The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Hide My WP: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Hide My WP, in order to run JavaScript code in the context of the web site...
Puppet Enterprise Console: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Puppet Enterprise Console, in order to run JavaScript code in the context of the web site...
FortiOS: Man-in-the-Middle of TLS
An attacker can act as a Man-in-the-Middle between FortiOS and FortiGuard, in order to read or alter TLS sessions...
FortiOS: command execution via HA/ZebOS
An attacker can access to ZebOS of FortiOS in HA mode, in order to run commands...
FreeBSD: denial of service via TCP VNET
An attacker can send many TCP packets in the bad order to a FreeBSD system with more than 16 VNET, in order to trigger a denial of service...
hplip: code execution via hp-plugin
An attacker can use a vulnerability in hp-plugin of hplip, in order to run code...
elfutils: security improvement
The security of elfutils was improved...
OpenStack Swift: denial of service via max_meta_count
An attacker can bypass the max_meta_count limit of OpenStack Swift, in order to trigger a denial of service...
check-mk: three vulnerabilities
An attacker can use several vulnerabilities of check-mk...
BIND: denial of service via TKEY
An attacker can force an assertion error with a TKEY query sent to BIND, in order to trigger a denial of service...
BSD: code execution via patch and SCCS/RCS
An attacker can invite the victim to use a malicious diff file with patch of BSD, in order to run code...
OpenBSD: memory leak via execve/systrace
A local attacker can create a memory leak during the execve() call on OpenBSD, in order to trigger a denial of service...
WordPress Flickr Justified Gallery: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Flickr Justified Gallery, in order to run JavaScript code in the context of the web site...
Linux kernel: information disclosure via MD get_bitmap_file
A local attacker can read a memory fragment of the Linux kernel via the get_bitmap_file() function, in order to obtain sensitive information...
McAfee Application Control: five vulnerabilities
An attacker can use several vulnerabilities of McAfee Application Control...
NodeJS Geddy: directory traversal
An attacker can traverse directories of NodeJS Geddy, in order to read a file outside the service root path...
Cisco ESA, SMA, WSA: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco ESA, SMA ou WSA, in order to run JavaScript code in the context of the web site...
Google Android OS: seven vulnerabilities of Stagefright
An attacker can send a malicious MMS to the number of an Android phone owner, in order to run code...
Gnome clutter: privilege escalation
An attacker can bypass restrictions of Gnome clutter, in order to escalate his privileges...
Linux kernel: memory leak via Keyring
A local attacker can create a memory leak, by adding many times the same key in his Keyring, in order to trigger a denial of service on the Linux kernel...
QEMU: buffer overflow of ATAPI
An attacker on the guest system can generate a buffer overflow with ATAPI commands of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
WordPress WP Statistics: SQL injection
An attacker can use a SQL injection of WordPress WP Statistics, in order to read or alter data...
WordPress WP SlimStat: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP SlimStat, in order to run JavaScript code in the context of the web site...
WordPress WP Flash Player: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Flash Player, in order to run JavaScript code in the context of the web site...
Joomla MyBlog by Azrul: SQL injection
An attacker can use a SQL injection of Joomla MyBlog by Azrul, in order to read or alter data...
FortiClient SSLVPN Linux: privilege escalation via iclean.linux.sh
A local attacker can call helper/subproc of FortiClient SSLVPN Linux on a malicious iclean.linux.sh file, in order to escalate his privileges...
PAN-OS: bypassing LDAP authentication
An attacker can bypass the LDAP authentication of PAN-OS, in order to escalate his privileges...
Cisco ESA, SMA, WSA: Man-in-the-Middle of LDAP
An attacker can act as a Man-in-the-Middle between Cisco ESA/SMA/WSA and a LDAP server, in order to read or alter directory data...
pfSense: Cross Site Scripting of WebGUI
An attacker can trigger a Cross Site Scripting in WebGUI of pfSense, in order to run JavaScript code in the context of the web site...
WordPress Unite Gallery Lite: two vulnerabilities
An attacker can use several vulnerabilities of WordPress Unite Gallery Lite...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 531 532 533 534 535 536 537 538 539 541 543 544 545 546 547 548 549 550 551 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1023