The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Multiple Meta Box: SQL injection of multi_metabox_listing
An attacker can use a SQL injection in the multi_metabox_listing parameter of WordPress Multiple Meta Box, in order to read or alter data...
Joomla User Group FTW For Hikashop: vulnerability
A vulnerability of Joomla User Group FTW For Hikashop was announced...
LibTIFF: nine vulnerabilities
An attacker can use several vulnerabilities of LibTIFF...
Adobe Flash Player: multiple vulnerabilities
An attacker can use several vulnerabilities of Adobe Flash Player...
OptiPNG: code execution
An attacker can use a vulnerability of OptiPNG, in order to run code...
libmaxminddb: denial of service
An attacker can generate a fatal error of libmaxminddb, in order to trigger a denial of service...
Splunk: six vulnerabilities
An attacker can use several vulnerabilities of Splunk...
libxslt: out-of-bounds memory reading via xsltStylePreCompute
An attacker can force a read at an invalid address in xsltStylePreCompute() of libxslt, in order to trigger a denial of service, or to obtain sensitive information...
LibTIFF: denial of service via tiff2rgba
An attacker can invite the victim to open a malicious image with tiff2rgba of LibTIFF, in order to trigger a denial of service...
LibTIFF: three vulnerabilities of bmp2tiff
An attacker can use several vulnerabilities of bmp2tiff of LibTIFF...
Linux kernel: NULL pointer dereference via usbnet
An attacker can plug a malicious USB device, to force a NULL pointer to be dereferenced in usbnet of the Linux kernel, in order to trigger a denial of service...
Drupal Commerce: information disclosure
An attacker can bypass access restrictions to data of Drupal Commerce, in order to obtain sensitive information...
Drupal HybridAuth: two vulnerabilities
An attacker can use several vulnerabilities of Drupal HybridAuth...
Cisco Prime Infrastructure: code execution via Deserialization
An unauthenticated attacker can send serialized data to the web service of Cisco Prime Infrastructure, in order to run code with root privileges...
Cisco Prime Infrastructure: privilege escalation via RBAC HTTP
An authenticated attacker can send a special HTTP query to the API of Cisco Prime Infrastructure, in order to escalate his privileges...
Python-RSA: vulnerability
A vulnerability of Python-RSA was announced...
Linux kernel: bypassing ASLR via Unlimited Stack
An attacker can remove the stack limit for a 32 bit application, in order to bypass ASLR...
WordPress User Role Editor: privilege escalation
An attacker can bypass restrictions of WordPress User Role Editor, in order to escalate his privileges...
WordPress iThemes Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress iThemes Security, in order to run JavaScript code in the context of the web site...
EMC Unisphere for VMAX Virtual Appliance: file upload
An attacker can upload a malicious file on EMC Unisphere for VMAX Virtual Appliance, in order for example to upload a Trojan...
IBM Tivoli Storage Manager FastBack: five vulnerabilities
An attacker can use several vulnerabilities of IBM Tivoli Storage Manager FastBack...
Red Hat JBoss EAP: denial of service via HTTPS NIO Connector
An attacker can generate a fatal error in HTTPS NIO Connector of Red Hat JBoss EAP, in order to trigger a denial of service...
Adobe Flash Player Windows: code execution
An attacker can use a vulnerability of Adobe Flash Player on Windows, in order to run code...
OAR: privilege escalation via oarsh
An attacker can bypass restrictions in oarsh of OAR, in order to escalate his privileges...
VTun: infinite loop of SIGHUP
An attacker can generate an infinite loop in SIGHUP of VTun, in order to trigger a denial of service...
WordPress Advanced Video Embed: directory traversal
An attacker can traverse directories of WordPress Advanced Video Embed, in order to read a file outside the service root path...
Google Android OS: multiple vulnerabilities
An attacker can use several vulnerabilities of Google Android OS...
Cacti: SQL injection of graph_view.php
An attacker can use a SQL injection in graph_view.php of Cacti, in order to read or alter data...
Firefox: audit bypassing via Extension-Reuse
An attacker can create a malicious Firefox extension, and invite the victim to install it, in order to perform operations through other extensions already installed...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 591 592 593 594 595 596 597 598 599 601 603 604 605 606 607 608 609 610 611 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1070