The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
MuleSoft Mule Runtime: external XML entity injection
An attacker can transmit malicious XML data to MuleSoft Mule Runtime, in order to read a file, scan sites, or trigger a denial of service...
MuleSoft Mule Runtime: multiple vulnerabilities via HTTP Client, Jackson, analytics
An attacker can use several vulnerabilities via HTTP Client, Jackson, analytics of MuleSoft Mule Runtime...
Linux kernel: vulnerability via skcipher
A vulnerability via skcipher of the Linux kernel was announced...
GraphicsMagick: buffer overflow via AcquireCacheNexus
An attacker can generate a buffer overflow via AcquireCacheNexus() of GraphicsMagick, in order to trigger a denial of service, and possibly to run code...
Microsoft Windows: vulnerabilities of February 2018
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Office: vulnerabilities of February 2018
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Edge, IE: vulnerabilities of February 2018
An attacker can use several vulnerabilities of Microsoft Edge, IE...
Adobe Acrobat/Reader: multiple vulnerabilities
An attacker can use several vulnerabilities of Adobe Acrobat/Reader...
AdvanceCOMP: buffer overflow via advzip
An attacker can generate a buffer overflow via advzip of AdvanceCOMP, in order to trigger a denial of service, and possibly to run code...
WordPress Bookly Lite: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Bookly Lite, in order to run JavaScript code in the context of the web site...
SAP: multiples vulnerabilities of February 2018
An attacker can use several vulnerabilities of SAP products...
Linux kernel: integer overflow via futex_requeue
A local attacker can generate an integer overflow via futex_requeue() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
WavPack: denial of service via a RF64 file
An attacker can generate a fatal error in WavPack via an RF64 file, in order to trigger a denial of service...
Leptonica: shell command injection
An attacker can use a vulnerability of Leptonica, in order to run code...
NetBSD: denial of service via a IPsec AH packet for IPv6
An attacker can send an IPsec AH packet for IPv6 with an option of declared size 0 to a NetBSD host, in order to trigger an endless loop in the kernel and so an host freeze...
NetBSD: memory corruption via a fragmented IPv6 packet
An attacker sending a fragmented IPv6 packet with specially packed options, can generate a memory corruption in the NetBSD kernel, in order to trigger a denial of service...
Microsoft Skype: executing DLL code via Updater.exe
An attacker can create a malicious Updater.exe DLL, and then put it in the current directory of Microsoft Skype, in order to execute code...
librsvg: information disclosure
An attacker can bypass access restrictions to data of librsvg, in order to obtain sensitive information...
Linux kernel: denial of service via the bnx2x driver
An attacker can block the netword card drived by the bnx2x module of the Linux kernel, in order to trigger a denial of service...
Linux kernel: memory corruption via amd_gpio_remove
An attacker can generate a memory corruption via amd_gpio_remove() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Trend Micro InterScan Messaging Security: privilege escalation via the Management Portal
An attacker can bypass restrictions to the Management Portal of Trend Micro InterScan Messaging Security with data retrieved from a log file, in order to escalate his privileges...
jhead: out-of-bounds memory reading
An attacker can force a read at an invalid address of jhead, in order to trigger a denial of service, or to obtain sensitive information...
LibreOffice: directory traversal
An attacker can traverse directories of LibreOffice, in order to read a file outside the service root path...
Ruby OmniAuth: information disclosure
An attacker can bypass access restrictions to data of Ruby OmniAuth, in order to obtain sensitive information...
audacity: memory corruption via FORMATCHUNK
An attacker can generate a memory corruption via FORMATCHUNK of audacity, in order to trigger a denial of service, and possibly to run code...
uWSGI: buffer overflow via uwsgi_expand_path
An attacker can generate a buffer overflow via uwsgi_expand_path() of uWSGI, in order to trigger a denial of service, and possibly to run code...
Exim: buffer overflow
An attacker can generate a buffer overflow of Exim, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 790 791 792 793 794 795 796 797 798 800 802 803 804 805 806 807 808 809 810 821 841 861 881 901 921 941 961 981 1001 1021 1036