The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Drupal Fieldable Panels Panes: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Fieldable Panels Panes, in order to run JavaScript code in the context of the web site...
Fine Free File libmagic: buffer overflow of file_check_mem
An attacker can generate a buffer overflow in file_check_mem() of Fine Free File libmagic, in order to trigger a denial of service, and possibly to run code...
Ikiwiki: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Ikiwiki, in order to run JavaScript code in the context of the web site...
OpenAFS: privilege escalation via Foreign Kerberos Realms
An attacker can bypass restrictions in Foreign Kerberos Realms of OpenAFS, in order to escalate his privileges...
OpenAFS: buffer overflow of pioctl
An attacker can generate a buffer overflow in pioctl of OpenAFS, in order to trigger a denial of service, and possibly to run code...
libpam-sshauth: privilege escalation
An attacker can bypass restrictions of libpam-sshauth, in order to escalate his privileges...
Mplayer: integer overflow of GIF
An attacker can generate an integer overflow via GIF of Mplayer, in order to trigger a denial of service, and possibly to run code...
Cisco ASA: denial of service via FirePOWER Module
An attacker can send numerous IP packets to Cisco ASA with FirePOWER, in order to trigger a denial of service...
Little CMS: use after free
An attacker can force the usage of a freed memory area of Little CMS, in order to trigger a denial of service, and possibly to run code...
Linux kernel: information disclosure via rtnl_fill_link_ifmap
A local attacker can read a memory fragment via rtnl_fill_link_ifmap on the Linux kernel, in order to obtain sensitive information...
Linux kernel: information disclosure via llc_cmsg_rcv
A local attacker can read a memory fragment via llc_cmsg_rcv() on the Linux kernel, in order to obtain sensitive information...
Apache Xerces Java: denial of service via Long Attribute Names
An attacker can use long attribute names with Apache Xerces Java, in order to trigger a denial of service...
jq: buffer overflow of tokenadd
An attacker can generate a buffer overflow in tokenadd of jq, in order to trigger a denial of service, and possibly to run code...
Shibboleth Service Provider: data reading via PathRegex
An attacker can change the case of urls, to bypass PathRegex rules of Shibboleth Service Provider, in order to obtain sensitive information...
WordPress bbPress: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress bbPress, in order to run JavaScript code in the context of the web site...
Linux kernel: denial of service via BPF_MAP_TYPE_PROG_ARRAY
A local attacker can create numerous BPF_MAP_TYPE_PROG_ARRAY on the Linux kernel, in order to trigger a denial of service...
Linux kernel: use after free via BPF_PROG_LOAD
A local attacker can force the usage of a freed memory area via BPF_PROG_LOAD on the Linux kernel, in order to trigger a denial of service, and possibly to run code with root privileges...
Linux kernel: information disclosure via perf_event_open
An attacker can use perf_event_open() on the Linux kernel, in order to obtain sensitive information related to the execution of a suid process...
Cisco Prime Collaboration Assurance: open redirect
An attacker can deceive the user of Cisco Prime Collaboration Assurance, in order to redirect him to a malicious site...
McAfee VirusScan Enterprise: unlocking console
A local attacker can bypass the password protection of the McAfee VirusScan Enterprise console, in order to alter the product configuration...
Dotclear: Cross Site Scripting of SVG
An attacker can trigger a Cross Site Scripting in SVG of Dotclear, in order to run JavaScript code in the context of the web site...
eXtplorer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of eXtplorer, in order to run JavaScript code in the context of the web site...
minissdpd: out-of-bounds memory reading
An attacker can force a read at an invalid address of minissdpd, in order to trigger a denial of service, or to obtain sensitive information...
Smarty3: code execution via Template
An attacker can use a vulnerability in Template of Smarty3, in order to run code...
Linux kernel: information disclosure via USB proc_connectinfo
A local attacker can read a memory fragment of USB proc_connectinfo() of the Linux kernel, in order to obtain sensitive information...
libxml2: out-of-bounds memory reading via xmlBufAttrSerializeTxtContent
An attacker can force a read at an invalid address in xmlBufAttrSerializeTxtContent() of libxml2, in order to trigger a denial of service, or to obtain sensitive information...
libxml2: infinite loop of xmlParserEntityCheck
An attacker can generate an infinite recursion in xmlStringGetNodeList() of libxml2, in order to trigger a denial of service...
OpenSSL: six vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
WordPress Tevolution: file upload
An attacker can upload a malicious file on WordPress Tevolution, in order for example to upload a Trojan...
WordPress MainWP: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress MainWP, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 598 599 600 601 602 603 604 605 606 608 610 611 612 613 614 615 616 617 618 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102