The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libwmf: buffer overflow of BMP
An attacker can generate a buffer overflow in the module for bitmap handling of libwmf, in order to trigger a denial of service, and possibly to execute code...
Drupal Shibboleth: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Shibboleth, in order to execute JavaScript code in the context of the web site...
Drupal me aliases: privilege escalation via uncontrolled redirect
An attacker can use URLs handled by Drupal me aliases, in order to access unauthorized content...
Drupal HybridAuth Social Login: availability of administration privileges
An attacker can create account with Drupal HybridAuth Social Login without authorization...
WordPress nextend-twitter-connect: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress nextend-twitter-connect, in order to execute JavaScript code in the context of the web site...
WordPress wp-instance-rename: directory traversal
An attacker can traverse directories of WordPress wp-instance-rename, in order to read a file outside the service root path...
Zend framework: Cross Site Scripting of diactoros
An attacker can handle links built with diactoros of Zend framework, in order to change the target of HTML links and perhaps execute JavaScript code in the context of the web site...
Cisco Nexus 9000 Series: password leak
An authenticated attacker can get passwords stored in Cisco Nexus 9000 Series...
Cisco Unified MeetingPlace: information disclosure via HTML text
An authenticated attacker can look in the HTML text generated by Cisco Unified MeetingPlace, in order to get user passwords...
Cisco Wireless LAN Controller: denial of service via IPv6
An attacker can send a malicious IPv6 packet to Cisco Wireless LAN Controller, in order to trigger a denial of service...
Cisco AnyConnect VPN Client for Windows: privilege escalation via program install
An attacker can create an INF file for Cisco AnyConnect VPN Client for Windows, in order to make it run any program with the privileges of the SYSTEM account...
WordPress Nextend Facebook Connect: Cross Site Scripting of "redirect_to"
An attacker can trigger a Cross Site Scripting via the request parameter "redirect_to" of WordPress Nextend Facebook Connect, in order to execute JavaScript code in the context of the web site...
Adobe Flash Player: buffer overflow
An attacker can generate a buffer overflow of Adobe Flash Player, in order to trigger a denial of service, and possibly to execute code...
IBM WebSphere MQ: information disclosure
An attacker can use a man on the middle attack against IBM WebSphere MQ, in order to obtain a user' credentials...
Joomla Simple Image Gallery PRO: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla Simple Image Gallery PRO, in order to execute JavaScript code in the context of the web site...
Google Chrome: four vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
Cisco IOS: four vulnerabilities of Universal Broadband Routers
An attacker can use several vulnerabilities of Universal Broadband Routers running Cisco IOS...
Cisco IOS XR: denial of service via the IEEE 802.3 flow control
An attacker can send an ill formed IEEE 802.3 PAUSE frame to Cisco IOS XR, in order to trigger a denial of service...
Webmin: Cross Site Scripting of xmlrpc.cgi
An attacker can trigger a Cross Site Scripting in xmlrpc.cgi of Webmin, in order to execute JavaScript code in the context of the web site...
Linux kernel: denial of service via BPF JIT
An attacker can define a malicious BPF filter to be compiled to native code, in order to raise a fatal exception in the Linux kernel and so trigger a denial of service...
Joomla Responsive Portfolio: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla Responsive Portfolio, in order to execute JavaScript code in the context of the web site...
Joomla pPGallery: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla pPGallery, in order to execute JavaScript code in the context of the web site...
Joomla StarLite Pretty Photo: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla StarLite Pretty Photo, in order to execute JavaScript code in the context of the web site...
Joomla Joombri Freelance: SQL injection
An attacker can use a SQL injection of Joomla Joombri Freelance, in order to read or alter data...
Joomla JB Library: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla JB Library, in order to execute JavaScript code in the context of the web site...
Joomla UMI 3D Tag Cloud: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla UMI 3D Tag Cloud, in order to execute JavaScript code in the context of the web site...
Joomla AP Portfolio: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla AP Portfolio, in order to execute JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 522 523 524 525 526 527 528 529 531 533 534 535 536 537 538 539 540 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1035