The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Websense TRITON AP-DATA: four vulnerabilities
An attacker can use several vulnerabilities of Websense TRITON AP-DATA...
Websense TRITON AP-WEB: nine vulnerabilities
An attacker can use several vulnerabilities of Websense TRITON AP-WEB...
WordPress WP All Import: three vulnerabilities
An attacker can use several vulnerabilities of WordPress WP All Import...
WordPress Live Forms Visual Form Builder: SQL injection
An attacker can use a SQL injection of WordPress Live Forms Visual Form Builder, in order to read or alter data...
WordPress Easy Coming Soon: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Easy Coming Soon, in order to execute JavaScript code in the context of the web site...
Linux kernel: buffer overflow of Intel microcode
An attacker can generate a buffer overflow with a malicious Intel microcode, in order to trigger a denial of service of the Linux kernel, and possibly to execute code...
Linux kernel: denial of service via xsaves/xrstors
An attacker can use xsaves/xrstors on the Linux kernel, in order to trigger a denial of service...
Henry Spencer regex, PHP, MySQL: buffer overflow of regcomp
An attacker can generate a buffer overflow in the regcomp() function of Henry Spencer regex, in order to trigger a denial of service, and possibly to execute code...
PHP, libzip: integer overflow of _zip_cdir_new
An attacker can generate an integer overflow in _zip_cdir_new() of PHP, in order to trigger a denial of service, and possibly to execute code...
OpenSSL: predictable random via ssl3_client_hello
An attacker can potentially guess the random used by the TLS client of OpenSSL, in order to read sensitive information...
Cisco AnyConnect Secure Mobility Client: privilege escalation via IPC
A local attacker can use an IPC of Cisco AnyConnect Secure Mobility Client, in order to escalate his privileges...
Cisco AnyConnect Secure Mobility Client: file write via IPC
A local attacker can use an IPC of Cisco AnyConnect Secure Mobility Client, in order to alter data with elevated privileges...
Cisco AnyConnect Secure Mobility Client: directory traversal of Hostscan
An attacker can traverse directories in Hostscan of Cisco AnyConnect Secure Mobility Client, in order to read a file outside the service root path...
ArcSight Logger: three vulnerabilities
An attacker can use several vulnerabilities of ArcSight Logger...
libXfont: three vulnerabilities of BDF
An attacker can use several vulnerabilities of BDF of libXfont...
WordPress Ultimate Member: two vulnerabilities
An attacker can use several vulnerabilities of WordPress Ultimate Member...
WordPress Pods: SQL injection
An attacker can use a SQL injection of WordPress Pods, in order to read or alter data...
WordPress MiwoFTP: file reading
An attacker can read a file of WordPress MiwoFTP, in order to obtain sensitive information...
WordPress Gravity Forms: SQL injection
An attacker can use a SQL injection of WordPress Gravity Forms, in order to read or alter data...
WordPress Reflex Gallery: file upload
An attacker can upload a malicious file on WordPress Reflex Gallery, in order for example to upload a Trojan...
Linux kernel: NULL pointer dereference via pmd_none_or_trans_huge_or_clear_bad
A local attacker can force a NULL pointer to be dereferenced in the pmd_none_or_trans_huge_or_clear_bad() function of the Linux kernel, in order to trigger a denial of service...
Linux kernel: privilege escalation via XFS Attribute
A local attacker can manipulate XFS attributes on the Linux kernel, in order to trigger a denial of service or to escalate his privileges...
Windows: fraudulent certificate emitted for Live.fi
An attacker, who owns the "www.live.fi" certificate, can use a Man-in-the-middle attack on a fake Live site, in order for example to obtain sensitive information...
WordPress Custom Field Suite: read-write access
An attacker can bypass access restrictions of WordPress Custom Field Suite, in order to read or alter data...
WordPress WooCommerce: SQL injection
An attacker can use a SQL injection of WordPress WooCommerce, in order to read or alter data...
Node.js serve-index: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js serve-index, in order to execute JavaScript code in the context of the web site...
OpenSSL: memory leak via hostname
An attacker can create a memory leak in the hostname extension of OpenSSL, in order to trigger a denial of service...
Linux kernel: NULL pointer dereference via tty_driver_lookup_tty
A local attacker can force a NULL pointer to be dereferenced via /dev/pts/* on the Linux kernel, in order to trigger a denial of service...
WebSphere AS 8.5: nine vulnerabilities
An attacker can use several vulnerabilities of WebSphere AS 8.5...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 494 495 496 497 498 499 500 501 502 504 506 507 508 509 510 511 512 513 514 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1104