The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Linux kernel: information disclosure via sbusfb_ioctl_helper
A local attacker can read a memory fragment via sbusfb_ioctl_helper() of the Linux kernel, in order to obtain sensitive information...
VideoLAN VLC: memory corruption via vlc_demux_chained_Delete
An attacker can generate a memory corruption via vlc_demux_chained_Delete() of VideoLAN VLC, in order to trigger a denial of service, and possibly to run code...
WordPress wpForo: SQL injection
An attacker can use a SQL injection of WordPress wpForo, in order to read or alter data...
Linux kernel: buffer overflow via sr_do_ioctl
An attacker can generate a buffer overflow via sr_do_ioctl() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
WordPress MemberMouse: SQL injection via coupon_code
An attacker can use a SQL injection via coupon_code of WordPress MemberMouse, in order to read or alter data...
Cairo: denial of service via get_bitmap_surface
An attacker can generate a fatal error via get_bitmap_surface() of Cairo, in order to trigger a denial of service...
ProxySG: privilege escalation via SAML Authentication
An attacker can bypass restrictions via SAML Authentication of ProxySG, in order to escalate his privileges...
IBM Java: privilege escalation via J9 JVM
An attacker can bypass restrictions via J9 JVM of IBM Java, in order to escalate his privileges...
Symfony: open redirect via Security Handlers
An attacker can deceive the user via Security Handlers of Symfony, in order to redirect him to a malicious site...
Symfony: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Symfony, in order to force the victim to perform operations...
Symfony: denial of service via PDOSessionHandler
An attacker can generate a fatal error via PDOSessionHandler of Symfony, in order to trigger a denial of service...
Symfony: privilege escalation via LDAP Empty Password
An attacker can bypass restrictions via LDAP Empty Password of Symfony, in order to escalate his privileges...
WordPress Site Reviews: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Site Reviews, in order to run JavaScript code in the context of the web site...
WordPress Email Subscribers and Newsletters: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Email Subscribers and Newsletters, in order to run JavaScript code in the context of the web site...
HAProxy: information disclosure via Authorization Header
An attacker can bypass access restrictions to data via Authorization Header of HAProxy, in order to obtain sensitive information...
libmodplug: buffer overflow via abc_MIDI_drum/gchord
An attacker can generate a buffer overflow via abc_MIDI_drum/gchord() of libmodplug, in order to trigger a denial of service, and possibly to run code...
libmodplug: integer overflow via abc_set_parts
An attacker can generate an integer overflow via abc_set_parts() of libmodplug, in order to trigger a denial of service, and possibly to run code...
OpenCV: out-of-bounds memory reading via cv-HdrDecoder-checkSignature
An attacker can force a read at an invalid address via cv::HdrDecoder::checkSignature() of OpenCV, in order to trigger a denial of service, or to obtain sensitive information...
strongSwan: memory corruption via stroke_socket.c
An attacker can generate a memory corruption via stroke_socket.c of strongSwan, in order to trigger a denial of service, and possibly to run code...
glibc: buffer overflow via __mempcpy_avx512_no_vzeroupper
An attacker can generate a buffer overflow via __mempcpy_avx512_no_vzeroupper() of glibc, in order to trigger a denial of service, and possibly to run code...
Node.js deep-extend: vulnerability via Prototype Pollution
A vulnerability via Prototype Pollution of Node.js deep-extend was announced...
Jasper: assertion error via jpc_firstone
An attacker can force an assertion error via jpc_firstone() of Jasper, in order to trigger a denial of service...
Ming: NULL pointer dereference via getInt
An attacker can force a NULL pointer to be dereferenced via getInt() of Ming, in order to trigger a denial of service...
Ming: buffer overflow via util/decompiler.c
An attacker can generate a buffer overflow via util/decompiler.c of Ming, in order to trigger a denial of service, and possibly to run code...
Ming: integer overflow via parseSWF_ACTIONRECORD
An attacker can generate an integer overflow via parseSWF_ACTIONRECORD() of Ming, in order to trigger a denial of service, and possibly to run code...
Ming: buffer overflow via getString
An attacker can generate a buffer overflow via getString() of Ming, in order to trigger a denial of service, and possibly to run code...
Ming: NULL pointer dereference via newVar3
An attacker can force a NULL pointer to be dereferenced via newVar3() of Ming, in order to trigger a denial of service...
Apache Batik: information disclosure via AbstractDocument
An attacker can bypass access restrictions to data via AbstractDocument of Apache Batik, in order to obtain sensitive information...
Symfony: privilege escalation via Guard Session Fixation
An attacker can bypass restrictions via Guard Session Fixation of Symfony, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 822 823 824 825 826 827 828 829 830 832 834 835 836 837 838 839 840 841 842 861 881 901 921 941 961 981 1001 1021 1041 1049