The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Drupal Watchdog Aggregator: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Drupal Watchdog Aggregator, in order to force the victim to perform operations...
Drupal Ubercart Webform Integration: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Ubercart Webform Integration, in order to execute JavaScript code in the context of the web site...
Drupal Custom Sitemap: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Drupal Custom Sitemap, in order to force the victim to perform operations...
Drupal Spider Video Player: two vulnerabilities
An attacker can use several vulnerabilities of Drupal Spider Video Player...
Drupal Spider Contacts: two vulnerabilities
An attacker can use several vulnerabilities of Drupal Spider Contacts...
Drupal Spider Catalog: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Drupal Spider Catalog, in order to force the victim to perform operations...
Drupal inLinks Integration: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal inLinks Integration, in order to execute JavaScript code in the context of the web site...
Drupal Services single sign-on server helper: open redirect
An attacker can deceive the user of Drupal Services single sign-on server helper, in order to redirect him to a malicious site...
Drupal SMS Framework: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal SMS Framework, in order to execute JavaScript code in the context of the web site...
Drupal Entity API: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Entity API, in order to execute JavaScript code in the context of the web site...
MAGento Mass Importer: two vulnerabilities
An attacker can use several vulnerabilities of MAGento Mass Importer...
Xen: denial of service via ARM VGIC
An attacker in a guest system can generate numerous errors on ARM VGIC of Xen, in order to trigger a denial of service by filling log files...
WordPress Event Calendar: SQL injection
An attacker can use a SQL injection of WordPress Event Calendar, in order to read or alter data...
WordPress WP SlimStat: SQL injection
An attacker can use a SQL injection of WordPress WP SlimStat, in order to read or alter data...
Splunk Enterprise: denial of service via HTTP
An attacker can send a malicious HTTP query to Splunk Enterprise, in order to trigger a denial of service...
FreeBSD: unreachable memory reading via vt
A local attacker can force a read at an invalid address with a vt of FreeBSD, in order to trigger a denial of service...
FreeBSD: buffer overflow of IGMPv3
An attacker can generate an integer overflow by sending an IGMPv3 packet to FreeBSD, in order to trigger a denial of service, and possibly to execute code...
Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox, Thunderbird and SeaMonkey...
IBM TSM: encryption key disclosure
An attacker can decrypt IBM TSM backups, in order to obtain sensitive information...
Linux kernel: buffer overflow of splice
An attacker can generate a buffer overflow in splice() of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
WordPress Rock Form Builder: privilege escalation via rockthemes_fb_save
An attacker can use the rockthemes_fb_save action of WordPress Rock Form Builder, in order to escalate his privileges...
WordPress Gallery Bank Responsive Photo Gallery: SQL injection
An attacker can use a SQL injection of WordPress Gallery Bank Responsive Photo Gallery, in order to read or alter data...
MIT krb5: two vulnerabilities via krb5_read_message
An attacker can force two errors due to the krb5_read_message() function of MIT krb5, in order to trigger a denial of service...
Cisco ESA, SMA, WSA: HTTP redirect
An attacker can deceive the user of Cisco ESA, SMA, or WSA, in order to redirect him to a malicious site...
Cisco IPS: denial of service via HTTPS Key Regeneration
An attacker can send a query to the web management interface of Cisco IPS, during the HTTPS Key Regeneration phase, in order to trigger a denial of service...
Squid: HTTP header injection
An attacker can inject HTTP headers in Squid, in order to inject or read data...
WordPress ADPlugg: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress ADPlugg, in order to execute JavaScript code in the context of the web site...
Samba: use after free via NetLogon
An unauthenticated attacker can force the usage of a freed memory area in NetLogon of Samba, in order to trigger a denial of service, and possibly to execute code with root privileges...
Linux kernel: denial of service via ext4_zero_range
An attacker can force an assertion error in the ext4_zero_range() function of the Linux kernel, in order to trigger a denial of service...
Linux kernel: information disclosure via rds_sysctl_rds_table
A local attacker can read a memory fragment of llc2_timeout_table of the Linux kernel, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 489 490 491 492 493 494 495 496 497 499 501 502 503 504 505 506 507 508 509 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022