The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Perl XML-LibXML: use after free via Node-replaceChild
An attacker can force the usage of a freed memory area via Node-replaceChild of Perl XML-LibXML, in order to trigger a denial of service, and possibly to run code...
Microsoft: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code...
ISC BIND: two vulnerabilities via TSIG Authentication
An attacker can use several vulnerabilities via TSIG Authentication of ISC BIND...
HPE Network Node Manager i: multiple vulnerabilities of the Web interface
An attacker can use several vulnerabilities of the Web interface of HPE Network Node Manager i...
Cisco IOS, IOS XE: buffer overflow via SNMP
An attacker can generate a buffer overflow via an SNMP packet in Cisco IOS, IOS XE, in order to trigger a denial of service, and possibly to run code...
Libgcrypt: information disclosure via Flush Reload Side-channel Attack
An attacker can bypass access restrictions to data via Flush Reload Side-channel Attack of Libgcrypt, in order to obtain sensitive information...
QEMU: denial of service via NBD SIGPIPE Signal
An attacker can generate a fatal error via a SIGPIPE signal unhandled by Network Block Device of QEMU, in order to trigger a denial of service...
Linux kernel: memory corruption via double fetches
An attacker can generate a memory corruption via a change in pointers between 2 reads by the audio drivers of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Joomla SocialPinBoard: file upload
An attacker can upload a malicious file on Joomla SocialPinBoard, in order for example to upload a Trojan...
Drupal SMTP: information disclosure
An attacker can bypass access restrictions to data of Drupal SMTP, in order to obtain sensitive information...
Drupal Services: SQL injection
An attacker can use a SQL injection of Drupal Services, in order to read or alter data...
WordPress Ultimate Product Catalogue: SQL injection
An attacker can use a SQL injection of WordPress Ultimate Product Catalogue, in order to read or alter data...
Node.js f2e-server: directory traversal
An attacker can traverse directories of Node.js f2e-server, in order to read a file outside the service root path...
Kaspersky Anti-Virus for Linux File Server: privilege escalation via Web Console
An attacker can bypass restrictions via Web Console of Kaspersky Anti-Virus for Linux File Server, in order to escalate his privileges...
FreeIPA: Man-in-the-Middle via CA SubjectAltNames ACL
An attacker can act as a Man-in-the-Middle via CA SubjectAltNames ACL on FreeIPA, in order to read or write data in the session...
IBM Informix Dynamic Server: denial of service via Large Assertion Fail Files
An attacker can generate a fatal error via Large Assertion Fail Files of IBM Informix Dynamic Server, in order to trigger a denial of service...
systemd: buffer overflow via DNS Responses
An attacker can generate a buffer overflow via DNS Responses of systemd, in order to trigger a denial of service, and possibly to run code...
Linux kernel: denial of service via nfsd
An attacker can generate a fatal error via nfsd on the Linux kernel, in order to trigger a denial of service...
LibTIFF: memory leak via tif_jbig.c
An attacker can create a memory leak via tif_jbig.c of LibTIFF, in order to trigger a denial of service...
netpbm: buffer overflow via writeRasterPbm
An attacker can generate a buffer overflow via writeRasterPbm() of netpbm, in order to trigger a denial of service, and possibly to run code...
python-tablib: code execution via Databook Loading
An attacker can use a vulnerability via Databook Loading of python-tablib, in order to run code...
libQt5: information disclosure via QSaveFile
An attacker can bypass access restrictions to data via QSaveFile of libQt5, in order to obtain sensitive information...
libmicrohttpd: two vulnerabilities
An attacker can use several vulnerabilities of libmicrohttpd...
WordPress FormCraft Basic: SQL injection
An attacker can use a SQL injection of WordPress FormCraft Basic, in order to read or alter data...
Microsoft Skype Client: buffer overflow via Clipboard Format
An attacker can generate a buffer overflow via Clipboard Format of Microsoft Skype, in order to trigger a denial of service, and possibly to run code...
Microsoft Malware Protection Engine: privilege escalation via VFS API
An attacker can create a malicious document, to corrupt the memory of Microsoft Malware Protection Engine, in order to gain LocalSystem privileges...
IBM QRadar SIEM: information disclosure via Missing HSTS Header
An attacker can bypass access restrictions to data via Missing HSTS Header of IBM QRadar SIEM, in order to obtain sensitive information...
IBM QRadar SIEM: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of IBM QRadar SIEM, in order to run JavaScript code in the context of the web site...
IBM QRadar SIEM: privilege escalation via Weak Password
An attacker can bypass restrictions via Weak Password of IBM QRadar SIEM, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 717 718 719 720 721 722 723 724 725 727 729 730 731 732 733 734 735 736 737 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021