The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Perl File-Path: permission tampering
A local attacker can create a symbolic link, in order to change the access rights assigned to the pointed file, with the privileges of the process using the Perl module File::Path...
yodl: vulnerability
A vulnerability of yodl was announced...
WordPress Gift Certificate Creator: Cross Site Scripting via giftcertificates.php
An attacker can trigger a stored Cross Site Scripting via giftcertificates.php of WordPress Gift Certificate Creator, in order to run JavaScript code in the context of the web site...
Riverbed SteelHead: directory traversal
An authenticated attacker can traverse directories of the Web interface of Riverbed SteelHead, in order to read a file outside the service root path...
WordPress WP Job Manager: file upload
An attacker can upload a malicious file on WordPress WP Job Manager, in order for example to upload a Trojan...
Joomla HikaShop Business: SQL injection
An attacker can use a SQL injection of Joomla HikaShop Business, in order to read or alter data...
Joomla AYS Quiz: SQL injection
An attacker can use a SQL injection of Joomla AYS Quiz, in order to read or alter data...
Elasticsearch: two vulnerabilities
An attacker can use several vulnerabilities of Elasticsearch...
Palo Alto Panorama: code execution via Firmware Installation
An attacker can invite the victim to install a malicious firmware on Palo Alto Panorama, in order to run code...
WordPress WP Editor.MD: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Editor.MD, in order to run JavaScript code in the context of the web site...
WordPress Markdown on Save Improved: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Markdown on Save Improved, in order to run JavaScript code in the context of the web site...
Dnsmasq: information disclosure via TFTP
A local attacker can read a memory fragment via a TFTP packet used by Dnsmasq, in order to obtain sensitive information...
Wireshark: multiple vulnerabilities
An attacker can use several vulnerabilities of Wireshark...
picocom: shell command injection
An attacker can use a vulnerability of picocom, in order to run code...
WordPress WP Live Chat Support: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Live Chat Support, in order to run JavaScript code in the context of the web site...
WordPress Tribulant Newsletters: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress Tribulant Newsletters...
WordPress WP No External Links: Cross Site Scripting
An authenticated attacker can trigger a Cross Site Scripting of WordPress WP No External Links, in order to run JavaScript code in the context of the web site...
WordPress Themes U-design: file upload
An attacker can upload a malicious file on WordPress Themes U-design, in order for example to upload a Trojan...
QEMU: infinite loop via the USB OHCI emulation
An attacker, inside a guest system, can generate an infinite loop via the USB emulation, OHCI interface in QEMU, in order to trigger a denial of service on the host system...
NVIDIA: privilege escalation
A local attacker can tamper with the NVIDIA kernel driver, in order to escalate his privileges...
Magento: multiple vulnerabilities
An attacker can use several vulnerabilities of Magento...
IBM Domino: information disclosure
An attacker can use a weak TLS handshake as managed by IBM Domino, in order to obtain sensitive information...
Drupal LDAP: multiple vulnerabilities
An attacker can use several vulnerabilities of Drupal LDAP...
IBM Spectrum Protect: password disclosure
An attacker can get the passwords used by IBM Spectrum Protect...
WordPress Simple Slideshow Manager: Cross Site Scripting
An attacker can trigger two Cross Site Scripting of WordPress Simple Slideshow Manager, in order to run JavaScript code in the context of the web site...
LibRaw: four vulnerabilities
An attacker can use several vulnerabilities of LibRaw...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 710 711 712 713 714 715 716 717 718 720 722 723 724 725 726 727 728 729 730 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021