The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
TYPO3 Event Management And Registration: SQL injection
An attacker can use a SQL injection of TYPO3 Event Management And Registration, in order to read or alter data...
TYPO3 News system: SQL injection
An attacker can use a SQL injection of TYPO3 News system, in order to read or alter data...
Office Word: code execution via OLE
An attacker can use a vulnerability via OLE of Office Word, in order to run code when a malicious document is opened...
WordPress WP Statistics: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Statistics, in order to run JavaScript code in the context of the web site...
WordPress HDW Player: SQL injection
An attacker can use a SQL injection of WordPress HDW Player, in order to read or alter data...
F5 BIG-IP 11.5.4 HF3: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on F5 BIG-IP 11.5.4 HF3, in order to read or write data in the session...
WordPress Salient Themes: SQL injection
An attacker can use a SQL injection of WordPress Salient Themes, in order to read or alter data...
WordPress Gravity Forms: file upload
An attacker can upload a malicious file on WordPress Gravity Forms, in order for example to upload a Trojan...
Joomla com_winners: SQL injection
An attacker can use a SQL injection of Joomla com_winners, in order to read or alter data...
Castle Rock SNMPc: SQL injection via SNMP
An attacker can use a SQL injection via SNMP of Castle Rock SNMPc, in order to read or alter data...
Ghostscript: NULL pointer dereference via mem_get_bits_rectangle
An attacker can force a NULL pointer to be dereferenced via mem_get_bits_rectangle() of Ghostscript, in order to trigger a denial of service...
JasPer: integer overflow via jpc_dec_tiledecode
An attacker can generate an integer overflow via jpc_dec_tiledecode() of JasPer, in order to trigger a denial of service, and possibly to run code...
QOS.ch Logback: code execution via Deserialize
An attacker can use a vulnerability via Deserialize of logback, in order to run code...
LibTIFF: multiple vulnerabilities via UBSAN
An attacker can use several vulnerabilities via UBSAN of LibTIFF...
LibTIFF: denial of service via JPEGSetupEncode
An attacker can generate a fatal error via JPEGSetupEncode() of LibTIFF, in order to trigger a denial of service...
LibTIFF: memory leak via OJPEGReadHeaderInfoSecTablesDcTable
An attacker can create a memory leak via OJPEGReadHeaderInfoSecTablesDcTable() of LibTIFF, in order to trigger a denial of service...
LibTIFF: out-of-bounds memory reading via tif_rawdata
An attacker can force a read at an invalid address via tif_rawdata() of LibTIFF, in order to trigger a denial of service, or to obtain sensitive information...
LibTIFF: denial of service via putagreytile
An attacker can generate a fatal error via putagreytile() of LibTIFF, in order to trigger a denial of service...
WordPress Calendar by WD: SQL injection
An attacker can use a SQL injection of WordPress Calendar by WD, in order to read or alter data...
WordPress CopySafe Web Protection: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress CopySafe Web Protection, in order to force the victim to perform operations...
WordPress WHIZZ: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WHIZZ, in order to run JavaScript code in the context of the web site...
FFmpeg: code execution via libavformat/http.c
An attacker can use a vulnerability via libavformat/http.c of FFmpeg, in order to run code...
WordPress Ad Widget: directory traversal
An attacker can traverse directories of WordPress Ad Widget, in order to read a file outside the service root path...
TigerVNC: five vulnerabilities
An attacker can use several vulnerabilities of TigerVNC...
Cisco Wireless LAN Controller: denial of service via RADIUS CoA
An attacker can send malicious RADIUS CoA packets to Cisco Wireless LAN Controller, in order to trigger a denial of service...
WordPress BlogVault: code execution
An attacker can use a vulnerability of WordPress BlogVault, in order to run code...
Apache Tomcat: directory traversal via config/version
An attacker can traverse directories via config/version of Apache Tomcat, in order to read a file outside the service root path...
Puppet mcollective-puppet-agent: privilege escalation
An attacker can bypass restrictions of Puppet mcollective-puppet-agent, in order to escalate his privileges...
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 693 694 695 696 697 698 699 700 701 703 705 706 707 708 709 710 711 712 713 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1049