History of vulnerabilities analyzed by Vigil@nce: Synology DSM: privilege escalation An attacker can bypass restrictions of Synology DSM, in order to escalate his privileges... FortiOS: privilege escalation via SSL-VPN SSO Bookmarked Pages An attacker can bypass restrictions via SSL-VPN SSO Bookmarked Pages of FortiOS, in order to escalate his privileges... FortiAnalyzer, FortiManager: open redirect via PDF File An attacker can deceive the user via PDF File of FortiAnalyzer/FortiManager, in order to redirect him to a malicious site... FortiAnalyzer, FortiManager: Cross Site Scripting via Avatar Picture An attacker can trigger a Cross Site Scripting via Avatar Picture of FortiAnalyzer/FortiManager, in order to run JavaScript code in the context of the web site... FortiManager: Cross Site Scripting An attacker can trigger a Cross Site Scripting of FortiManager, in order to run JavaScript code in the context of the web site... PoDoFo: memory corruption via PdfMemoryOutputStream-Write An attacker can generate a memory corruption via PdfMemoryOutputStream::Write() of PoDoFo, in order to trigger a denial of service, and possibly to run code... PoDoFo: integer overflow via PdfXRefStreamParserObject-ParseStream An attacker can generate an integer overflow via PdfXRefStreamParserObject::ParseStream() of PoDoFo, in order to trigger a denial of service, and possibly to run code... PoDoFo: out-of-bounds memory reading via PoDoFo-PdfXRefStreamParserObject-ReadXRefStreamEntry An attacker can force a read at an invalid address via PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry() of PoDoFo, in order to trigger a denial of service, or to obtain sensitive information... PoDoFo: denial of service via PdfParser-ReadObjects An attacker can generate a fatal error via PdfParser::ReadObjects() of PoDoFo, in order to trigger a denial of service... PoDoFo: denial of service via PdfPagesTree-GetPageNodeFromArray An attacker can generate a fatal error via PdfPagesTree::GetPageNodeFromArray() of PoDoFo, in order to trigger a denial of service... PoDoFo: NULL pointer dereference via TextExtractor-ExtractText An attacker can force a NULL pointer to be dereferenced via TextExtractor::ExtractText() of PoDoFo, in order to trigger a denial of service... PoDoFo: NULL pointer dereference via PoDoFo-PdfColor-operator An attacker can force a NULL pointer to be dereferenced via PoDoFo::PdfColor::operator() of PoDoFo, in order to trigger a denial of service... PoDoFo: buffer overflow via PdfTokenizer-GetNextToken An attacker can generate a buffer overflow via PdfTokenizer::GetNextToken() of PoDoFo, in order to trigger a denial of service, and possibly to run code... PoDoFo: NULL pointer dereference via ReadXRefSubsection An attacker can force a NULL pointer to be dereferenced via ReadXRefSubsection() of PoDoFo, in order to trigger a denial of service... Linux kernel: memory corruption via race_events_filter.c An attacker can generate a memory corruption via race_events_filter.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code... GIMP: file corruption via g_get_tmp_dir A local attacker can create a symbolic link used by g_get_tmp_dir(), in order to alter the pointed file, with privileges of GIMP... WordPress iThemes Security: SQL injection An attacker can use a SQL injection of WordPress iThemes Security, in order to read or alter data... Eclipse Jetty: privilege escalation via FileSessionDataStore An attacker can bypass restrictions via FileSessionDataStore of Eclipse Jetty, in order to escalate his privileges... PHP: file reading via openssl_pkey_get_public A local attacker can read a file via openssl_pkey_get_public() of PHP, in order to obtain sensitive information... LAVA: code execution via XMLRPC An attacker can use a vulnerability via XMLRPC of LAVA, in order to run code... Sinatra: Cross Site Scripting via Bad Request An attacker can trigger a Cross Site Scripting via Bad Request of Sinatra, in order to run JavaScript code in the context of the web site... Pass: privilege escalation via GPG Output An attacker can bypass restrictions via GPG Output of Pass, in order to escalate his privileges... IBM MQ: information disclosure via MQ.NET Managed Client An attacker can bypass access restrictions to data via MQ.NET Managed Client of IBM MQ, in order to obtain sensitive information... IBM MQ: denial of service via RCVR / CLUSRCVR An attacker can generate a fatal error via RCVR / CLUSRCVR of IBM MQ, in order to trigger a denial of service... IBM MQ: denial of service via amqrmppa An attacker can generate a fatal error via amqrmppa of IBM MQ, in order to trigger a denial of service... Horde Image: code execution via Im Backend An attacker can use a vulnerability via Im Backend of Horde Image, in order to run code... ArcGIS Server: information disclosure An attacker can bypass access restrictions to data of ArcGIS Server, in order to obtain sensitive information... Linux kernel: information disclosure via vbg_misc_device_ioctl A local attacker can read a memory fragment via vbg_misc_device_ioctl() of the Linux kernel, in order to obtain sensitive information... QEMU: integer overflow via QEMU Guest Agent qmp_guest_file_read An attacker can generate an integer overflow via QEMU Guest Agent qmp_guest_file_read() of QEMU, in order to trigger a denial of service, and possibly to run code... phpMyAdmin: code execution via File Inclusion An attacker can use a vulnerability via File Inclusion of phpMyAdmin, in order to run code... Previous page Next pageDirect access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1092