The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
BlueZ: information disclosure via SDP
A local attacker can read a memory fragment via SDP of BlueZ, in order to obtain sensitive information...
libzip: denial of service via _zip_read_eocd64
An attacker can generate a fatal error via _zip_read_eocd64() of libzip, in order to trigger a denial of service...
MIMEDefang: privilege escalation via PID File
An attacker can bypass restrictions via PID File of MIMEDefang, in order to escalate his privileges...
Windows: vulnerabilities of September 2017
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Lync/Skype: vulnerabilities of September 2017
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Office/SharePoint: vulnerabilities of September 2017
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Edge: vulnerabilities of September 2017
An attacker can use several vulnerabilities of Microsoft products...
Microsoft .NET Framework: code execution
An attacker can use a vulnerability of Microsoft .NET Framework, in order to run code...
Internet Explorer: vulnerabilities of September 2017
An attacker can use several vulnerabilities of Microsoft products...
Adobe Flash Player: two vulnerabilities
An attacker can use several vulnerabilities of Adobe Flash Player...
Joomla Payplans: read-write access via Price Manipulation
An attacker can bypass access restrictions via Price Manipulation of Joomla Payplans, in order to read or alter data...
Bluetooth Drivers: multiple vulnerabilities
Several vulnerabilities were announced in several implementations of Bluetooth drivers...
Xen: privilege escalation via Grant Mapping
An attacker, inside a guest system, can bypass restrictions via Grant Mapping of Xen, in order to escalate his privileges on the host system...
Xen: use after free via cxenstored
An attacker, inside a guest system, can force the usage of a freed memory area via cxenstored of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
Xen: privilege escalation via Grant Table
An attacker, inside a guest system, can bypass restrictions via Grant Table of Xen, in order to escalate his privileges on the host system...
Xen: privilege escalation via NUMA Node Parameter
An attacker, inside a guest system, can bypass restrictions via NUMA Node Parameter of Xen, in order to escalate his privileges on the host system...
Node.js Modules: directory traversal
An attacker can traverse directories of several Node.js modules, in order to read a file outside the service root path...
Elasticsearch: privilege escalation via X-Pack Security delete/index
An attacker can bypass restrictions via X-Pack Security delete/index of Elasticsearch, in order to escalate his privileges...
SAP: multiples vulnerabilities of September 2017
An attacker can use several vulnerabilities of SAP products...
XnView Classic: memory corruption via JB2
An attacker can generate a memory corruption via JB2 of XnView Classic, in order to trigger a denial of service, and possibly to run code...
Nagios: privilege escalation via nagios.cfg
An attacker can bypass restrictions via nagios.cfg of Nagios, in order to escalate his privileges...
WordPress Shibboleth: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Shibboleth, in order to run JavaScript code in the context of the web site...
IBM Informix Dynamic Server: privilege escalation
An attacker can bypass restrictions of IBM Informix Dynamic Server, in order to escalate his privileges...
OpenLDAP: denial of service via PID File
An attacker can generate a fatal error via PID File of OpenLDAP, in order to trigger a denial of service...
mpg123: out-of-bounds memory reading via 32 bit ID3 Parser
An attacker can force a read at an invalid address via 32 bit ID3 Parser of mpg123, in order to trigger a denial of service, or to obtain sensitive information...
GNU Emacs: code execution via Content-Type text/enriched
An attacker can use a vulnerability via Content-Type text/enriched of GNU Emacs, in order to run code...
Node.js serverwg: directory traversal
An attacker can traverse directories of Node.js serverwg, in order to read a file outside the service root path...
Node.js dns-sync: code execution
An attacker can use a vulnerability of Node.js dns-sync, in order to run code...
Node.js no-case: denial of service via Regular Expression
An attacker can generate a fatal error via Regular Expression of Node.js no-case, in order to trigger a denial of service...
Node.js charset: denial of service via Regular Expression
An attacker can generate a fatal error via Regular Expression of Node.js charset, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 742 743 744 745 746 747 748 749 751 753 754 755 756 757 758 759 760 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1050