The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
1 ICU: unreachable memory reading via Font Parsing
An attacker can force a read at an invalid address in Font Parsing of ICU, in order to trigger a denial of service...
2 ICU: buffer overflow of Layout Engine
An attacker can generate a buffer overflow in Layout Engine of ICU, in order to trigger a denial of service, and possibly to run code...
3 BSD: code execution via patch and ed
An attacker can write a malicious patch with the ed syntax for BSD, in order to run code when a victim applies this patch...
2 Joomla Face Gallery: vulnerability
A vulnerability of Joomla Face Gallery was announced...
2 Joomla AP Portfolio: Cross Site Scripting of PrettyPhoto
An attacker can trigger a Cross Site Scripting in PrettyPhoto of Joomla AP Portfolio, in order to run JavaScript code in the context of the web site...
1 HP ArcSight Logger: incoherent complex searches
An HP ArcSight Logger administrator, who searches traces of a sensitive event, may miss this event...
2 Symantec Endpoint Protection: seven vulnerabilities
An attacker can use several vulnerabilities of Symantec Endpoint Protection...
3 IBM Tivoli Storage Manager FastBack: five vulnerabilities
An attacker can use several vulnerabilities of IBM Tivoli Storage Manager FastBack...
2 Cisco Unified Communications Manager: information disclosure via Prime Collaboration Deployment
An attacker can use a vulnerability in Prime Collaboration Deployment of Cisco Unified Communications Manager, in order to obtain sensitive information...
2 Cisco AnyConnect Secure Mobility Client: directory traversal
An attacker can traverse directories of Cisco AnyConnect Secure Mobility Client, in order to write a file outside the service root path...
2 Cisco Prime Central Hosted Collaboration Solution: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Prime Central Hosted Collaboration Solution, in order to run JavaScript code in the context of the web site...
2 Pulse Secure Connect Secure: Man-in-the-Middle of Hardware Acceleration
An attacker can perform a Man-in-the-Middle when the Hardware Acceleration is enabled on Pulse Secure Connect Secure, in order to read or alter TLS session data...
1 OpenAFS: five vulnerabilities
An attacker can use several vulnerabilities of OpenAFS...
2 Linux kernel: denial of service via SCTP ASCONF
An attacker can send several SCTP ASCONF packets to the Linux kernel, in order to trigger a denial of service...
1 OpenSSH: interpretation of ANSI codes via scp
An attacker can create a malicious file name, and invite the victim to download it with scp of OpenSSH, in order to alter the display of his terminal...
2 Google Android OS: integer overflow of mediaserver via MKV
An attacker can invite the victim to see a web site containing a malicious MKV video, in order to trigger a denial of service of mediaserver on Google Android OS, ...
3 Cisco IOS-XE, ASR 1000: denial of service via TCP Fragment
An attacker can send many fragmented TCP packets to Cisco IOS-XE, in order to trigger a denial of service...
2 Ghostscript: memory corruption via gs_ttf
An attacker can generate a memory corruption in gs_ttf of Ghostscript, in order to trigger a denial of service, and possibly to run code...
2 Cisco IOS-XE: denial of service via ATTN-3-SYNC_TIMEOUT
An attacker can send many fragmented TCP packets to Cisco IOS-XE, in order to trigger a denial of service...
1 Cisco AnyConnect Secure Mobility Client: denial of service via Mac OS X
A local attacker can stop the Mac OS X kernel via Cisco AnyConnect Secure Mobility Client, in order to trigger a denial of service...
3 Debian: code execution via JAR
An attacker can invite the victim to click on a JAR archive from a Debian web browser, in order to run code...
2 FortiOS: Cross Site Scripting of DHCP Monitor WebUI
An attacker can trigger a Cross Site Scripting in DHCP Monitor WebUI of FortiOS, in order to run JavaScript code in the context of the web site...
2 WordPress The Holiday Calendar: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress The Holiday Calendar, in order to run JavaScript code in the context of the web site...
1 xrdp: denial of service via shadow-utils
An attacker can generate a fatal error in shadow-utils of xrdp, in order to trigger a denial of service...
1 NX: security improvement
The security of NX was improved...
2 ipython: Cross Site Scripting of get_origin
An attacker can trigger a Cross Site Scripting in get_origin of ipython, in order to run JavaScript code in the context of the web site...
1 ecryptfs-utils: security improvement of Default Salt
The security of ecryptfs-utils was improved via not using the default salt...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 532 533 534 535 536 537 538 539 540 542 544 545 546 547 548 549 550 551 552 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 995