The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Node.js sequelize: SQL injection
An attacker can use a SQL injection of Node.js sequelize, in order to read or alter data...
Node.js jwt-simple: privilege escalation
An attacker can bypass restrictions of Node.js jwt-simple, in order to escalate his privileges...
PAN-OS: Cross Site Scripting via Captive Portal
An attacker can trigger a Cross Site Scripting via Captive Portal of PAN-OS, in order to run JavaScript code in the context of the web site...
PAN-OS: privilege escalation via REST API Tokens
An attacker can bypass restrictions via REST API Tokens of PAN-OS, in order to escalate his privileges...
libwmf: denial of service
An attacker can generate a fatal error of libwmf, in order to trigger a denial of service...
Django: two vulnerabilities
An attacker can use several vulnerabilities of Django...
Mailman: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Mailman, in order to force the victim to perform operations...
Linux kernel: denial of service via EXT4
An attacker can generate a fatal error via EXT4 on the Linux kernel, in order to trigger a denial of service...
LibTIFF: memory corruption via gif2tiff
An attacker can generate a memory corruption via gif2tiff of LibTIFF, in order to trigger a denial of service, and possibly to run code...
GraphicsMagick: memory corruption via AcquireQuantumPixels
An attacker can generate a memory corruption via AcquireQuantumPixels of GraphicsMagick, in order to trigger a denial of service, and possibly to run code...
GraphicsMagick: buffer overflow via Mogrify
An attacker can generate a buffer overflow via Mogrify of GraphicsMagick, in order to trigger a denial of service, and possibly to run code...
Perl XML-Twig: external XML entity injection
An attacker can transmit malicious XML data to Perl XML-Twig, in order to read a file, scan sites, or trigger a denial of service...
OTRS Help Desk: Cross Site Scripting via Attachment
An attacker can trigger a Cross Site Scripting via an attachment of OTRS Help Desk, in order to run JavaScript code in the context of the web site...
Memcached: three vulnerabilities
An attacker can use several vulnerabilities of Memcached...
KDE PIM: code execution via JavaScript
An attacker can use a vulnerability via JavaScript of KDE PIM, in order to run code...
KDE PIM: information disclosure via JavaScript
An attacker can bypass access restrictions to data via JavaScript of KDE PIM, in order to obtain sensitive information...
libxml2: use after free via xmlXPtrRangeToFunction
An attacker can force the usage of a freed memory area via xmlXPtrRangeToFunction of libxml2, in order to trigger a denial of service, and possibly to run code...
libxml2: use after free via Namespace
An attacker can force the usage of a freed memory area via Namespace of libxml2, in order to trigger a denial of service, and possibly to run code...
ISC BIND: assertion error via DNAME
An attacker can force an assertion error via DNAME of ISC BIND, in order to trigger a denial of service...
tar: directory traversal
An attacker can traverse directories of tar, in order to create a file outside the service root path...
Curl: multiple vulnerabilities
An attacker can use several vulnerabilities of Curl...
Cairo: denial of service via SVG
An attacker can generate a fatal error via SVG of Cairo, in order to trigger a denial of service...
QEMU: memory leak via v9fs_write
A privileged attacker, inside a guest system, can create a memory leak via v9fs_write of QEMU, in order to trigger a denial of service on the host system...
QEMU: memory leak via v9fs_link
A privileged attacker, inside a guest system, can create a memory leak via v9fs_link of QEMU, in order to trigger a denial of service on the host system...
WordPress GoDaddy Email Marketing: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress GoDaddy Email Marketing, in order to force the victim to perform operations...
QEMU: integer overflow via v9fs_xattr
A privileged attacker, inside a guest system, can generate an integer overflow via v9fs_xattr of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
tre: memory corruption
An attacker can generate a memory corruption of tre, in order to trigger a denial of service, and possibly to run code...
QEMU: information disclosure via v9fs_xattrcreate
A privileged local attacker, inside a guest system, can read a memory fragment via v9fs_xattrcreate() of QEMU, in order to obtain sensitive information on the host system...
QEMU: memory leak via v9fs_xattrcreate
A privileged attacker, inside a guest system, can create a memory leak via v9fs_xattrcreate of QEMU, in order to trigger a denial of service on the host system...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 647 648 649 650 651 652 653 654 655 657 659 660 661 662 663 664 665 666 667 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1020