The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
TYPO3 Caretaker: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Caretaker, in order to run JavaScript code in the context of the web site...
TYPO3 JobControl: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3 JobControl...
TYPO3 DRC News Comment: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3 DRC News Comment...
TYPO3 Frontend User Registration: privilege escalation
An attacker can bypass restrictions of TYPO3 Frontend User Registration, in order to escalate his privileges...
TYPO3 Download Center: SQL injection
An attacker can use a SQL injection of TYPO3 Download Center, in order to read or alter data...
TYPO3 Smallads: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 Smallads, in order to run JavaScript code in the context of the web site...
QEMU: denial of service via VNC Server
An attacker can generate a fatal error via VNC Server of QEMU, in order to trigger a denial of service...
WordPress Yakadanda Google Hangout Events: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Yakadanda Google Hangout Events, in order to run JavaScript code in the context of the web site...
WordPress Share This Image: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Share This Image, in order to run JavaScript code in the context of the web site...
Joomla User Bench: SQL injection
An attacker can use a SQL injection of Joomla User Bench, in order to read or alter data...
Joomla My Projects: SQL injection
An attacker can use a SQL injection of Joomla My Projects, in order to read or alter data...
Joomla JB Visa: SQL injection
An attacker can use a SQL injection of Joomla JB Visa, in order to read or alter data...
Joomla Guru Pro: SQL injection
An attacker can use a SQL injection of Joomla Guru Pro, in order to read or alter data...
OpenLDAP: use after free via nops/memberof MODDN
An attacker can force the usage of a freed memory area via nops/memberof of OpenLDAP, in order to trigger a denial of service, and possibly to run code...
WordPress AccessKeys AccessPress Anonymous Post Pro: file upload
An attacker can upload a malicious file on WordPress AccessKeys AccessPress Anonymous Post Pro, in order for example to upload a Trojan...
OTRS Help Desk: privilege escalation via Session Cookie
An attacker can bypass restrictions via Session Cookie of OTRS Help Desk, in order to escalate his privileges...
Linux kernel: out-of-bounds memory reading via vmcall
An attacker, inside a guest system, can force a read at an invalid address via vmcall of the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information on the host system...
IBM QRadar SIEM: code execution via Command Injection
An attacker can use a vulnerability via Command Injection of IBM QRadar SIEM, in order to run code...
Apache POI: external XML entity injection
An attacker can transmit malicious XML data to Apache POI, in order to read a file, scan sites, or trigger a denial of service...
Citrix XenServer: denial of service
An attacker, inside a guest system, can generate a fatal error of Citrix XenServer, in order to trigger a denial of service on the host system...
Synology Chat: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Synology Chat, in order to run JavaScript code in the context of the web site...
Joomla JBcatalog: file upload
An attacker can upload a malicious file on Joomla JBcatalog, in order for example to upload a Trojan...
WordPress Wunderbar Basic: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Wunderbar Basic, in order to run JavaScript code in the context of the web site...
WordPress SagePay Server Gateway for WooCommerce: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress SagePay Server Gateway for WooCommerce, in order to run JavaScript code in the context of the web site...
WordPress Placemarks: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Placemarks, in order to run JavaScript code in the context of the web site...
WordPress Pinterest Badge: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Pinterest Badge, in order to run JavaScript code in the context of the web site...
Joomla JEXTN Video Gallery: SQL injection
An attacker can use a SQL injection of Joomla JEXTN Video Gallery, in order to read or alter data...
Joomla JEXTN Question And Answer: SQL injection
An attacker can use a SQL injection of Joomla JEXTN Question And Answer, in order to read or alter data...
Trend Micro ScanMail: four vulnerabilities
An attacker can use several vulnerabilities of Trend Micro ScanMail...
GraphicsMagick: buffer overflow via PNM
An attacker can generate a buffer overflow via PNM of GraphicsMagick, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 774 775 776 777 778 779 780 781 782 784 786 787 788 789 790 791 792 793 794 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1102