The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
GStreamer Plugin: three vulnerabilities
An attacker can use several vulnerabilities of GStreamer Plugin...
Mozilla NSS: information disclosure via Small Subgroup Confinement Attack
An attacker can bypass access restrictions to data via Small Subgroup Confinement Attack of Mozilla NSS, in order to obtain sensitive information...
Mozilla NSS: NULL pointer dereference via PK11_SignWithSymKey
An attacker can force a NULL pointer to be dereferenced via PK11_SignWithSymKey of Mozilla NSS, in order to trigger a denial of service...
Mozilla NSS: information disclosure via Timing Side-channel Resistance
An attacker can bypass access restrictions to data via Timing Side-channel Resistance of Mozilla NSS, in order to obtain sensitive information...
Mozilla Firefox, Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox...
Cisco IOS XE: directory traversal
An attacker can traverse directories of Cisco IOS XE, in order to create a file outside the service root path...
Magento EE: two vulnerabilities
An attacker can use several vulnerabilities of Magento EE...
WordPress WP eCommerce: SQL injection
An attacker can use a SQL injection of WordPress WP eCommerce, in order to read or alter data...
WordPress Huge-IT Lightbox: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Huge-IT Lightbox, in order to run JavaScript code in the context of the web site...
WordPress Gallery Video Gallery: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Gallery Video Gallery, in order to run JavaScript code in the context of the web site...
WordPress Check Email: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Check Email, in order to run JavaScript code in the context of the web site...
Linux kernel: memory corruption via EXT4 Image
An attacker can generate a memory corruption via an EXT4 image on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: NULL pointer dereference via keyctl
An attacker can force a NULL pointer to be dereferenced via keyctl on the Linux kernel, in order to trigger a denial of service...
sudo: privilege escalation via system/popen
An attacker can bypass restrictions via system() or popen() on sudo, in order to escalate his privileges...
Linux kernel: denial of service via shash_async_export
An attacker can generate a fatal error via shash_async_export() on the Linux kernel, in order to trigger a denial of service...
Splunk Enterprise: read-write access via Splunk Web HTTP Request Injection
An attacker can inject an HTTP query in Splunk Web of Splunk Enterprise, in order to read or alter data...
Joomla JoomDOC: information disclosure
An attacker can bypass access restrictions to data of Joomla JoomDOC, in order to obtain sensitive information...
F5 BIG-IP: memory leak via TCP
An attacker can create a memory leak via TCP of F5 BIG-IP, in order to trigger a denial of service...
Dotclear: file upload via blog_theme.php
A privileged attacker can upload a malicious file via blog_theme.php on Dotclear, in order for example to upload a Trojan...
TYPO3 TC Directmail: open redirect
An attacker can deceive the user of TYPO3 TC Directmail, in order to redirect him to a malicious site...
TYPO3 Member Infosheets: SQL injection
An attacker can use a SQL injection of TYPO3 Member Infosheets, in order to read or alter data...
TYPO3 Secure Download Form: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Secure Download Form, in order to run JavaScript code in the context of the web site...
TYPO3 Shibboleth Authentication: SQL injection
An attacker can use a SQL injection of TYPO3 Shibboleth Authentication, in order to read or alter data...
TYPO3 Code Highlighter: two vulnerabilities
An attacker can use several vulnerabilities of TYPO3 Code Highlighter...
TYPO3 Store Locator: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Store Locator, in order to run JavaScript code in the context of the web site...
TYPO3 HTML5 Video Player: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 HTML5 Video Player, in order to run JavaScript code in the context of the web site...
TYPO3 TC Directmail: two vulnerabilities
An attacker can use several vulnerabilities of TYPO3 TC Directmail...
VMware Workstation: privilege escalation via drag-and-drop
An attacker, inside a guest system, can bypass restrictions via drag-and-drop/copy-and-paste of VMware Workstation, in order to escalate his privileges on the host system...
LibTIFF: out-of-bounds memory reading via _TIFFPrintField
An attacker can force a read at an invalid address via _TIFFPrintField of LibTIFF, in order to trigger a denial of service, or to obtain sensitive information...
LibTIFF: buffer overflow via writeBufferToSeparateStrips
An attacker can generate a buffer overflow via writeBufferToSeparateStrips of LibTIFF, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 651 652 653 654 655 656 657 658 659 661 663 664 665 666 667 668 669 670 671 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1091