The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress SP Project & Document Manager: SQL injection
An attacker can use a SQL injection of WordPress SP Project & Document Manager, in order to read or alter data...
NTP.org: predictability of ntp-keygen
An attacker can predict some keys generated by ntp-keygen of NTP.org, in order to access to resources protected by these keys...
WordPress TheCartPress: four vulnerabilities
An attacker can use several vulnerabilities of WordPress TheCartPress...
Asterisk: Man-in-the-middle via null Common Name
An attacker can act as a Man-in-the-middle using a null Common Name, in order to capture data belonging to the SIP session of Asterisk...
Juniper Junos: privilege escalation via CLI
An authenticated attacker can use the CLI of Juniper Junos, in order to escalate his privileges...
Drupal CiviCRM private report: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Drupal CiviCRM private report, in order to force the victim to perform operations...
Cisco ASA, CX, FirePOWER: denial of service
An attacker can send malicious packets to Cisco ASA, CX, or FirePOWER, in order to trigger a denial of service...
Cisco ASA: three vulnerabilities
An attacker can use several vulnerabilities of Cisco ASA...
Juniper QFX: low entropie
An attacker can potentially guess SSH or signature keys used by Juniper QFX...
Juniper SRX Dynamic VPN: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Juniper SRX Dynamic VPN, in order to execute JavaScript code in the context of the web site...
Juniper Junos J-Web: clickjacking
An attacker can trigger a clickjacking on Junos J-Web, in order to force the victim to perform unwanted operations...
Juniper SRX: privilege escalation via log-out-on-disconnect
An attacker can plug in the console of Juniper SRX, in order to access to the session of the previous user...
Siemens SIMATIC: three vulnerabilities
An attacker can use several vulnerabilities of Siemens SIMATIC...
Joomla Spider Random Article: SQL injection
An attacker can use a SQL injection of Joomla Spider Random Article, in order to read or alter data...
WordPress Shareaholic: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Shareaholic, in order to execute JavaScript code in the context of the web site...
libX11: buffer overflow of MakeBigReq
An attacker can generate a buffer overflow in applications using MakeBigReq() of libX11, in order to trigger a denial of service, and possibly to execute code...
Linux kernel: denial of service via Netfilter Conntrack Ext
An attacker can send some packets requiring a complex analysis by Netfilter Conntrack, in order to trigger a denial of service of the Linux kernel...
FreeBSD: disk decryption via GELI Keyfile
A local attacker can read a GELI Keyfile on FreeBSD, in order to decrypt a disk, to obtain sensitive information...
Cisco ASR 1000: denial of service via H.323
An attacker can send a malicious H.323 packet to Cisco ASR1000, in order to trigger a denial of service...
IBM Tivoli Storage Manager: code execution via FastBack Mount
An attacker can use the FastBack Mount port of IBM Tivoli Storage Manager, in order to execute code...
NTP.org: two vulnerabilities of Crypto
An attacker can use two vulnerabilities related to cryptographic features of NTP.org...
WordPress WP Easy Slideshow: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress WP Easy Slideshow, in order to force the victim to perform operations...
WordPress Contus Video Gallery: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Contus Video Gallery, in order to force the victim to perform operations...
WordPress All In One WP Security & Firewall: SQL injection
An attacker can use a SQL injection of WordPress All In One WP Security & Firewall, in order to read or alter data...
Node.js semver: denial of service via Regular Expression
An attacker can use a complex regular expression on Node.js semver, in order to trigger a denial of service...
JSON Web Token: privilege escalation via alg
An attacker can generate a fake token for JSON Web Token, in order to escalate his privileges...
WordPress Work The Flow File Upload: file upload
An attacker can upload a malicious file on WordPress Work The Flow File Upload, in order for example to upload a Trojan...
WordPress PHP Event Calendar: file upload
An attacker can upload a malicious file on WordPress PHP Event Calendar, in order for example to upload a Trojan...
Perl Module-Signature: four vulnerabilities
An attacker can use several vulnerabilities of Perl Module::Signature...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 499 500 501 502 503 504 505 506 507 509 511 512 513 514 515 516 517 518 519 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013