The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cordova Android: two vulnerabilities
An attacker can use several vulnerabilities of Cordova Android...
Fedora 21: privilege escalation via zarafa-autorespond
An attacker can bypass restrictions in zarafa-autorespond of Fedora 21, in order to escalate his privileges...
rpm: denial of service
An attacker can generate a fatal error of rpm, in order to trigger a denial of service...
Node.js milliseconds: denial of service via Regular Expression
An attacker can provide a complex string to Node.js milliseconds, in order to trigger a denial of service...
ABRT: file corruption via Coredump Processor
A local attacker can create a symbolic link used by Coredump Processor, in order to alter the pointed file, with privileges of ABRT...
ABRT: file corruption via Debug Information Installer
A local attacker can create a symbolic link used by Debug Information Installer, in order to alter the pointed file, with privileges of ABRT...
Symfony: two vulnerabilities
An attacker can use several vulnerabilities of Symfony...
Joomla com_autostand: file upload
An attacker can upload a malicious file on Joomla com_autostand, in order for example to upload a Trojan...
Joomla com_media: file upload
An attacker can upload a malicious file on Joomla com_media, in order for example to upload a Trojan...
IBM Java: vulnerability
A vulnerability of IBM Java was announced...
Linux kernel: NULL pointer dereference via ext4_fill_super
An attacker can force a NULL pointer to be dereferenced in ext4_fill_super() of the Linux kernel, in order to trigger a denial of service...
WordPress Category and Page Icons: file upload
An attacker can upload a malicious file on WordPress Category and Page Icons, in order for example to upload a Trojan...
Android applican: two vulnerabilities
An attacker can use several vulnerabilities of Android applican...
Jenkins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins...
GDM: privilege escalation via Escape Key
An attacker can bypass restrictions in Escape Key of GDM, in order to escalate his privileges...
libxml2: five vulnerabilities
An attacker can use several vulnerabilities of libxml2...
libxml2: unreachable memory reading via xmlParseXMLDecl
An attacker can create a malformed XML/HTML file, in order to generate a denial of service in applications linked to libxml2...
WebSphere MQ: four vulnerabilities
An attacker can use several vulnerabilities of WebSphere MQ...
libksba: integer overflow
An attacker can generate an integer overflow of libksba, in order to trigger a denial of service, and possibly to run code...
TigerVNC: two vulnerabilities
An attacker can use several vulnerabilities of TigerVNC...
glibc: memory corruption via nss_files
An attacker can generate a memory corruption via nss_files of glibc, in order to trigger a denial of service, and possibly to run code...
Unbound: infinite loop of Delegations
An attacker can generate an infinite loop in Delegations of Unbound, in order to trigger a denial of service...
grub2: privilege escalation via Secure Boot
An attacker can bypass restrictions in Secure Boot of grub2, in order to escalate his privileges...
OpenHPI: read-write access via /var/lib/openhpi
An attacker can bypass access restrictions of /var/lib/openhpi of OpenHPI, in order to read or alter data...
librest: denial of service via rest_proxy_call_get_url
An attacker can generate a fatal error in rest_proxy_call_get_url of librest, in order to trigger a denial of service...
rubygem-bundler: code execution
An attacker can use a vulnerability of rubygem-bundler, in order to run code...
libssh2: Man-in-the-Middle of SSH_MSG_KEXINIT
An attacker can act as a Man-in-the-Middle of SSH_MSG_KEXINIT on libssh2, in order to read or write data in the session...
OpenLDAP: incorrect algorithm choice for TLS in multi-keyword
An attacker can force the TLS session of OpenLDAP to choose a weaker algorithm if the configured cipherstring contains several keywords, in order to more easily attack this session...
m2crypto: buffer overflow of EVP.pbkdf2
An attacker can generate a buffer overflow in EVP.pbkdf2 of m2crypto, in order to trigger a denial of service, and possibly to run code...
Monitorix: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Monitorix, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 559 560 561 562 563 564 565 566 567 569 571 572 573 574 575 576 577 578 579 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020