The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress MailChimp Subscribe Forms: code execution
An attacker can use a vulnerability of WordPress MailChimp Subscribe Forms, in order to run code...
WordPress Facebook With Login: SQL injection
An attacker can use a SQL injection of WordPress Facebook With Login, in order to read or alter data...
WordPress Issuu Panel: directory traversal
An attacker can traverse directories of WordPress Issuu Panel, in order to read a file outside the service root path...
TYPO3 Ajax mail subscription: privilege escalation
An attacker can bypass restrictions of TYPO3 Ajax mail subscription, in order to escalate his privileges...
Synology DS, RS, Photo Station: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Synology DS, RS or Photo Station, in order to run JavaScript code in the context of the web site...
Cisco IOS XR: denial of service via SCP or SFTP
An authenticated attacker can bypass access restrictions of Cisco IOS XR, in order to create a denial of service...
CA Single Sign-On: two vulnerabilities of Web Agent
An attacker can use several vulnerabilities of CA Single Sign-On...
Oracle Java: code execution via Hotspot
An attacker can use a vulnerability in Hotspot of Oracle Java, in order to run code in the web browser of the victim who loads a malicious Java applet...
Dropbear: code execution via X11 forwarding
An attacker can use a vulnerability in X11 forwarding of Dropbear, in order to run code...
Drupal Login one time: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Login one time, in order to run JavaScript code in the context of the web site...
AMD Piledriver: privilege escalation via Microcode
An attacker in a guest system can trigger an error in the Microcode of AMD Piledriver processors, in order to escalate his privileges on the host system...
Redmine: information disclosure via Atom Feed
An attacker can bypass access restrictions to data in Atom Feed of Redmine, in order to obtain sensitive information...
Redmine: open redirect
An attacker can deceive the user of Redmine, in order to redirect him to a malicious site...
Redmine: information disclosure via Time Logging Form
An attacker can bypass access restrictions to data in Time Logging Form of Redmine, in order to obtain sensitive information...
Redmine: information disclosure via Changeset Message
An attacker can bypass access restrictions to data in Changeset Message of Redmine, in order to obtain sensitive information...
pidgin-otr: use after free
An attacker can force the usage of a freed memory area of pidgin-otr, in order to trigger a denial of service, and possibly to run code...
inspircd: denial of service
An attacker can generate a fatal error of inspircd, in order to trigger a denial of service...
Cisco IOS: denial of service via WAAS Express
An attacker can send a malicious TCP packet to Cisco IOS with WAAS Express, in order to trigger a denial of service...
Cisco IOS, NX-OS: denial of service via Locator/ID Separation Protocol
An attacker can send a malicious Locator/ID Separation Protocol packet to Cisco IOS or NX-OS, in order to trigger a denial of service...
Cisco IOS, IOS XE: denial of service via Smart Install
An attacker can send a malicious Smart Install packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
Cisco IOS, IOS XE: denial of service via IKEv2
An attacker can send a malicious IKEv2 packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
Cisco IOS, IOS XE: denial of service via DHCPv6
An attacker can send a malicious DHCPv6 packet to Cisco IOS or IOS XE, in order to trigger a denial of service...
Cisco IOS, IOS XE, Cisco Unified Communications Manager: denial of service via SIP
An attacker can send a malicious SIP packet to Cisco IOS, IOS XE, or Cisco Unified Communications Manager, in order to trigger a denial of service...
libmatroska: information disclosure
A local attacker can read a memory fragment of libmatroska, in order to obtain sensitive information...
WordPress OptinMonster: code execution
An attacker can use a vulnerability of WordPress OptinMonster, in order to run code...
WordPress Anti-Malware Security and Brute-Force Firewall: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Anti-Malware Security and Brute-Force Firewall, in order to run JavaScript code in the context of the web site...
WordPress Memphis Document Library: directory traversal
An attacker can traverse directories of WordPress Memphis Document Library, in order to read a file outside the service root path...
WordPress HB Audio Gallery Lite: directory traversal
An attacker can traverse directories of WordPress HB Audio Gallery Lite, in order to read a file outside the service root path...
WordPress Dharma Booking: directory traversal
An attacker can traverse directories of WordPress Dharma Booking, in order to read a file outside the service root path...
WordPress Brandfolder: directory traversal
An attacker can traverse directories of WordPress Brandfolder, in order to read a file outside the service root path...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 588 589 590 591 592 593 594 595 596 598 600 601 602 603 604 605 606 607 608 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103