The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
LibTIFF: denial of service via TIFFReadDirEntryArray
An attacker can generate a fatal error via TIFFReadDirEntryArray() of LibTIFF, in order to trigger a denial of service...
WordPress Photo Gallery: SQL injection
An attacker can use a SQL injection of WordPress Photo Gallery, in order to read or alter data...
NetApp Data ONTAP: denial of service via NFS
An attacker can generate a fatal error via NFS of NetApp Data ONTAP, in order to trigger a denial of service...
XML Security Library: external XML entity injection
An attacker can transmit malicious XML data to XML Security Library (xmlsec), in order to read a file, scan sites, or trigger a denial of service...
augeas: code execution
An attacker can use a vulnerability of augeas, in order to run code...
glibc: spoofing via ENDS0
An attacker can use a large/fragmented ENDS0 reply for the DNS resolver of glibc, in order to spoof an address...
Bodhi: Cross Site Scripting via ticket subjects
An attacker can trigger a Cross Site Scripting via ticket subjects of Bodhi, in order to run JavaScript code in the context of the web site...
Cyrus IMAP: file creation via SYNCAPPLY
A local attacker can create a file via SYNCAPPLY, SYNCGET or SYNCRESTORE of Cyrus IMAP, in order to obtain sensitive information...
Cryptlib: security improvement
The security of Cryptlib was improved...
Tor Browser Launcher: security improvement via Signature Verification
The security of Tor Browser Launcher was improved via Signature Verification...
CHICKEN: information disclosure via Symbol Table
An attacker can bypass access restrictions to data via Symbol Table of CHICKEN, in order to obtain sensitive information...
strongSwan: NULL pointer dereference via Gmp Plugin
An attacker can force a NULL pointer to be dereferenced via Gmp Plugin of strongSwan, in order to trigger a denial of service...
newsbeuter: code execution via Bookmark
An attacker can use a vulnerability via Bookmark of newsbeuter, in order to run code...
Open vSwitch: out-of-bounds memory reading via Message Parsing
An attacker can force a read at an invalid address via Message Parsing of Open vSwitch, in order to trigger a denial of service, or to obtain sensitive information...
Open vSwitch: assertion error via OpenFlow
An attacker can force an assertion error via OpenFlow of Open vSwitch, in order to trigger a denial of service...
Elastic X-Pack: privilege escalation via TLS Trust Manager
An attacker can bypass restrictions via TLS Trust Manager of Elastic X-Pack, in order to escalate his privileges...
Joomla com_weblinks: file upload
An attacker can upload a malicious file on Joomla com_weblinks, in order for example to upload a Trojan...
WordPress Share on Diaspora: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Share on Diaspora, in order to run JavaScript code in the context of the web site...
Joomla com_jumi: SQL injection
An attacker can use a SQL injection of Joomla com_jumi, in order to read or alter data...
PHP: use after free via var_unserializer.re
An attacker can force the usage of a freed memory area via var_unserializer.re of PHP, in order to trigger a denial of service, and possibly to run code...
PHP: use after free via zval_get_type
An attacker can force the usage of a freed memory area via zval_get_type() of PHP, in order to trigger a denial of service, and possibly to run code...
PHP: out-of-bounds memory reading via finish_nested_data
An attacker can force a read at an invalid address via finish_nested_data() of PHP, in order to trigger a denial of service, or to obtain sensitive information...
Cacti: Cross Site Scripting via spikekill.php
An attacker can trigger a Cross Site Scripting via spikekill.php of Cacti, in order to run JavaScript code in the context of the web site...
libmspack: denial of service via CAB
An attacker can generate a fatal error via CAB of libmspack, in order to trigger a denial of service...
Shutter: code execution via Run a plugin
An attacker can use a vulnerability via Run a plugin of Shutter, in order to run code...
Drupal Views Refresh: information disclosure via Ajax
An attacker can bypass access restrictions to data via Ajax of Drupal Views Refresh, in order to obtain sensitive information...
Drupal Views: information disclosure via Ajax
An attacker can bypass access restrictions to data via Ajax of Drupal Views, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 733 734 735 736 737 738 739 740 741 743 745 746 747 748 749 750 751 752 753 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1090