The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Moodle: privilege escalation via Default Settings
An attacker can bypass restrictions via Default Settings of Moodle, in order to escalate his privileges...
Moodle: information disclosure via User Fullname
An attacker can bypass access restrictions to data via User Fullname of Moodle, in order to obtain sensitive information...
FreeRDP: multiple vulnerabilities
An attacker can use several vulnerabilities of FreeRDP...
FasterXML jackson-databind: code execution via ObjectMapper readValue Deserialization
An attacker can use a vulnerability via ObjectMapper readValue() Deserialization of FasterXML jackson-databind, in order to run code...
Apache ActiveMQ: code execution via Artemis Deserialization
An attacker can use a vulnerability via Artemis Deserialization of Apache ActiveMQ, in order to run code...
WordPress Salutation Responsive: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Salutation Responsive, in order to run JavaScript code in the context of the web site...
Supervisor: code execution via XML-RPC
An attacker can use a vulnerability via XML-RPC of Supervisor, in order to run code...
Windows: memory leak via SMBv1
An attacker can create a memory leak via SMB of Windows, in order to trigger a denial of service...
WordPress Logosware Suite Uploader: file upload
An attacker can upload a malicious file on WordPress Logosware Suite Uploader, in order for example to upload a Trojan...
Linux kernel: information disclosure via atyfb_ioctl
A local attacker can read a memory fragment via atyfb_ioctl() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: information disclosure via irda_getsockopt
A local attacker can read a memory fragment via irda_getsockopt() of the Linux kernel, in order to obtain sensitive information...
libical: out-of-bounds memory reading via icaltime_from_string
An attacker can a read at an invalid address via icaltime_from_string() of libical, in order to trigger a denial of service, or to obtain sensitive information...
PHPMailer: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of PHPMailer, in order to run JavaScript code in the context of the web site...
Lucene Solr: directory traversal
An attacker can traverse directories of Lucene Solr, in order to read a file outside the service root path...
GraphicsMagick: six vulnerabilities
An attacker can use several vulnerabilities of GraphicsMagick...
GraphicsMagick: denial of service via ReadJPEGImage
An attacker can generate a fatal error via ReadJPEGImage() of GraphicsMagick, in order to trigger a denial of service...
GraphicsMagick: denial of service via ReadOneJNGImage
An attacker can generate a fatal error via ReadOneJNGImage() of GraphicsMagick, in order to trigger a denial of service...
IPsec-Tools: denial of service via ISAKMP Fragments
An attacker can generate a fatal error via ISAKMP Fragments of IPsec-Tools, in order to trigger a denial of service...
Netwide Assembler: buffer overflow via preproc.c
An attacker can generate a buffer overflow via preproc.c of Netwide Assembler, in order to trigger a denial of service, and possibly to run code...
Netwide Assembler: use after free
An attacker can force the usage of a freed memory area of Netwide Assembler, in order to trigger a denial of service, and possibly to run code...
Cacti: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cacti, in order to run JavaScript code in the context of the web site...
FortiOS: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of FortiOS, in order to run JavaScript code in the context of the web site...
Joomla ccNewsletter: SQL injection
An attacker can use a SQL injection of Joomla ccNewsletter, in order to read or alter data...
VMware vCenter Server: three vulnerabilities
An attacker can use several vulnerabilities of VMware vCenter Server...
VMware vCenter Server: privilege escalation via VIX API VM Direct Access
An attacker can bypass restrictions via VIX API VM Direct Access of VMware vCenter Server, in order to escalate his privileges...
the_silver_searcher: buffer overflow via Absolute Path
An attacker can generate a buffer overflow via Absolute Path of the_silver_searcher, in order to trigger a denial of service, and possibly to run code...
WebKitGTK: multiple vulnerabilities
An attacker can use several vulnerabilities of WebKitGTK...
Cisco ASA, IOS, XE, NX-OS: privilege escalation via OSPF LSA
An attacker can bypass restrictions via OSPF LSA of Cisco, in order to escalate his privileges...
TYPO3 Formhandler: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Formhandler, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 727 728 729 730 731 732 733 734 735 737 739 740 741 742 743 744 745 746 747 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1058