The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Red Hat JBoss EAP: privilege escalation via server.log
An attacker can bypass restrictions via server.log of Red Hat JBoss EAP, in order to escalate his privileges...
mupdf: three vulnerabilities
An attacker can use several vulnerabilities of mupdf...
Shotwell: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on Shotwell, in order to read or write data in the session...
WavPack: four vulnerabilities
An attacker can use several vulnerabilities of WavPack...
WordPress: privilege escalation via REST API
An attacker can bypass restrictions via REST API of WordPress, in order to escalate his privileges...
IBM Tivoli Storage Manager Operations Center: four vulnerabilities
An attacker can use several vulnerabilities of IBM Tivoli Storage Manager...
IBM Tivoli Storage Manager for Virtual Environments: information disclosure via Password Disclosure
An attacker can bypass access restrictions to data via Password Disclosure of IBM Tivoli Storage Manager for Virtual Environments, in order to obtain sensitive information...
IBM InfoSphere DataStage: buffer overflow via ICU4C
An attacker can generate a buffer overflow via the Locale class of ICU as used in IBM InfoSphere DataStage, in order to trigger a denial of service, and possibly to run code...
McAfee ePolicy Orchestrator: SQL injection via ePO Core Services
An attacker can use a SQL injection via ePO Core Services of McAfee ePolicy Orchestrator, in order to read or alter data...
iucode-tool: memory corruption
An attacker can generate a memory corruption of iucode-tool, in order to trigger a denial of service, and possibly to run code...
Moodle: two vulnerabilities
An attacker can use several vulnerabilities of Moodle...
Moodle: three vulnerabilities
An attacker can use several vulnerabilities of Moodle...
JasPer: out-of-bounds memory reading via jpc_pi_nextpcrl
An attacker can force a read at an invalid address via jpc_pi_nextpcrl() of JasPer, in order to trigger a denial of service, or to obtain sensitive information...
OpenBSD: denial of service via an HTTP requiest with byte range
An attacker can trigger an excessive consumption of memory in the HTTP server of OpenBSD sending a GET request with a byte range specification for the response body, in order to trigger a denial of service...
Cisco ASR: denial of service via SNMP
An authenticated attacker can send polling SNMP packets to Cisco ASR, in order to trigger a denial of service...
Drupal Better Exposed Filters: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Better Exposed Filters, in order to run JavaScript code in the context of the web site...
Cisco Email Security Appliance: filtering bypass via MIME headers tampering
An attacker can tamper with the MIME headers of emails, in order to bypass filtering rules of Cisco Email Security Appliance...
QEMU: memory leak via VIRTIO_GPU_CMD_RESOURCE_UNREF
An attacker, inside a guest system, can create a memory leak via VIRTIO_GPU_CMD_RESOURCE_UNREF of QEMU, in order to trigger a denial of service on the host system...
QEMU: memory leak via MegaRAID SAS 8708EM2
An attacker, inside a guest system, can create a memory leak via MegaRAID SAS 8708EM2 of QEMU, in order to trigger a denial of service on the host system...
bzrtp: Man-in-the-Middle via DHPart2
An attacker can act as a Man-in-the-Middle via DHPart2 on bzrtp, in order to read or write data in the session...
NTFS-3G: privilege escalation via modprobe
An attacker can bypass restrictions via modprobe of NTFS-3G, in order to escalate his privileges...
Linux kernel: out-of-bounds memory reading via fb_copy_cmap
An attacker can force a read at an invalid address via fb_copy_cmap() on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
GnuTLS: Man-in-the-Middle via gnutls_ocsp_resp_check_crt
An attacker can act as a Man-in-the-Middle via gnutls_ocsp_resp_check_crt() on GnuTLS, in order to read or write data in the session...
QEMU: buffer overflow via the emulation driver of the Cirrus VGA card
An attacker, inside a guest system, can generate a buffer overflow in the emulated device driver of QEMU for Cirrus VGA cards, in order to trigger a denial of service, and possibly to run code on the host system...
gd: out-of-bounds memory reading via TGA Decompression
An attacker can force a read at an invalid address via TGA Decompression of gd, in order to trigger a denial of service, or to obtain sensitive information...
libplist: buffer overflow
An attacker can generate a buffer overflow of libplist, in order to trigger a denial of service, and possibly to run code...
libplist: out-of-bounds memory reading
An attacker can force a read at an invalid address of libplist, in order to trigger a denial of service, or to obtain sensitive information...
Sophos SafeGuard encryption: lack of encryption for removable media
An attacker can invite a victim to plug removable media containing sensitive files into a "Surface Dock" to disable Sophos SafeGuard encryption, in order to get these sensible files...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 672 673 674 675 676 677 678 679 680 682 684 685 686 687 688 689 690 691 692 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1003