The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco AnyConnect Secure Mobility Client: moving files
A local attacker can use IPC of Cisco AnyConnect Secure Mobility Client for Windows, to move a file, in order to trigger a denial of service...
Cisco Prime Collaboration Provisioning: SQL injection
An attacker can use a SQL injection of Cisco Prime Collaboration Provisioning, in order to read or alter data...
Cisco Prime Collaboration Assurance: directory traversal
An attacker can traverse directories of Cisco Prime Collaboration Assurance, in order to read a file outside the service root path...
Cisco Prime Infrastructure: denial of service via SSL Renegotiation
An attacker can send a SSL Renegotiation to Cisco Prime Infrastructure, in order to trigger a denial of service...
FreeIPA: private KRA key reading
A local attacker can read the private KRA key of FreeIPA, in order to obtain sensitive information...
OpenStack Director TripleO: information disclosure via Swiftproxy
An attacker can bypass access restrictions to data in Swiftproxy of OpenStack Director TripleO, in order to obtain sensitive information...
389 Directory Server: Man-in-the-Middle via nsSSL3Ciphers
An attacker can act as a Man-in-the-Middle on 389 Directory Server, in order to read or write data in the session...
PostgreSQL: two vulnerabilities
An attacker can use several vulnerabilities of PostgreSQL...
Perl UI-Dialog: code execution via Menu
An attacker, who can control the text displayed in menus of applications using Perl UI::Dialog, can run code...
IPython: Cross Site Scripting of Foldernames
An attacker can trigger a Cross Site Scripting in Foldernames of IPython, in order to run JavaScript code in the context of the web site...
Drupal Colorbox: altering a site
An attacker can inject comments in Drupal Colorbox, in order to alter a site...
Drupal Entity Registration: information disclosure
An attacker can bypass access restrictions to data of Drupal Entity Registration, in order to obtain sensitive information...
Drupal Stickynote: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Stickynote, in order to run JavaScript code in the context of the web site...
WordPress Calls to Action: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Calls to Action, in order to run JavaScript code in the context of the web site...
WordPress Support Ticket System: SQL injection
An attacker can use a SQL injection of WordPress Support Ticket System, in order to read or alter data...
Zope Management Interface: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Zope Management Interface, in order to force the victim to perform operations...
OpenHPI: privilege escalation via /var/lib/openhpi
An attacker can bypass restrictions in /var/lib/openhpi of OpenHPI, in order to escalate his privileges...
Cisco AnyConnect VPN Client: privilege escalation via vpnclient.ini
A local attacker can alter the vpnclient.ini file of Cisco AnyConnect VPN Client, in order to escalate his privileges...
Spice: two vulnerabilities
An attacker can use several vulnerabilities of Spice...
FreeType: three vulnerabilities
An attacker can use several vulnerabilities of FreeType...
Google Android OS: multiple vulnerabilities of October 2015
An attacker can use several vulnerabilities of Google Android OS...
Node.js 4: denial of service via Pipelining
An attacker can use the HTTP Pipelining of Node.js 4, in order to trigger a denial of service...
Cisco Aironet: privilege escalation via CLI
A local attacker can use the CLI of Cisco Aironet, in order to escalate his privileges...
Cisco IOS: denial of service via RADIUS
An attacker can send a malicious RADIUS packet to Cisco IOS, in order to trigger a denial of service...
OpenJPEG: use after free
An attacker can force the usage of a freed memory area of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
pixman: buffer overflow
An attacker can generate a buffer overflow of pixman, in order to trigger a denial of service, and possibly to run code...
WebKitGTK: denial of service via WebCore-SQLiteStatement-prepare
An attacker can generate a fatal error in WebCore-SQLiteStatement-prepare of WebKitGTK, in order to trigger a denial of service...
WordPress uDesign: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress uDesign, in order to run JavaScript code in the context of the web site...
PHP: denial of service via phar_make_dirstream
An attacker can force an invalid pointer to be dereferenced in the phar_make_dirstream() function of PHP, in order to trigger a denial of service...
WordPress Ninja Forms: code execution via Excel CSV
An attacker can use a vulnerability in Excel CSV of WordPress Ninja Forms, in order to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 549 550 551 552 553 554 555 556 557 559 561 562 563 564 565 566 567 568 569 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1069