The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
PHP: two vulnerabilities of unserialize DateTimeZone
An attacker can force the usage of a freed memory area via an unserialize of DateTimeZone on PHP, in order to trigger a denial of service, and possibly to execute code. It is also possible to read a memory area...
SIMATIC STEP 7: two vulnerabilities
An attacker can use several vulnerabilities of SIMATIC STEP 7...
WebSphere AS 8.0: multiple vulnerabilities
An attacker can use several vulnerabilities of WebSphere AS 8.0...
TYPO3 Gridelements: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Gridelements, in order to execute JavaScript code in the context of the web site...
Cisco ASA: access to a Tunnel Group
An authenticated attacker can bypass the Tunnel Group restriction of Cisco ASA, in order to escalate his privileges...
Cisco ASR 5000 System Architecture Evolution Gateway: infinite loop of SNMP
An attacker can generate an infinite loop in Cisco ASR 5000 System Architecture Evolution Gateway, in order to trigger a denial of service...
WordPress Image Metadata Cruncher: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Image Metadata Cruncher, in order to execute JavaScript code in the context of the web site...
SIMATIC WinCC: two vulnerabilities
An attacker can use several vulnerabilities of SIMATIC WinCC...
SIMATIC STEP 7: two vulnerabilities
An attacker can use several vulnerabilities of SIMATIC STEP 7...
IBM TSM: privilege escalation via Race Condition
A local attacker can use the IBM TSM Unix/Linux client, in order to escalate his privileges...
Joomla Gallery WD: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla Gallery WD, in order to execute JavaScript code in the context of the web site...
WordPress Fusion: file upload
An attacker can upload a malicious file on WordPress Fusion, in order for example to upload a Trojan...
GnuPG: two vulnerabilities
An attacker can use several vulnerabilities of GnuPG...
libflac: NULL pointer dereference via read_metadata_vorbiscomment
An attacker can force a NULL pointer to be dereferenced in read_metadata_vorbiscomment() of libflac, in order to trigger a denial of service...
Perl Gtk2: memory corruption via list_devices
An attacker can generate a memory corruption in list_devices() of Perl Gtk2, in order to trigger a denial of service, and possibly to execute code...
libflac: three vulnerabilities
An attacker can use several vulnerabilities of libflac...
Linux kernel: weakness of ASLR via randomize_stack_top
An attacker can use a weakness of ASLR of the Linux kernel, in order to more easily guess a stack address...
glibc: two vulnerabilities of strxfrm
An attacker can use several vulnerabilities of strxfrm of glibc...
WordPress Survey & Poll: SQL injection
An attacker can use a SQL injection of WordPress Survey & Poll, in order to read or alter data...
procmail: two buffer overflows
An attacker can use several vulnerabilities of procmail...
procmail: file reading via TZ
A local attacker can set the TZ environment variable before sending an email calling procmail, in order to force the opening of a file, or a denial of service if this file is blocking...
Xen: denial of service via GICD_SGIR
An attacker in a guest system can set the GICD_SGIR register on Xen, in order to trigger a denial of service...
IBM TSM for Mail Data Protection for Domino: restore backup
An attacker can use IBM TSM for Mail Data Protection for Domino, in order to corrupt an installation...
WordPress Contus Video Gallery: SQL injection
An attacker can use a SQL injection in WordPress Contus Video Gallery, in order to read or alter data...
Cisco ASA: memory leak via WebVPN
An attacker can create a memory leak in WebVPN of Cisco ASA, in order to trigger a denial of service...
Drupal Taxonomy Tools: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Taxonomy Tools, in order to execute JavaScript code in the context of the web site...
Drupal Taxonomy Path: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Taxonomy Path, in order to execute JavaScript code in the context of the web site...
Drupal Node Access Product: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Node Access Product, in order to execute JavaScript code in the context of the web site...
Drupal Commerce Balanced Payments: two vulnerabilities
An attacker can use several vulnerabilities of Drupal Commerce Balanced Payments...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 487 488 489 490 491 492 493 494 495 497 499 500 501 502 503 504 505 506 507 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013