The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Windows: three vulnerabilities of Hyper-V
An attacker can use several vulnerabilities of Hyper-V of Windows...
Windows: code execution via OLE
An attacker can invite the victim to open a malicious file containing OLE data on Windows, in order to run code...
Microsoft Office: four vulnerabilities
An attacker can use several vulnerabilities of Microsoft Office...
Microsoft .NET: code execution via api-ms-win-appmodel-runtime-l1-1-0.dll
A local attacker can force a malicious library load by an application using Microsoft .NET, in order to run code...
Windows: code execution via XML Core Services
An attacker can invite the victim to display a malformed XML document with XML Core Services of Windows, in order to run code...
Windows, .NET, Office, Skype, Lync: four vulnerabilities of Graphics Component
An attacker can use several vulnerabilities of Graphics Component of Windows, .NET, Office, Skype, Lync...
Microsoft Edge: six vulnerabilities
An attacker can use several vulnerabilities of Microsoft Edge...
Internet Explorer: six vulnerabilities
An attacker can use several vulnerabilities of Internet Explorer...
Perl: out-of-bounds memory reading via VDir-MapPath
An attacker can force a read at an invalid address in VDir::MapPath of Perl, in order to trigger a denial of service, or to obtain sensitive information...
Cisco IOS XR: denial of service via CRC
An attacker can send a malicious packet to Cisco IOS XR on Cisco ASR 9000 Series, in order to trigger a denial of service...
F5 BIG-IP: Man-in-the-Middle of Cloud Amazon, Azure or Verizon
An attacker can act as a Man-in-the-Middle on F5 BIG-IP with Amazon, Azure or Verizon, in order to read or write data in the session...
SAP: multiples vulnerabilities of April 2016
An attacker can use several vulnerabilities of SAP...
TYPO3 Core: four vulnerabilities
An attacker can use several vulnerabilities of TYPO3 Core...
WordPress Plugins: multiple Cross Site Scripting
An attacker can trigger a Cross Site Scripting of several WordPress Plugins, in order to run JavaScript code in the context of the web site...
WordPress Robo Gallery: code execution
An attacker can use a vulnerability of WordPress Robo Gallery, in order to run code...
Cairo: out-of-bounds memory reading via fill_xrgb32_lerp_opaque_spans
An attacker can force a read at an invalid address in fill_xrgb32_lerp_opaque_spans of Cairo, in order to trigger a denial of service, or to obtain sensitive information...
Spring AMQP: code execution via DefaultDeserializer
An attacker can send a malicious message to Spring AMQP, in order to run code...
MySQL: multiple vulnerabilities of April 2016
An attacker can use several vulnerabilities of MySQL...
QEMU: buffer overflow of mipsnet_receive
A remote attacker can send large packets to generate a buffer overflow in the MIPSnet driver of QEMU, in order to trigger a denial of service, and possibly to run code...
ImageMagick: five vulnerabilities
An attacker can use several vulnerabilities of ImageMagick...
WebSphere AS: Man-in-the-Middle of FIPS 140-2
An attacker can act as a Man-in-the-Middle with FIPS 140-2 configured on IBM WebSphere AS, in order to read or write data in the session...
QEMU: buffer overflow of stellaris_enet_receive
A remote attacker can send large packets to generate a buffer overflow in the stellaris_enet driver of QEMU, in order to trigger a denial of service, and possibly to run code...
WordPress Stop User Enumeration: security improvement
The security of WordPress Stop User Enumeration was improved...
Joomla Image Upload: file upload
An attacker can upload a malicious file on Joomla Image Upload, in order for example to upload a Trojan...
WordPress Product Options for WooCommerce: file upload
An attacker can upload a malicious file on WordPress Product Options for WooCommerce, in order for example to upload a Trojan...
Python Pillow: integer overflow of Jpeg2KEncode.c
An attacker can generate an integer overflow in Jpeg2KEncode.c of Python Pillow, in order to trigger a denial of service, and possibly to run code...
LaTeX2rtf: memory corruption via CmdKeywords
An attacker can generate a memory corruption in CmdKeywords of LaTeX2rtf, in order to trigger a denial of service, and possibly to run code...
EncFS: vulnerability
A vulnerability of EncFS was announced...
Linux kernel: five vulnerabilities of USB Device Descriptor
Several vulnerabilities were announced in the Linux kernel...
F5 BIG-IP: SessionID disclosure in the URL
An attacker can read URLs used after a redirection by F5 BIG-IP, in order to obtain the session cookie, and possibly to access to the service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 592 593 594 595 596 597 598 599 600 602 604 605 606 607 608 609 610 611 612 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1104