The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
QEMU: memory leak via VMXNET3
An attacker, who is privileged in a guest system, can create a memory leak in VMXNET3 of Qemu, in order to trigger a denial of service on the host system...
QEMU: infinite loop of ehci_process_itd
An attacker in a guest system can generate an infinite loop in the ehci_process_itd() function of Qemu, in order to trigger a denial of service on the host system...
Joomla Core: four vulnerabilities
An attacker can use several vulnerabilities of Joomla Core...
WordPress Ad King Pro: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Ad King Pro, in order to run JavaScript code in the context of the web site...
Synology Note Station: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Synology Note Station, in order to run JavaScript code in the context of the web site...
GNU Wget: information disclosure via FTP PORT
An attacker can read an IP address via the FTP PORT command of GNU Wget, in order to obtain sensitive information...
Cacti: SQL injection of graphs_new.php selected_graphs_array
An attacker can use a SQL injection via the selected_graphs_array parameter of Cacti, in order to read or alter data...
HPE Network Switch: two vulnerabilities
An attacker can use several vulnerabilities of HPE Network Switch...
QEMU: NULL pointer dereference via PCI MSI-X MMIO
An attacker, who is privileged in a guest system, can force a NULL pointer to be dereferenced in the PCI MSI-X MMIO implementation of QEMU, in order to trigger a denial of service on the host system...
Debian, Ubuntu: two vulnerabilities of mandb
Several vulnerabilities were announced in Debian/Ubuntu...
cups-filters: code execution via foomatic-rip via semicolon
An attacker can use the semicolon character in foomatic-rip of cups-filters, in order to run code...
Linux kernel: NULL pointer dereference via inet_autobind
A local attacker can force a NULL pointer to be dereferenced in the inet_autobind() function of the Linux kernel, in order to trigger a denial of service...
GRUB: buffer overflow of Bootup Password
An attacker can generate a buffer overflow in Bootup Password of GRUB, in order to trigger a denial of service, and possibly to run code...
Moodle: seven vulnerabilities
An attacker can use several vulnerabilities of Moodle...
Moodle: multiple vulnerabilities
An attacker can use several vulnerabilities of Moodle...
PHPMailer: message injection
A vulnerability of PHPMailer was announced...
Node.js handlebars: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js handlebars, in order to run JavaScript code in the context of the web site...
Joomla Nice Ajax Poll: SQL injection
An attacker can use a SQL injection of Joomla Nice Ajax Poll, in order to read or alter data...
WordPress S3 Video: file upload
An attacker can upload a malicious file on WordPress S3 Video, in order for example to upload a Trojan...
Synology Video Station: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Synology Video Station, in order to run JavaScript code in the context of the web site...
Knot: unreachable memory reading via NAPTR
An attacker can force a read at an invalid address via NAPTR of Knot, in order to trigger a denial of service...
WordPress YAWPP: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress YAWPP, in order to run JavaScript code in the context of the web site...
WordPress Wordfence Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Wordfence Security, in order to run JavaScript code in the context of the web site...
libpng: unreachable memory reading via png_check_keyword
An attacker can force a read at an invalid address in png_check_keyword of libpng, in order to trigger a denial of service...
WordPress AGP Font Awesome Collection: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress AGP Font Awesome Collection, in order to run JavaScript code in the context of the web site...
WordPress WP Easy Poll: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Easy Poll, in order to run JavaScript code in the context of the web site...
Cisco IP Phone: firmware change on SPA30X/SPA5xX
A local attacker can alter the firmware of Cisco IP Phone model SPA30X, SPA50X or SPA51X, in order to execute code...
Cisco Unity Connection: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Unity Connection, in order to force the victim to perform operations...
Cisco Unified Communications Manager: identity theft via MRA
An attacker can bypass the identification of Cisco Unified Communications Manager with the MRA service, in order to spoof the identity of a device...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 564 565 566 567 568 569 570 571 572 574 576 577 578 579 580 581 582 583 584 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1022