The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Joomla swmenufree: vulnerability
A vulnerability of Joomla swmenufree was announced...
virtio-win: buffer overflow of IP Packet
An attacker can generate a buffer overflow via an IP packet to virtio-win, in order to trigger a denial of service, and possibly to execute code...
Cisco Unified MeetingPlace: information disclosure about the session identifier
An attacker can retrieve a part of the session identifier of Cisco Unified MeetingPlace, in order to obtain sensitive information...
Cisco AnyConnect: privilege escalation via vpnagent
An attacker can run vpnagent of Cisco AnyConnect with a crafted command line, in order to escalate his privileges...
Cisco Adaptive Security Appliance: bypassing XAUTH access control
An attacker can send a specially crafted packet to the IKE daemon, in order to bypass the access control rules defined in XAUTH...
Cisco Unified MeetingPlace: Cross Site Scripting of the management interface
An attacker can trigger a Cross Site Scripting in interface of Cisco Unified MeetingPlace, in order to execute JavaScript code in the context of the web site...
Linux kernel: multiple buffer overflow of UDF
An attacker can generate a buffer overflow in the function __udf_adinicb_readpage from the UDF module of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
WordPress Codestyling Localization: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Codestyling Localization, in order to execute JavaScript code in the context of the web site...
Linux kernel: denial of service via UDF
An attacker can create an ill formed UDF filesystem image and make the Linux kernel mount then read it, in order to trigger a denial of service...
WordPress Simple Share Buttons Adder: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Simple Share Buttons Adder, in order to execute JavaScript code in the context of the web site...
Linux kernel: memory corruption via pipe_iov_copy
A local attacker can generate a memory corruption in pipe_iov_copy functions of the Linux kernel, in order to trigger a denial of service, and possibly to execute code...
WordPress Backup to Dropbox: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Backup to Dropbox, in order to execute JavaScript code in the context of the web site...
WordPress LeagueManager: SQL injection
An attacker can use a SQL injection of WordPress LeagueManager, in order to read or alter data...
WordPress ZoomSounds: file upload
An attacker can upload a malicious file on WordPress ZoomSounds, in order for example to upload a Trojan...
WordPress XCloner: three vulnerabilities
An attacker can use several vulnerabilities of WordPress XCloner...
WordPress UserPro: Cross Site Scripting of redirect_to
An attacker can trigger a Cross Site Scripting in redirect_to of WordPress UserPro, in order to execute JavaScript code in the context of the web site...
libinfinity: invalid certificate checks
The libinfinity library does not correctly check certificates...
Palo Alto PAN-OS: external XML entity injection
An attacker can transmit malicious XML data to Palo Alto PAN-OS, in order to read a file, scan sites, or trigger a denial of service...
WordPress Store Locator Plus: mail injection
An attacker can use WordPress Store Locator Plus, in order to send spam emails...
WordPress Incoming Links: Cross Site Scripting via Referer
An attacker can trigger a Cross Site Scripting of WordPress Incoming Links, in order to execute JavaScript code in the context of the web site...
WordPress Esplanade: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Esplanade, in order to execute JavaScript code in the context of the web site...
Cisco AnyConnect Secure Mobility Client: privilege escalation via Identity Services Engine
An attacker can use Identity Services Engine of Cisco AnyConnect Secure Mobility Client, in order to escalate his privileges...
Cisco Unified MeetingPlace: external XML entity injection
An attacker can transmit malicious XML data to Cisco Unified MeetingPlace, in order to read a file, scan sites, or trigger a denial of service...
Linux kernel: NULL pointer dereference via User Namespace Mount
An attacker can force a NULL pointer to be dereferenced in User Namespace Mount of the Linux kernel, in order to trigger a denial of service...
IBM Domino: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of IBM Domino, in order to execute JavaScript code in the context of the web site...
0MQ: vulnerability of Protocol Downgrade
A vulnerability in Protocol Downgrade of 0MQ was announced...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 515 516 517 518 519 520 521 522 523 525 527 528 529 530 531 532 533 534 535 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1050