The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
QEMU: memory leak via usbredir_handle_destroy
An attacker, inside a guest system, can create a memory leak via usbredir_handle_destroy() of QEMU, in order to trigger a denial of service on the host system...
QEMU: information disclosure via virgl_cmd_get_capset
A local attacker, inside a guest system, can read a memory fragment via virgl_cmd_get_capset() of QEMU, in order to obtain sensitive information on the host system...
Xen: buffer overflow via qemu ioport
An attacker, inside a guest system, can generate a buffer overflow via qemu ioport of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
Android OS: multiple vulnerabilities of 2016-12-05
An attacker can use several vulnerabilities of Android OS...
Android OS: multiple vulnerabilities of 2016-12-01
An attacker can use several vulnerabilities of Android OS...
WordPress Simple Personal Message: SQL injection
An attacker can use a SQL injection of WordPress Simple Personal Message, in order to read or alter data...
SPIP: Cross Site Scripting via plonger.php
An attacker can trigger a Cross Site Scripting via plonger.php of SPIP, in order to run JavaScript code in the context of the web site...
Joomla Core: code execution via JFilterInput-isFileSafe
An attacker can bypass the JFilterInput::isFileSafe() and JHelperMedia::canUpload() filters of Joomla Core, in order to run code...
Linux kernel: use after free via packet_set_ring
A local attacker with the CAP_NET_RAW capability can force the usage of a freed memory area via packet_set_ring() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
QEMU: memory leak via update_cursor_data_virgl
An attacker, inside a guest system, can create a memory leak via update_cursor_data_virgl() of QEMU, in order to trigger a denial of service on the host system...
QEMU: information disclosure via virgl_cmd_get_capset_info
A local attacker, inside a guest system, can read a memory fragment via virgl_cmd_get_capset_info() of QEMU, in order to obtain sensitive information on the host system...
Joomla AVChat Video Chat Integration Kit: file reading
A local attacker can read a file of Joomla AVChat Video Chat Integration Kit, in order to obtain sensitive information...
FortiOS: information disclosure via Admin Password Hash
A local attacker can read the admin password hash of FortiOS, in order to perform a brute force...
McAfee Application Control: privilege escalation via Command-line Utility
An attacker can bypass restrictions via Command-line Utility of McAfee Application Control, in order to escalate his privileges...
Alcatel-Lucent OmniVista: code execution via GIOP
An unauthenticated attacker can use a vulnerability via GIOP of Alcatel-Lucent OmniVista, in order to run code...
BMC Patrol: privilege escalation via virsh
An attacker can bypass restrictions via virsh of BMC Patrol, in order to escalate his privileges...
Apache httpd: denial of service via HTTP/2
An attacker can generate an overload via the HTTP/2 experimental module of Apache httpd, in order to trigger a denial of service...
zlib: five vulnerabilities
An attacker can use several vulnerabilities of zlib...
Linux kernel: use after free via netlink_dump
An attacker can force the usage of a freed memory area via netlink_dump() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via kill_fasync
An attacker can force the usage of a freed memory area via kill_fasync() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: integer overflow via SO_SND/RCVBUFFORCE
An attacker with the CAP_NET_ADMIN capability can generate an integer overflow via SO_SNDBUFFORCE/SO_RCVBUFFORCE on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
OpenAFS: information disclosure
An attacker can bypass access restrictions to data of OpenAFS, in order to obtain sensitive information...
Linux kernel: information disclosure via pagemap
A local attacker can obtain memory addresses via pagemap on the Linux kernel, in order to obtain sensitive information...
Apache Struts: denial of service via URLValidator
An attacker can generate a resource consumption via URLValidator of Apache Struts, in order to trigger a denial of service...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
McAfee Application Control: privilege escalation via IOCTL
An attacker can bypass restrictions via IOCTL of McAfee Application Control, in order to escalate his privileges...
QEMU: infinite loop via mcf_fec_write
An attacker, inside a guest system, can generate an infinite loop via mcf_fec_write of QEMU, in order to trigger a denial of service on the host system...
Linux kernel: memory corruption via KVM vcpu_id
An attacker, inside a guest system, can generate a memory corruption via KVM vcpu_id on the Linux kernel, in order to trigger a denial of service, and possibly to run code on the host system...
libtcnative: security improvement
The security of libtcnative was improved...
Linux kernel: memory corruption via IPv6 Fragmentation
An attacker can generate a memory corruption via an IPv6 Fragmented packet on the Linux kernel, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 656 657 658 659 660 661 662 663 664 666 668 669 670 671 672 673 674 675 676 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1011