The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco IOS XE: privilege escalation via Revoked Certificate
An attacker can bypass restrictions via Revoked Certificate of Cisco IOS XE, in order to escalate his privileges...
Cisco ACS: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco ACS, in order to run JavaScript code in the context of the web site...
WordPress WP Rocket: directory traversal
An attacker can traverse directories of WordPress WP Rocket, in order to read a file outside the service root path...
LibTIFF: denial of service via TIFFOpen
An attacker can generate a fatal error via TIFFOpen() of LibTIFF, in order to trigger a denial of service...
gdb: buffer overflow via String Operations
An attacker can generate a buffer overflow via String Operations of gdb, in order to trigger a denial of service, and possibly to run code...
GCC: information disclosure via RDRAND/RDSEED
An attacker can bypass access restrictions to data via RDRAND/RDSEED of GCC, in order to obtain sensitive information...
shim: memory corruption via MOK Lists
An attacker can generate a memory corruption via MOK Lists of shim, in order to trigger a denial of service, and possibly to run code...
shim: buffer overflow via DHCPv6 TFTP IPv6 Addresses
An attacker can generate a buffer overflow via DHCPv6 TFTP IPv6 Addresses of shim, in order to trigger a denial of service, and possibly to run code...
reSIProcate: denial of service via SdpContents-Session-Medium-parse
An attacker can generate a fatal error via SdpContents::Session::Medium::parse() of reSIProcate, in order to trigger a denial of service...
Cisco IOS, IOS XE: denial of service via Autonomic Networking
An attacker can generate a fatal error via Autonomic Networking of Cisco IOS or IOS XE, in order to trigger a denial of service...
Cisco IOS, IOS XE: information disclosure via Autonomic Control Plane
An attacker can bypass access restrictions to data via Autonomic Control Plane of Cisco IOS or IOS XE, in order to obtain sensitive information...
Synology Photo Station: multiple vulnerabilities
An attacker can use several vulnerabilities of Synology Photo Station...
Joomla Core: two vulnerabilities
An attacker can use several vulnerabilities of Joomla Core...
Google Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
WordPress Ultimate Affiliate Pro: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Ultimate Affiliate Pro, in order to run JavaScript code in the context of the web site...
WordPress FormCraft Premium: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress FormCraft Premium, in order to run JavaScript code in the context of the web site...
PHP: buffer overflow via zend_ini_do_op
An attacker can generate a buffer overflow via zend_ini_do_op() of PHP, in order to trigger a denial of service, and possibly to run code...
Ruby: information disclosure via GCM IV
An attacker can bypass access restrictions to data via GCM IV of Ruby, in order to obtain sensitive information...
Ruby: code execution via TclTkIp
An attacker can use a vulnerability via TclTkIp of Ruby, in order to run code...
Ruby: SMTP command injection via Net-SMTP CRLF
An attacker can use a vulnerability via Net::SMTP CRLF of Ruby, in order to run code...
JasPer: denial of service via jp2_encode
An attacker can generate a fatal error via jp2_encode() of JasPer, in order to trigger a denial of service...
Subversion: denial of service via SHA-1 Collision
An attacker can use SHA-1 collisions on Subversion, in order to trigger a denial of service...
rkhunter: file reading
A local attacker can read a file of rkhunter, in order to obtain sensitive information...
WordPress Stop User Enumeration: information disclosure
An attacker can bypass access restrictions to data of WordPress Stop User Enumeration, in order to obtain sensitive information...
WordPress YouTube EmbedPlus: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WordPress YouTube EmbedPlus, in order to force the victim to perform operations...
WordPress IBPS Online Exam Plugin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress IBPS Online Exam Plugin, in order to run JavaScript code in the context of the web site...
Linux kernel: out-of-bounds memory reading via XFRM_MSG_MIGRATE
An attacker can force a read at an invalid address via XFRM_MSG_MIGRATE of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information...
rubygem-rack-cors: vulnerability via Malicious Requests
A vulnerability via Malicious Requests of rubygem-rack-cors was announced...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 726 727 728 729 730 731 732 733 734 736 738 739 740 741 742 743 744 745 746 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1058