The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libtomcrypt: information disclosure via Bleichenbacher
An attacker can bypass access restrictions to data via Bleichenbacher of libtomcrypt, in order to obtain sensitive information...
Infoblox Network Automation: two vulnerabilities
An attacker can use several vulnerabilities of Infoblox Network Automation...
QEMU: out-of-bounds memory reading via LSI SAS1068
An attacker, in a guest system, can force a read at an invalid address via LSI SAS1068 of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
QEMU: infinite loop via PVSCSI IO Request Descriptor
An attacker, in a guest system, can generate an infinite loop via PVSCSI IO Request Descriptor of QEMU, in order to trigger a denial of service on the host system...
QEMU: out-of-bounds memory reading via PVSCSI_CMD_SETUP_RINGS
An attacker, in a guest system, can force a read at an invalid address via PVSCSI_CMD_SETUP_RINGS of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
Aruba, Alcatel: known private key for securelogin
An attacker can act as a Man-in-the-Middle on Aruba and Alcatel, in order to read or write data in the session...
WordPress RB Agency: directory traversal
An attacker can traverse directories of WordPress RB Agency, in order to read a file outside the service root path...
jsch: directory traversal
An attacker can traverse directories of jsch, in order to read a file outside the service root path...
WordPress CYSTEME Finder: file upload
An attacker can upload a malicious file on WordPress CYSTEME Finder, in order for example to upload a Trojan...
WordPress Import Users From CSV With Meta: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Import Users From CSV With Meta, in order to force the victim to perform operations...
WordPress Import Users From CSV With Meta: denial of service
An attacker can generate a fatal error of WordPress Import Users From CSV With Meta, in order to trigger a denial of service...
WordPress Centrora Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Centrora Security, in order to run JavaScript code in the context of the web site...
cURL: session reuse even if client certificate changed
The TLS client of libcurl can reuse a session even if the client certificate changed, which may lead to the authentication with an incorrect identity...
Kaspersky Anti-Virus: denial of service via Window Messages
An attacker can generate a fatal error via Window Messages of Kaspersky Anti-Virus, in order to trigger a denial of service...
Cisco IOS: information disclosure via PPTP
A local attacker can read a memory fragment via PPTP of Cisco IOS, in order to obtain sensitive information...
Google Nexus 5X: information disclosure via Oem Panic
A local attacker can read a memory fragment via Oem Panic of Google Nexus, in order to obtain sensitive information...
Mailman: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Mailman, in order to force the victim to perform operations...
IBM Tivoli Storage Manager for Space Management: information disclosure via Tracing
An attacker can read logs of Tracing of IBM Tivoli Storage Manager for Space Management, in order to obtain sensitive information...
libksba: denial of service via Certificate Parsing
An attacker can generate a fatal error via Certificate Parsing of libksba, in order to trigger a denial of service...
EMI caNl: vulnerability via Proxy DN
A vulnerability via Proxy DN of EMI caNl was announced...
WebKit: memory corruption
An attacker can generate a memory corruption of WebKit, in order to trigger a denial of service, and possibly to run code...
Apple Mac OS X: two vulnerabilities
An attacker can use several vulnerabilities of Apple Mac OS X...
F5 BIG-IP: password changes not saved
An attacker can use an old password on F5 BIG-IP, in order to access to the system...
Google Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
Cisco Wireless LAN Controller: denial of service via wIPS
An attacker can send a malicious wIPS packet to Cisco Wireless LAN Controller, in order to trigger a denial of service...
Cisco Wireless LAN Controller: denial of service via SNMP TSM
An attacker can send a malicious SNMP TSM packet to Cisco Wireless LAN Controller, in order to trigger a denial of service...
libgd: out-of-bounds memory reading via read_image_tga
An attacker can force a read at an invalid address via read_image_tga of libgd, in order to trigger a denial of service, or to obtain sensitive information...
Drupal Flag: information disclosure
An attacker can bypass access restrictions to data of Drupal Flag, in order to obtain sensitive information...
Cisco Small Business SPA300 Series IP Phone: denial of service via HTTP
An attacker can send a malicious HTTP packet to Cisco Small Business SPA300 Series IP Phone, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 631 632 633 634 635 636 637 638 639 641 643 644 645 646 647 648 649 650 651 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1048