The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Drupal Unpublished 404: vulnerability
A vulnerability of Drupal Unpublished 404 was announced...
Drupal Timezone Detect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Drupal Timezone Detect, in order to force the victim to perform operations...
QEMU: out-of-bounds memory reading via vnc_refresh_server_surface
An attacker, inside a guest system, can force a read at an invalid address via vnc_refresh_server_surface() of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
libquicktime: integer overflow via quicktime_read_pascal
An attacker can generate an integer overflow via quicktime_read_pascal() of libquicktime, in order to trigger a denial of service, and possibly to run code...
Linux kernel: privilege escalation via event-ctx
An attacker can bypass restrictions via event->ctx on the Linux kernel, in order to escalate his privileges...
Jasig CAS Server: security improvement
The security of Jasig CAS Server was improved...
WordPress ByREV WP-PICShield: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress ByREV WP-PICShield, in order to force the victim to perform operations...
IBM Tivoli Storage Manager: buffer overflow via SELECT
An attacker can generate a buffer overflow via SELECT of IBM Tivoli Storage Manager, in order to trigger a denial of service, and possibly to run code...
WordPress Rockhoist Badges: Cross Site Scripting via rh-badges.php
An attacker can trigger a Cross Site Scripting via the page "rh-badges.php" of WordPress Rockhoist Badges, in order to run JavaScript code in the context of the web site...
Tenable Nessus: file upload
An authenticated attacker can upload a malicious file on Tenable Nessus, in order for example to upload a Trojan...
Palo Alto PAN-OS: directory traversal via the magament Web interface
An authenticated attacker can traverse directories via interface of Palo Alto PAN-OS, in order to read a file outside the service root path...
Palo Alto PAN-OS: Cross Site Scripting via the management interface
An authenticated attacker can trigger a stored Cross Site Scripting via the management interface of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site...
WordPress Mail-Masta: SQL injection
An attacker can use a SQL injection of WordPress Mail-Masta, in order to read or alter data...
Profanity: privilege escalation via Message Carbons
An attacker can bypass restrictions via Message Carbons of Profanity, in order to escalate his privileges...
curl: Man-in-the-Middle with SSL_VERIFYSTATUS
An attacker can act as a Man-in-the-Middle on curl with CURLOPT_SSL_VERIFYSTATUS, in order to read or write data in the session...
JGroups: two vulnerabilities
An attacker can use several vulnerabilities of JGroups...
QEMU: buffer overflow via cirrus_bitblt_cputovideo
An attacker, inside a guest system, can generate a buffer overflow via cirrus_bitblt_cputovideo of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
pfSense: multiple Cross Site Scripting in the captive portal
An attacker can trigger several Cross Site Scripting in the portal of pfSense, in order to run JavaScript code in the context of the web site...
pfSense: injection of PHP code via wizard.php
An attacker can make the administration web interface of pfSense run arbitrary PHP code, in order to get full administration privileges...
IBM WebSphere MQ: multiple vulnerabilities
An attacker can use several vulnerabilities of IBM WebSphere MQ...
GStreamer: out-of-bounds memory reading via gst_avi_demux_parse_ncdt
An attacker can force a read at an invalid address via gst_avi_demux_parse_ncdt() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information...
GStreamer: out-of-bounds memory reading via gst_avi_demux_parse_ncdt
An attacker can force a read at an invalid address via gst_avi_demux_parse_ncdt() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information...
GStreamer: out-of-bounds memory reading via qtdemux_tag_add_str_full
An attacker can force a read at an invalid address via qtdemux_tag_add_str_full() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information...
GStreamer: out-of-bounds memory reading via html_context_handle_element
An attacker can force a read at an invalid address via html_context_handle_element() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information...
GStreamer: buffer overflow via gst_riff_create_audio_caps
An attacker can generate a buffer overflow via gst_riff_create_audio_caps() of GStreamer, in order to trigger a denial of service, and possibly to run code...
GStreamer: out-of-bounds memory reading via gst_date_time_new_from_iso8601_string
An attacker can force a read at an invalid address via gst_date_time_new_from_iso8601_string() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information...
pfSense: multiple Cross Site Scripting and Cross Site Request Forgery in the administration web interface
An attacker can trigger "Cross Site Scripting" of inject HTTP commands in the administration interface of pfSense, in order to run JavaScript code or inject administrative commands in the context of the web site...
libplist: three vulnerabilities
An attacker can use several vulnerabilities of libplist...
WordPress GTranslate: open redirect
An attacker can deceive the user of WordPress GTranslate, in order to redirect him to a malicious site...
WordPress Time Sheets plugin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Time Sheets plugin, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 678 679 680 681 682 683 684 685 686 688 690 691 692 693 694 695 696 697 698 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1059