The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libarchive: three vulnerabilities
An attacker can use several vulnerabilities of libarchive...
Apache Struts: two vulnerabilities
An attacker can use several vulnerabilities of Apache Struts...
WordPress Gravity Forms: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Gravity Forms, in order to run JavaScript code in the context of the web site...
WordPress OneLogin SAML SSO: security improvement
The security of WordPress OneLogin SAML SSO was improved...
WordPress WP Marketplace: file upload
An attacker can upload a malicious file on WordPress WP Marketplace, in order for example to upload a Trojan...
GeoTools: external XML entity injection
An attacker can transmit malicious XML data to GeoTools, in order to read a file, scan sites, or trigger a denial of service...
Puppet: six vulnerabilities
An attacker can use several vulnerabilities of Puppet...
Linux kernel: denial of service via GRO
An attacker can send malicious GRO packets to the Linux kernel, in order to trigger a denial of service...
Linux kernel: buffer overflow via brcmf_cfg80211_start_ap
An attacker can generate a buffer overflow via brcmf_cfg80211_start_ap() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
libgd: memory corruption
An attacker can generate a memory corruption of libgd, in order to trigger a denial of service, and possibly to run code...
mpg123: out-of-bounds memory reading via id3
An attacker can force a read at an invalid address via id3 of mpg123, in order to trigger a denial of service, or to obtain sensitive information...
Derby: external XML entity injection
An attacker can transmit malicious XML data to Derby, in order to read a file, scan sites, or trigger a denial of service...
QEMU: denial of service via serial_update_parameters
An attacker, inside a guest system, can generate a fatal error via serial_update_parameters of QEMU, in order to trigger a denial of service on the host system...
QEMU: denial of service via rocker_io_writel
An attacker, inside a guest system, can generate a fatal error via rocker_io_writel of QEMU, in order to trigger a denial of service on the host system...
QEMU: denial of service via rc4030_write
An attacker, inside a guest system, can generate a fatal error via rc4030_write of QEMU, in order to trigger a denial of service on the host system...
WordPress Newsletter: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Newsletter, in order to run JavaScript code in the context of the web site...
OpenBSD: denial of service via smtpd
An attacker can generate a fatal error in smtpd of OpenBSD, in order to trigger a denial of service...
Red Hat JBoss EAP: code execution via JMX Servlet
An attacker can use an unserialization via JMX Servlet of Red Hat JBoss EAP, in order to run code...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
Linux kernel: denial of service via fdatasync
An attacker can generate a fatal error via fdatasync() on the Linux kernel, in order to trigger a denial of service...
Linux kernel: buffer overflow via proc_keys_show
An attacker can generate a buffer overflow via proc_keys_show() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
dbus-daemon: memory corruption
An attacker can generate a memory corruption of dbus-daemon, in order to trigger a denial of service, and possibly to run code...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
Magento CE/EE 1: multiple vulnerabilities
An attacker can use several vulnerabilities of Magento CE/EE 1...
Magento CE/EE 2: multiple vulnerabilities
An attacker can use several vulnerabilities of Magento CE/EE 2...
OpenOffice: two vulnerabilities via Windows Installer
An attacker can use several vulnerabilities via Windows Installer of OpenOffice...
Cisco Unified Communications Manager: privilege escalation via ClickJacking
An attacker can use a ClickJacking of Cisco Unified Communications Manager, in order to escalate his privileges...
Cisco Prime Infrastructure: SQL injection
An attacker can use a SQL injection of Cisco Prime Infrastructure, in order to read or alter data...
Cisco cBR-8: privilege escalation via Vty Line
An attacker can bypass restrictions via Vty Line of Cisco cBR-8, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 643 644 645 646 647 648 649 650 651 653 655 656 657 658 659 660 661 662 663 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1013