The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco ASR 1000: denial of service via H.323
An attacker can send a malicious H.323 packet to Cisco ASR 1000, in order to trigger a denial of service...
Cisco ASR 1000: denial of service via L2TP
An attacker can send a malicious L2TP packet to Cisco ASR 1000, in order to trigger a denial of service...
Siemens SIMATIC S7-1200: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Siemens SIMATIC S7-1200, in order to force the victim to perform operations...
MaraDNS: denial of service via zoneserver
An attacker can generate a fatal error in zoneserver of MaraDNS, in order to trigger a denial of service...
Request Tracker: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Request Tracker, in order to run JavaScript code in the context of the web site...
cups-filters: privilege escalation via ippusbxd
An attacker can bypass restrictions in ippusbxd of cups-filters, in order to escalate his privileges...
Mozilla Firefox: two vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox...
WordPress Private Only: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Private Only, in order to run JavaScript code in the context of the web site...
Cisco ASR 1000: denial of service via UDP
An attacker can send a malicious UDP packet to Cisco ASR 1000, in order to trigger a denial of service...
WordPress YouTube Embed: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress YouTube Embed, in order to run JavaScript code in the context of the web site...
Cisco ACE 4700, ACE30: read-write access via CLI
An authenticated attacker can use a file and the CLI, to bypass access restrictions of Cisco ACE 4700 or ACE30, in order to read or alter data...
twig: code execution
An attacker can use a vulnerability of twig, in order to run code...
WordPress WP-Polls: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP-Polls, in order to run JavaScript code in the context of the web site...
Joomla Music Collection: SQL injection
An attacker can use a SQL injection of Joomla Music Collection, in order to read or alter data...
Android CommuniTake RemoteCare: privileged access via Certifi-gate
An attacker can send a malicious SMS to an Android phone with the CommuniTake RemoteCare mRST, in order to perform privileged operations...
Android AnySupport: privileged access via Certifi-gate
An attacker can invite the victim to install a malicious application on an Android phone, which connects to the AnySupport mRST, in order to perform privileged operations...
Android RSupport: privileged access via Certifi-gate
An attacker can invite the victim to install a malicious application on an Android phone, which connects to the RSupport mRST, in order to perform privileged operations...
Android TeamViewer Quick Support: privileged access via Certifi-gate
An attacker can invite the victim to install a malicious application on an Android phone, which connects to the TeamViewer Quick Support mRST, in order to perform privileged operations...
WordPress Car Rental System: SQL injection
An attacker can use a SQL injection of WordPress Car Rental System, in order to read or alter data...
FreeBSD: no signature control by pkg
An attacker can exploit an incomplete configuration of pkg(7) in FreeBSD, in order to perform a Man-in-the-middle...
FreeBSD: privilege escalation via IRET
A local attacker can trigger an interruption with an exception on FreeBSD, in order to escalate his privileges or to trigger a denial of service...
NTP.org: infinite loop of sntp
An attacker, spoofing replies of a NTP server, can generate an infinite loop in sntp of NTP.org, in order to trigger a denial of service...
NTP.org: file creation via pidfile/driftfile
An authenticated attacker can force NTP.org, to corrupt a file with its privileges...
NTP.org: unreachable memory reading via statistics/filegen
An authenticated attacker can force a read at an invalid address in NTP.org, in order to trigger a denial of service...
NTP.org: unreachable memory reading via logconfig
An authenticated attacker can force a read at an invalid address in NTP.org, in order to trigger a denial of service...
UglifyJS: invalid code generation
An attacker can use applications compressed by UglifyJS, in order to potentially bypass security features...
Cisco ACE: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco ACE, in order to force the victim to perform operations...
Linux kernel: denial of service via Nested Task
A local attacker can use system calls on the Linux kernel with CONFIG_IA32_EMULATION, in order to trigger a denial of service...
PicketLink IDP: privilege escalation
An attacker authenticated can use PicketLink IDP, in order to access to resources requiring a special role...
OpenStack Networking/Neutron: denial of service via L2 Agent
An attacker can generate a fatal error in L2 Agent of OpenStack Networking/Neutron, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 539 540 541 542 543 544 545 546 547 549 551 552 553 554 555 556 557 558 559 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020