The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Jenkins: code execution via Java Deserialization
An attacker can use a vulnerability via Java Deserialization of Jenkins, in order to run code...
Calamares: information disclosure
An attacker can bypass access restrictions to data of Calamares, in order to obtain sensitive information...
IBM Domino: multiple vulnerabilities via iNotes
An attacker can use several vulnerabilities via iNotes of IBM Domino...
Linux kernel: information disclosure via KVM em_x_far
A local attacker can read a memory fragment via KVM em_jmp_far()/em_ret_far() on the Linux kernel, in order to obtain sensitive information...
Firefox, Thunderbird: use after free via SVG Animation
An attacker can force the usage of a freed memory area via a SVG animation on Firefox or Thunderbird, in order to trigger a denial of service, and possibly to run code...
Drupal Elysia Cron: code execution
An attacker can use a vulnerability of Drupal Elysia Cron, in order to run code...
hdf5: four vulnerabilities
An attacker can use several vulnerabilities of hdf5...
Linux kernel: memory leak via xfs_attr_shortform_list
An attacker can create a memory leak via xfs_attr_shortform_list() on the Linux kernel, in order to trigger a denial of service...
F5 BIG-IP: denial of service via TMM
An attacker can send a malicious fragmented packet to FastL4/TMM of F5 BIG-IP, in order to trigger a denial of service...
Teeworlds: code execution
An attacker can use a vulnerability of Teeworlds, in order to run code...
p7zip: NULL pointer dereference via 7zIn.cpp
An attacker can force a NULL pointer to be dereferenced via 7zIn.cpp of p7zip, in order to trigger a denial of service...
Vagrant: privilege escalation via nfs_cleanup
An attacker can bypass restrictions via nfs_cleanup of Vagrant, in order to escalate his privileges...
Subversion: external XML entity injection
An attacker can transmit malicious XML data to Subversion, in order to read a file, scan sites, or trigger a denial of service...
Xen: denial of service via ARM Asynchronous Abort
An attacker, inside a guest system, can generate a fatal error via ARM Asynchronous Abort of Xen, in order to trigger a denial of service on the host system...
Firefox: privilege escalation via data URL
An attacker can bypass restrictions via data: URL of Firefox, in order to escalate his privileges...
WordPress WP Whois Domain: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Whois Domain, in order to run JavaScript code in the context of the web site...
WordPress NextGEN Gallery: code execution
An attacker can use a vulnerability of WordPress NextGEN Gallery, in order to run code...
F5 BIG-IP: denial of service via SPDY-HTTP/2
An attacker can generate a fatal error via SPDY or HTTP/2 of F5 BIG-IP, in order to trigger a denial of service...
Check Point Threat Emulation/Extraction: bypassing MTA filtering
An attacker can send a malicious email to Check Point Threat Emulation/Extraction, which is not filtered...
Linux kernel: NULL pointer dereference via big_key_preparse
An attacker can force a NULL pointer to be dereferenced via big_key_preparse() on the Linux kernel, in order to trigger a denial of service...
WordPress Insert Html Snippet: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress Insert Html Snippet, in order to force the victim to perform operations...
FFmpeg: memory corruption
An attacker can generate a memory corruption of FFmpeg, in order to trigger a denial of service, and possibly to run code...
Bouncy Castle JCE: incorrect computation of NatX.square
An attacker can use a computation error in NatX.square() in the ECDH implementation of Bouncy Castle JCE, in order to obtain a static key...
Perl DBD-mysql: use after free via Prepared Statements
An attacker can force the usage of a freed memory area via Prepared Statements of Perl DBD::mysql, in order to trigger a denial of service, and possibly to run code...
Spark: vulnerability via Smack
A vulnerability via Smack of Spark was announced...
Joomla Kunena: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Joomla Kunena, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 655 656 657 658 659 660 661 662 663 665 667 668 669 670 671 672 673 674 675 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102