The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Windows: buffer overflow of Journal
An attacker can invite the victim to open a malicious journal file, to generate a buffer overflow in Windows, in order to trigger a denial of service, and possibly to run code...
Microsoft Edge: four vulnerabilities
An attacker can use several vulnerabilities of Microsoft Edge...
Internet Explorer: multiple vulnerabilities
An attacker can use several vulnerabilities of Internet Explorer...
Adobe Flash Player: multiple vulnerabilities
An attacker can use several vulnerabilities of Adobe Flash Player...
Symantec Endpoint Protection: three vulnerabilities
An attacker can use several vulnerabilities of Symantec Endpoint Protection...
PAN-OS: extended validity of API key
An attacker, who knows the old API key, can use the API of PAN-OS, in order to perform privileged operations...
GNU GCC: predictability of std-random_device
An attacker can predict some randoms generated by C++ programs compiled with GNU GCC...
OpenBSD: read-write access via net-snmp
A local attacker can read the configuration of the net-snmp package of OpenBSD, in order to read or alter SNMP data...
OpenBSD: unreachable memory reading via Wi-Fi RSN
An attacker can force a read at an invalid address in Wi-Fi RSN, in order to trigger a denial of service of OpenBSD configured as a Wi-Fi client or access point...
Xen, Linux KVM: infinite loop of x86 Debug Exception
An attacker, who is administrator in a guest system, can generate an infinite loop with a Debug Exception on Xen, in order to trigger a denial of service on the host system...
Xen, KVM: infinite loop of x86 Alignment Check Exception
An attacker, who is administrator in a guest system, can generate an infinite loop with an Alignment Check Exception on Xen/KVM, in order to trigger a denial of service on the host system...
WordPress File Upload: file upload
An attacker can upload a malicious file on WordPress File Upload, in order for example to upload a Trojan...
Joomla com_cckseblod: directory traversal
An attacker can traverse directories of Joomla com_cckseblod, in order to read a file outside the service root path...
PuTTY: integer overflow of ECH
An attacker, who owns a malicious SSH server, can invite the victim to connect with Putty, to generate an integer overflow with ECH, in order to trigger a denial of service, and possibly to run code...
Ipsilon: privilege escalation
An attacker can bypass restrictions of Ipsilon, in order to escalate his privileges...
sudo: privilege escalation via sudoedit
An attacker can bypass restrictions in sudoedit of sudo, in order to escalate his privileges...
git: code execution
An attacker can use a vulnerability of git, in order to run code...
MIT krb5: memory corruption via IAKERB
An attacker can generate a memory corruption in IAKERB of MIT krb5, in order to trigger a denial of service, and possibly to run code...
WordPress easy-comment-uploads: file upload
An attacker can upload a malicious file on WordPress easy-comment-uploads, in order for example to upload a Trojan...
pfSense: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of pfSense, in order to run JavaScript code in the context of the web site...
PycURL: use after free via FORM_BUFFERPTR
An attacker can force the usage of a freed memory area in FORM_BUFFERPTR of PycURL, in order to trigger a denial of service, and possibly to run code...
Puppet Enterprise: reading the CA key
A local attacker can read the CA key file of Puppet Enterprise, in order to obtain sensitive information...
MediaWiki: nine vulnerabilities
An attacker can use several vulnerabilities of MediaWiki...
WordPress neuvoo-jobroll: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress neuvoo-jobroll, in order to run JavaScript code in the context of the web site...
LibreOffice, OpenOffice: four vulnerabilities
Several vulnerabilities were announced in LibreOffice/OpenOffice...
Drupal Login Disable: bypassing restrictions
An attacker who has an account can authenticate, even if Drupal Login Disable is used...
Linux kernel: denial of service via selinux_nlmsg_perm
A local attacker can use malicious Netlink messages on the Linux kernel, in order to trigger a denial of service...
Drupal Monster Menus: information disclosure
An attacker can use a vulnerability of Drupal Access Bypass, in order to obtain deleted information...
CMake: security improvement
The security of CMake was improved...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 556 557 558 559 560 561 562 563 564 566 568 569 570 571 572 573 574 575 576 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021