The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WordPress Estatik: file upload
An attacker can upload a malicious file on WordPress Estatik, in order for example to upload a Trojan...
Android OS: multiple vulnerabilities
An attacker can use several vulnerabilities of Android...
Node.js sanitize-html: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js sanitize-html, in order to run JavaScript code in the context of the web site...
OpenSSL: out-of-bounds memory reading via TS_OBJ_print_bio
An attacker can force a read at an invalid address via TS_OBJ_print_bio() of OpenSSL, in order to trigger a denial of service, or to obtain sensitive information...
WebSphere AS: denial of service via SIP
An attacker can send a malicious SIP packet to IBM WebSphere AS, in order to trigger a denial of service...
Dotclear: Cross Site Scripting via Media Manager
An attacker can trigger a Cross Site Scripting via Media Manager of Dotclear, in order to run JavaScript code in the context of the web site...
Linux kernel: memory corruption via ioctl_send_fib
A local attacker can generate a memory corruption via ioctl_send_fib() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
OpenSSH: two vulnerabilities
An attacker can use several vulnerabilities of OpenSSH...
WordPress ALO EasyMail Newsletter: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress ALO EasyMail Newsletter, in order to force the victim to perform operations...
OpenSSH: denial of service via crypt
An attacker can send a long password, which is hashed by crypt() via OpenSSH, in order to trigger a denial of service...
WordPress WP Live Chat Support: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Live Chat Support, in order to run JavaScript code in the context of the web site...
lighttpd: three vulnerabilities
An attacker can use several vulnerabilities of lighttpd...
WebKit: two vulnerabilities
An attacker can use several vulnerabilities of WebKit...
WordPress Contact Bank Contact Forms Builder: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Contact Bank Contact Forms Builder, in order to run JavaScript code in the context of the web site...
WordPress Booking Calendar: SQL injection
An attacker can use a SQL injection of WordPress Booking Calendar, in order to read or alter data...
WordPress Booking Calendar: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Booking Calendar, in order to run JavaScript code in the context of the web site...
WordPress All In One WP Security and Firewall: privilege escalation
An attacker can bypass restrictions of WordPress All In One WP Security and Firewall, in order to escalate his privileges...
WordPress Easy Testimonials: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Easy Testimonials, in order to run JavaScript code in the context of the web site...
WordPress Insert PHP: code execution
An attacker can use a vulnerability of WordPress Insert PHP, in order to run code...
IBM Tivoli Storage Manager: information disclosure
An attacker can use a vulnerability of IBM Tivoli Storage Manager, in order to obtain sensitive information...
Node.js ezseed-transmission: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on Node.js ezseed-transmission, in order to read or write data in the session...
redis: file reading via redis-cli
A local attacker can read a file via redis-cli of redis, in order to obtain sensitive information...
collectd: buffer overflow
An attacker can generate a buffer overflow of collectd, in order to trigger a denial of service, and possibly to run code...
xmlrpc: integer overflow
An attacker can generate an integer overflow of xmlrpc, in order to trigger a denial of service, and possibly to run code...
Linux kernel: memory corruption via ioctl_file_dedupe_range
A local attacker can generate a memory corruption via ioctl_file_dedupe_range() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
MongoDB: information disclosure via dbshell
A local attacker can read the ~/.dbshell file of a MongoDB user, in order to obtain sensitive information...
PolarSSL: buffer overflow
An attacker can generate a buffer overflow of PolarSSL, in order to trigger a denial of service, and possibly to run code...
MuPDF: use after free
An attacker can force the usage of a freed memory area of MuPDF, in order to trigger a denial of service, and possibly to run code...
PHP: data injection via header
When an attacker can control the parameter of the PHP header() function, he can still alter HTML pages generated by the web server, in order for example to create a Cross Site Scripting...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 623 624 625 626 627 628 629 630 631 633 635 636 637 638 639 640 641 642 643 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013