The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Cisco Data Center Network Manager: directory traversal
An attacker can traverse directories of Cisco Data Center Network Manager, in order to read a file outside the service root path...
FreeIPA: privilege escalation via Authn/TOTP
An attacker can bypass restrictions via Authn/TOTP of FreeIPA, in order to escalate his privileges...
FortiManager: information disclosure via Vdoms Settings
An attacker can bypass access restrictions to data via Vdoms Settings of FortiManager, in order to obtain sensitive information...
QEMU: privilege escalation via Seccomp Thread Blacklist
An attacker can bypass restrictions via Seccomp Thread Blacklist of QEMU, in order to escalate his privileges...
Windows: privilege escalation via Task Scheduler ALPC Interface
An attacker can bypass restrictions via Task Scheduler ALPC Interface of Windows, in order to escalate his privileges...
gd: use after free via gdImageBmpPtr
An attacker can force the usage of a freed memory area via gdImageBmpPtr() of gd, in order to trigger a denial of service, and possibly to run code...
IBM Java: code execution via Attach API
An attacker can use a vulnerability via Attach API of IBM Java, in order to run code...
IBM Java: directory traversal via DTFJ
An attacker can traverse directories via DTFJ of IBM Java, in order to read a file outside the service root path...
IBM Java: denial of service via java.math
An attacker can generate a fatal error via java.math of IBM Java, in order to trigger a denial of service...
Linux kernel: use after free via crypto/algif_aead.c
An attacker can force the usage of a freed memory area via crypto/algif_aead.c of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
OpenSSH: information disclosure via GSS User Enumeration
An attacker can bypass access restrictions to data via GSS User Enumeration of OpenSSH, in order to obtain sensitive information...
Bootstrap: Cross Site Scripting via Collapse
An attacker can trigger a Cross Site Scripting via Collapse of Bootstrap, in order to run JavaScript code in the context of the web site...
Dropbear: information disclosure via User Enumeration
An attacker can bypass access restrictions to data via User Enumeration of Dropbear, in order to obtain sensitive information...
Synology DSM Drive: information disclosure
An attacker can bypass access restrictions to data of Synology DSM Drive, in order to obtain sensitive information...
WordPress Arigato Autoresponder and Newsletter: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress Arigato Autoresponder and Newsletter...
Linux kernel: infinite loop via cipso_v4_optptr
An attacker can generate an infinite loop via cipso_v4_optptr() of the Linux kernel, in order to trigger a denial of service...
TeamPass: vulnerability via User Password Recovery
A vulnerability via User Password Recovery of TeamPass was announced...
Mitel MiVoice: memory corruption via SIP/SDP
An attacker can generate a memory corruption via SIP/SDP of Mitel MiVoice, in order to trigger a denial of service, and possibly to run code...
WordPress Plainview Activity Monitor: code execution
An attacker can use a vulnerability of WordPress Plainview Activity Monitor, in order to run code...
WordPress Ajax BootModal Login: privilege escalation via CAPTCHA Reuse
An attacker can bypass restrictions via CAPTCHA Reuse of WordPress Ajax BootModal Login, in order to escalate his privileges...
FortiOS: information disclosure via Replacement Messages
An attacker can bypass access restrictions to data via Replacement Messages of FortiOS, in order to obtain sensitive information...
Openswan: information disclosure via RSA Padding Attack
An attacker can bypass access restrictions to data via RSA Padding Attack of Openswan, in order to obtain sensitive information...
GNU Libextractor: infinite loop via mpeg_extractor.c
An attacker can generate an infinite loop via mpeg_extractor.c of GNU Libextractor, in order to trigger a denial of service...
GNU Libextractor: buffer overflow via unzip.c
An attacker can generate a buffer overflow via unzip.c of GNU Libextractor, in order to trigger a denial of service, and possibly to run code...
NextCloud: Cross Site Scripting via Autocomplete Field
An attacker can trigger a Cross Site Scripting via Autocomplete Field of NextCloud, in order to run JavaScript code in the context of the web site...
libexif: out-of-bounds memory reading via exif_data_save_data_entry
An attacker can force a read at an invalid address via exif_data_save_data_entry() of libexif, in order to trigger a denial of service, or to obtain sensitive information...
Puppet Enterprise: privilege escalation via RBAC Plaintext Password
An attacker can bypass restrictions via RBAC Plaintext Password of Puppet Enterprise, in order to escalate his privileges...
Spice: denial of service via Peer Messages
An attacker can generate a fatal error via Peer Messages of Spice, in order to trigger a denial of service...
Linux kernel: privilege escalation via Generic SCSI Driver
An attacker can bypass restrictions via Generic SCSI Driver of the Linux kernel, in order to escalate his privileges...
Linux kernel: use after free via AMBA
An attacker can force the usage of a freed memory area via AMBA of the Linux kernel, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 850 851 852 853 854 855 856 857 858 860 862 863 864 865 866 867 868 869 870 881 901 921 941 961 981 1001 1020