The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Ultimate Addons for Visual Composer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Ultimate Addons for Visual Composer, in order to run JavaScript code in the context of the web site...
Splunk Enterprise: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Splunk Enterprise, in order to run JavaScript code in the context of the web site...
Doctrine: privilege escalation
An attacker can bypass restrictions of Doctrine, in order to escalate his privileges...
Linux kernel: NULL pointer dereference via net/rds/connection.c
A local attacker can force a NULL pointer to be dereferenced in net/rds/connection.c of the Linux kernel, in order to trigger a denial of service...
WordPress Postmatic: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Postmatic, in order to run JavaScript code in the context of the web site...
Joomla HDFLVPlayer: SQL injection
An attacker can use a SQL injection of Joomla HDFLVPlayer, in order to read or alter data...
Joomla eXtplorer: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Joomla eXtplorer, in order to force the victim to perform operations...
WordPress Visual Form Builder: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Visual Form Builder, in order to run JavaScript code in the context of the web site...
Synology Download Station: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Synology Download Station, in order to run JavaScript code in the context of the web site...
Synology Note Station: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Note Station of Synology Note Station, in order to run JavaScript code in the context of the web site...
Synology Video Station: three vulnerabilities
Several vulnerabilities were announced in Synology Video Station...
WordPress sourceAFRICA: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress sourceAFRICA, in order to run JavaScript code in the context of the web site...
Python: injection of HTTP Cookie
An attacker can inject cookies in Python applications, in order to change their behavior...
WordPress Csv2wpec Coupon: file upload
An attacker can upload a malicious file on WordPress Csv2wpec Coupon, in order for example to upload a Trojan...
PCRE: buffer overflow of compile_regex
An attacker can generate a buffer overflow in compile_regex of PCRE, in order to trigger a denial of service, and possibly to run code...
vzctl: privilege escalation
An attacker can bypass restrictions of vzctl, in order to escalate his privileges...
FreeType: infinite loop of parse_encoding
An attacker can generate an infinite loop in parse_encoding of FreeType, in order to trigger a denial of service...
FreeType: unreachable memory reading via Parser
An attacker can force a read at an invalid address in Parser of FreeType, in order to trigger a denial of service...
WebSphere AS 8.5: two vulnerabilities
An attacker can use several vulnerabilities of WebSphere AS 8.5...
OnionShare: vulnerability
A vulnerability of OnionShare was announced...
F5 BIG-IP: directory traversal of Configuration Utility
An attacker can traverse directories in Configuration Utility of F5 BIG-IP, in order to read a file outside the service root path...
OpenLDAP: denial of service via ber_get_next
An attacker can send a malicious LDAP packet, to force an assertion error in the ber_get_next() function of OpenLDAP, in order to trigger a denial of service...
Cisco WSA: memory leak via HTTP
An attacker, who has access to a web server, can create a memory leak in Cisco WSA, in order to trigger a denial of service...
Google Android OS: seven vulnerabilities of September 2015
An attacker can use several vulnerabilities of Google Android OS...
Drupal Twitter: post on another account
An authenticated attacker can use Drupal Twitter, in order to post a message on the account of another user...
Drupal RESTful: information disclosure via Anonymous Cache
An attacker can use a vulnerability in the cache management by Drupal RESTful, in order to obtain sensitive information...
QEMU: denial of service via IDE WIN_READ_NATIVE_MAX
An attacker who is privileged in the guest system can use the IDE WIN_READ_NATIVE_MAX command on QEMU, in order to trigger a denial of service on the host system...
Cisco ESA: memory corruption
An attacker can generate a memory corruption on Cisco ESA, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 543 544 545 546 547 548 549 550 551 553 555 556 557 558 559 560 561 562 563 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020