The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Drupal Workbench Scheduler: changing disabled schedule
An attacker can change a scheduled event of a fixed node in Drupal Workbench Scheduler, in order to change data of the target node...
Cisco AnyConnect Secure Mobility Client: privilege escalation via INF
A local attacker can alter an INF file for Cisco AnyConnect Secure Mobility Client, in order to execute code with SYSTEM privileges...
Dotclear: vulnerability via Blogroll Plugin
A vulnerability via Blogroll Plugin of Dotclear was announced...
Dotclear: three vulnerabilities
An attacker can use several vulnerabilities of Dotclear...
LittleCMS: out-of-bounds memory reading via Type_MLU_Read
An attacker can force a read at an invalid address via Type_MLU_Read of LittleCMS, in order to trigger a denial of service, or to obtain sensitive information...
Eye of GNOME: buffer overflow via GMarkup
An attacker can generate a buffer overflow via GMarkup of Eye of GNOME, in order to trigger a denial of service, and possibly to run code...
WordPress Mail Masta: directory traversal
An attacker can traverse directories of WordPress Mail Masta, in order to read a file outside the service root path...
Pagure: Cross Site Scripting via File Attachment
An attacker can trigger a Cross Site Scripting via File Attachment of Pagure, in order to run JavaScript code in the context of the web site...
OpenSSL: memory corruption via BN_bn2dec
An attacker can generate a memory corruption via BN_bn2dec() of OpenSSL, in order to trigger a denial of service, and possibly to run code...
Cisco FirePOWER: code execution via HTTP
An authenticated attacker can craft HTTP requests to Cisco FirePOWER, in order to run code...
OpenSSL: denial of service via DTLS Window
An attacker can send a DTLS packet with a large sequence number to an application compiled with OpenSSL, in order to trigger a denial of service...
OpenSSL: denial of service via DTLS Reassembly
An attacker can send DTLS packets in the wrong order with missing packets to an application compiled with OpenSSL, in order to trigger a denial of service...
OpenBSD: receiving email copies
An attacker can in some cases receive emails from OpenBSD, which he should not have received...
WordPress Akal Theme: Cross Site Scripting
An attacker can trigger a Cross Site Scripting via Akal Theme of WordPress, in order to run JavaScript code in the context of the web site...
WordPress Themes: directory traversal
An attacker can traverse directories via themes of WordPress containing lib/scripts/dl-skin.php, in order to read a file outside the service root path...
Splunk Enterprise: open redirect
An attacker can deceive the user of Splunk Enterprise, in order to redirect him to a malicious site...
Apache mod_cluster: denial of service via MCMP
An attacker can send a malicious MCMP message to Apache mod_cluster, in order to trigger a denial of service...
Cisco PIX 6: information disclosure via IKE, BENIGNCERTAIN
A remote attacker can read memory fragments via IKE of Cisco PIX 6, in order to obtain VPN encryption keys...
Synology DS/RS: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Synology DS/RS, in order to run JavaScript code in the context of the web site...
Joomla J-BusinessDirectory: SQL injection
An attacker can use a SQL injection of Joomla J-BusinessDirectory, in order to read or alter data...
firewalld: privilege escalation
An attacker can bypass restrictions of firewalld, in order to escalate his privileges...
glibc: denial of service via ARM Backtrace Generation
An attacker can generate a fatal error via ARM Backtrace Generation of glibc, in order to trigger a denial of service...
Knot DNS: denial of service via Zone Size
An attacker can generate a fatal error via Zone Size of Knot DNS, in order to trigger a denial of service...
cracklib2: buffer overflow via Large GECOS
An attacker can generate a buffer overflow via Large GECOS of cracklib2, in order to trigger a denial of service, and possibly to run code...
slock: NULL pointer dereference via Disabled Account
An attacker can force a NULL pointer to be dereferenced via Disabled Account of slock, in order to trigger a denial of service...
WordPress Core: denial of service via wp_ajax_update_plugin
An authenticated attacker can use wp_ajax_update_plugin() on WordPress Core, in order to trigger a denial of service...
Linux kernel: read-write access via MNT_DETACH umount2
An attacker can bypass access restrictions via MNT_DETACH umount2 on the Linux kernel, in order to read or alter data...
Linux kernel: integer overflow via snd_compress_check_input
An attacker can generate an integer overflow via snd_compress_check_input() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 629 630 631 632 633 634 635 636 637 639 641 642 643 644 645 646 647 648 649 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013