patch file, to generate an infinite loop in patch, in order to trigger a denial of service...
NTP.org: two vulnerabilities
An attacker can use several vulnerabilities of NTP.org...
WordPress UpdraftPlus: privilege escalation
An attacker can use WordPress UpdraftPlus, in order to escalate his privileges...
PHP: integer overflow of calendar Julian Day Count
An attacker can generate an integer overflow in the calendar extension of PHP, in order to trigger a denial of service...
Cisco Unified IP Phone: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco Unified IP Phone...
glibc: denial of service via swscanf
An attacker can consume too many memory in the swscanf() function of the glibc, in order to trigger a denial of service...
glibc: buffer overflow of swscanf
An attacker can generate a buffer overflow in swscanf() of the glibc, in order to trigger a denial of service, and possibly to execute code...
MIT krb5: multiple vulnerabilities
An attacker can use several vulnerabilities of MIT krb5...
IBM TSM: privilege escalation via DSO
A local attacker can load a library before the usage of IBM TSM, in order to escalate his privileges...
WordPress Quasar: privilege escalation
An authenticated attacker can use WordPress Quasar, in order to escalate his privileges...
Cisco AnyConnect Secure Mobility Client: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco AnyConnect Secure Mobility Client, in order to execute JavaScript code in the context of the web site...
Linux kernel: denial of service via IPv4 Forward
An attacker located on the same subnet can request the transfer of numerous IPv4 packets through the Linux kernel, in order to trigger a denial of service...
vsftpd: bypassing deny_hosts
An attacker can bypass the deny_hosts directive of vsftpd, in order to access to forbidden files...
IE: Cross Site Scripting via Frame and Redirect
An attacker can trigger a Cross Site Scripting in Internet Explorer via a Frame and a Redirect, in order to execute JavaScript code in the context of the web site...
Adobe Flash Player: code execution
An attacker can invite the victim to display a malicious Adobe Flash Player animation, in order to execute code...
WordPress WP Ultimate CSV Importer: information disclosure
An attacker can download the database via WordPress WP Ultimate CSV Importer, in order to obtain sensitive information...
WordPress Video Player: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Video Player, in order to execute JavaScript code in the context of the web site...
WordPress Calls to Action: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Calls to Action, in order to execute JavaScript code in the context of the web site...
WordPress Revive Old Post: privilege escalation
An attacker can use WordPress Revive Old Post, in order to escalate his privileges...
IBM TSM: privilege escalation
A local attacker can generate a buffer overflow of IBM TSM, in order to trigger a denial of service, and possibly to execute code...
Cisco NX-OS: denial of service via TACACS+ Command
A local attacker can use a command requiring TACACS+ on Cisco NX-OS, in order to trigger a denial of service...
WordPress Banner Effect Header: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Banner Effect Header, in order to execute JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 484 485 486 487 488 489 490 491 492 494 496 497 498 499 500 501 502 503 504 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103