The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Synology DSM: privilege escalation
An attacker can bypass restrictions of Synology DSM, in order to escalate his privileges...
FortiOS: privilege escalation via SSL-VPN SSO Bookmarked Pages
An attacker can bypass restrictions via SSL-VPN SSO Bookmarked Pages of FortiOS, in order to escalate his privileges...
FortiAnalyzer, FortiManager: open redirect via PDF File
An attacker can deceive the user via PDF File of FortiAnalyzer/FortiManager, in order to redirect him to a malicious site...
FortiAnalyzer, FortiManager: Cross Site Scripting via Avatar Picture
An attacker can trigger a Cross Site Scripting via Avatar Picture of FortiAnalyzer/FortiManager, in order to run JavaScript code in the context of the web site...
FortiManager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of FortiManager, in order to run JavaScript code in the context of the web site...
PoDoFo: memory corruption via PdfMemoryOutputStream-Write
An attacker can generate a memory corruption via PdfMemoryOutputStream::Write() of PoDoFo, in order to trigger a denial of service, and possibly to run code...
PoDoFo: integer overflow via PdfXRefStreamParserObject-ParseStream
An attacker can generate an integer overflow via PdfXRefStreamParserObject::ParseStream() of PoDoFo, in order to trigger a denial of service, and possibly to run code...
PoDoFo: out-of-bounds memory reading via PoDoFo-PdfXRefStreamParserObject-ReadXRefStreamEntry
An attacker can force a read at an invalid address via PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry() of PoDoFo, in order to trigger a denial of service, or to obtain sensitive information...
PoDoFo: denial of service via PdfParser-ReadObjects
An attacker can generate a fatal error via PdfParser::ReadObjects() of PoDoFo, in order to trigger a denial of service...
PoDoFo: denial of service via PdfPagesTree-GetPageNodeFromArray
An attacker can generate a fatal error via PdfPagesTree::GetPageNodeFromArray() of PoDoFo, in order to trigger a denial of service...
PoDoFo: NULL pointer dereference via TextExtractor-ExtractText
An attacker can force a NULL pointer to be dereferenced via TextExtractor::ExtractText() of PoDoFo, in order to trigger a denial of service...
PoDoFo: NULL pointer dereference via PoDoFo-PdfColor-operator
An attacker can force a NULL pointer to be dereferenced via PoDoFo::PdfColor::operator() of PoDoFo, in order to trigger a denial of service...
PoDoFo: buffer overflow via PdfTokenizer-GetNextToken
An attacker can generate a buffer overflow via PdfTokenizer::GetNextToken() of PoDoFo, in order to trigger a denial of service, and possibly to run code...
PoDoFo: NULL pointer dereference via ReadXRefSubsection
An attacker can force a NULL pointer to be dereferenced via ReadXRefSubsection() of PoDoFo, in order to trigger a denial of service...
Linux kernel: memory corruption via race_events_filter.c
An attacker can generate a memory corruption via race_events_filter.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
GIMP: file corruption via g_get_tmp_dir
A local attacker can create a symbolic link used by g_get_tmp_dir(), in order to alter the pointed file, with privileges of GIMP...
WordPress iThemes Security: SQL injection
An attacker can use a SQL injection of WordPress iThemes Security, in order to read or alter data...
Eclipse Jetty: privilege escalation via FileSessionDataStore
An attacker can bypass restrictions via FileSessionDataStore of Eclipse Jetty, in order to escalate his privileges...
PHP: file reading via openssl_pkey_get_public
A local attacker can read a file via openssl_pkey_get_public() of PHP, in order to obtain sensitive information...
LAVA: code execution via XMLRPC
An attacker can use a vulnerability via XMLRPC of LAVA, in order to run code...
Sinatra: Cross Site Scripting via Bad Request
An attacker can trigger a Cross Site Scripting via Bad Request of Sinatra, in order to run JavaScript code in the context of the web site...
Pass: privilege escalation via GPG Output
An attacker can bypass restrictions via GPG Output of Pass, in order to escalate his privileges...
IBM MQ: information disclosure via MQ.NET Managed Client
An attacker can bypass access restrictions to data via MQ.NET Managed Client of IBM MQ, in order to obtain sensitive information...
IBM MQ: denial of service via RCVR / CLUSRCVR
An attacker can generate a fatal error via RCVR / CLUSRCVR of IBM MQ, in order to trigger a denial of service...
IBM MQ: denial of service via amqrmppa
An attacker can generate a fatal error via amqrmppa of IBM MQ, in order to trigger a denial of service...
Horde Image: code execution via Im Backend
An attacker can use a vulnerability via Im Backend of Horde Image, in order to run code...
ArcGIS Server: information disclosure
An attacker can bypass access restrictions to data of ArcGIS Server, in order to obtain sensitive information...
Linux kernel: information disclosure via vbg_misc_device_ioctl
A local attacker can read a memory fragment via vbg_misc_device_ioctl() of the Linux kernel, in order to obtain sensitive information...
QEMU: integer overflow via QEMU Guest Agent qmp_guest_file_read
An attacker can generate an integer overflow via QEMU Guest Agent qmp_guest_file_read() of QEMU, in order to trigger a denial of service, and possibly to run code...
phpMyAdmin: code execution via File Inclusion
An attacker can use a vulnerability via File Inclusion of phpMyAdmin, in order to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 831 832 833 834 835 836 837 838 839 841 843 844 845 846 847 848 849 850 851 861 881 901 921 941 961 981 1001 1021 1023