The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
HP ArcSight ESM: information disclosure
An attacker can bypass access restrictions to data of HP ArcSight ESM, in order to obtain sensitive information...
git: two vulnerabilities
An attacker can use several vulnerabilities of git...
ICU: buffer overflow of _canonicalize
An attacker can generate a buffer overflow in _canonicalize of ICU, in order to trigger a denial of service, and possibly to run code...
WordPress Nextend Facebook Connect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Nextend Facebook Connect, in order to force the victim to perform operations...
TeamPass: three vulnerabilities
An attacker can use several vulnerabilities of TeamPass...
Linux kernel: denial of service via Interface IPv4 Addresses
A local attacker can add/remove numerous IPv4 addresses on a network interface of the Linux kernel, in order to trigger a denial of service...
Kaspersky Anti-Virus: privilege escalation via Driver Write
A local attacker can use a driver of Kaspersky Anti-Virus, in order to escalate his privileges...
SIMATIC S7-1200 CPU: privilege escalation
A network attacker can access to SIMATIC S7-1200 CPU, in order to escalate his privileges...
Puppet Enterprise: two vulnerabilities
An attacker can use several vulnerabilities of Puppet Enterprise...
HP ArcSight ESM: two vulnerabilities
An attacker can use several vulnerabilities of HP ArcSight ESM...
WordPress DZS Videogallery: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress DZS Videogallery...
WordPress WP Advanced Comment: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Advanced Comment, in order to run JavaScript code in the context of the web site...
WordPress Email Encoder Bundle: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Email Encoder Bundle, in order to run JavaScript code in the context of the web site...
Graphite2: multiple vulnerabilities
An attacker can use several vulnerabilities of Graphite2...
WordPress Soundy Background Music: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Soundy Background Music, in order to run JavaScript code in the context of the web site...
Apache Struts: three vulnerabilities
An attacker can use several vulnerabilities of Apache Struts...
WordPress DW Question and Answer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress DW Question and Answer, in order to run JavaScript code in the context of the web site...
Mozilla NSS: use after free via Low Memory
An attacker can force the usage of a freed memory area in Mozilla NSS, in order to trigger a denial of service, and possibly to run code...
Cisco GSR 12000: denial of service via UDP BFD
An attacker can send a malicious UDP BFD packet to Cisco GSR 12000, in order to trigger a denial of service...
htmLawed: vulnerability of Font
A vulnerability in Font of htmLawed was announced...
ProFTPD: usage of DH 1024 bits by mod_tls
An attacker can potentially decrypt a TLS session of ProFTPD, in order to obtain the content of transferred files...
IBM Informix Dynamic Server: privilege escalation via ACL
An attacker can alter nsrexecd.exe of IBM Informix Dynamic Server, in order to escalate his privileges...
Cacti: SQL injection of tree.php
An attacker can use a SQL injection in tree.php of Cacti, in order to read or alter data...
Adobe Flash Player: multiple vulnerabilities
An attacker can use several vulnerabilities of Adobe Flash Player...
Cisco Prime LMS: decryption of data
A local attacker can use a known key of Cisco Prime LMS, in order to decrypt data...
SPIP: two vulnerabilities
An attacker can use several vulnerabilities of SPIP...
Quagga: buffer overflow of VPNv4
A malicious peer can generate a buffer overflow in bgp_nlri_parse_vpnv4() of Quagga, in order to trigger a denial of service, and possibly to run code...
OpenSSH: injection of xauth commands
An attacker, who has an account with OpenSSH, but which is restricted and without a shell access, can transmit xauth commands via OpenSSH, in order to read/write a file with his own privileges...
TYPO3 Another simple gallery: SQL injection
An attacker can use a SQL injection of TYPO3 Another simple gallery, in order to read or alter data...
Linux kernel: memory corruption via IPT_SO_SET_REPLACE
A local attacker with CONFIG_USER_NS can generate a memory corruption via the IPT_SO_SET_REPLACE option of the Linux kernel, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 586 587 588 589 590 591 592 593 594 596 598 599 600 601 602 603 604 605 606 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103