The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress iframe: two vulnerabilities
An attacker can use several vulnerabilities of WordPress iframe...
WordPress WP Statistics: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Statistics, in order to run JavaScript code in the context of the web site...
WordPress MainWP: vulnerability
A vulnerability of WordPress MainWP was announced...
Joomla WFLab Joomshopping: SQL injection
An attacker can use a SQL injection of Joomla WFLab Joomshopping, in order to read or alter data...
WordPress Monetize: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Monetize, in order to run JavaScript code in the context of the web site...
WordPress Bookmarkify: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Bookmarkify, in order to run JavaScript code in the context of the web site...
WordPress Avenir-Soft Direct Download: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Avenir-Soft Direct Download, in order to run JavaScript code in the context of the web site...
WordPress Google Analytics by Yoast Premium: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Google Analytics by Yoast Premium, in order to run JavaScript code in the context of the web site...
WordPress WP Symposium: SQL injection
An attacker can use a SQL injection of WordPress WP Symposium, in order to read or alter data...
Apache ActiveMQ: denial of service via Shutdown
An attacker can generate a stop with Shutdown of Apache ActiveMQ, in order to trigger a denial of service...
Mantis: information disclosure via g_view_proj_doc_threshold
An attacker can bypass access restrictions to data in g_view_proj_doc_threshold of Mantis, in order to obtain sensitive information...
OpenSAML Java: incomplete certificate validation
An attacker can use any valid certificate on a malicious server, and then invite an Apache HttpClient 3 to connect there, in order to spy communications even if encryption is used...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
Mozilla Firefox: file reading via PDF Viewer
An attacker can read a file via the PDF Viewer of Mozilla Firefox, in order to obtain sensitive information...
QEMU: buffer overflow of virtio-serial-bus
An attacker in a guest system can generate a buffer overflow in virtio-serial-bus.c of QEMU, in order to trigger a denial of service, and possibly to run code...
OpenStack Keystone: TLS Man-in-the-middle of s3_token
An attacker can perform a Man-in-the-Middle when the paste.ini configuration contains "insecure" on OpenStack Keystone, in order to read or alter TLS session data...
OpenStack Swift: denial of service via Delete Objects
An attacker can delete objects of OpenStack Swift, in order to trigger a denial of service...
FreeBSD: denial of service via routed
An attacker can force an assertion error in routed of FreeBSD, in order to trigger a denial of service...
Linux kernel: buffer overflow of virtnet_probe
An attacker can generate a buffer overflow in the virtnet_probe() function of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Drupal Commerce Commonwealth: invalid validation of payment
An attacker can deceive Drupal Commerce Commonwealth, in order to buy without paying...
Drupal Compass Rose: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Compass Rose, in order to run JavaScript code in the context of the web site...
Drupal Quick Edit: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Quick Edit, in order to run JavaScript code in the context of the web site...
Apache Subversion: two vulnerabilities
An attacker can use several vulnerabilities of Apache Subversion...
WordPress Core: Cross Site Request Forgery of Comments
An attacker can trigger a Cross Site Request Forgery in comments of WordPress Core, in order to impersonate the victim...
Chrome: use after free via oxide-qt-URLRequestDelegatedJob
An attacker can force the usage of a freed memory area in ui::AXTree::Unserialize() of Chrome, in order to trigger a denial of service, and possibly to run code...
Magento: four vulnerabilities
An attacker can use several vulnerabilities of Magento...
Google Android OS: infinite loop of MediaServer
An attacker can generate an infinite loop in MediaServer of Google Android OS, in order to trigger a denial of service...
WordPress WP Accurate Form Data: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Accurate Form Data, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 534 535 536 537 538 539 540 541 542 544 546 547 548 549 550 551 552 553 554 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1049