The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Dojo: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Dojo, in order to run JavaScript code in the context of the web site...
Ghostscript: code execution via Shfill Operator
An attacker can use a vulnerability via Shfill Operator of Ghostscript, in order to run code...
Ruby json-jwt: privilege escalation via Forged Authentication Tag
An attacker can bypass restrictions via Forged Authentication Tag of Ruby json-jwt, in order to escalate his privileges...
Apache Traffic Server: information disclosure via ESI Plugin
An attacker can bypass access restrictions to data via ESI Plugin of Apache Traffic Server, in order to obtain sensitive information...
Apache Traffic Server: denial of service via Range Request
An attacker can generate a fatal error via Range Request of Apache Traffic Server, in order to trigger a denial of service...
Apache Traffic Server: information disclosure via HTTP Smuggling
An attacker can bypass access restrictions to data via HTTP Smuggling of Apache Traffic Server, in order to obtain sensitive information...
Apache Traffic Server: denial of service via remap.config ACL
An attacker can generate a fatal error via remap.config ACL of Apache Traffic Server, in order to trigger a denial of service...
Windows Host Compute Service Shim: code execution via Container Image
An attacker can use a vulnerability via Container Image of Windows Host Compute Service Shim, in order to run code...
Trend Micro OfficeScan: out-of-bounds memory reading via Named Pipe Request
An attacker can force a read at an invalid address via Named Pipe Request of Trend Micro OfficeScan, in order to trigger a denial of service, or to obtain sensitive information...
WordPress Gift Voucher: SQL injection
An attacker can use a SQL injection of WordPress Gift Voucher, in order to read or alter data...
SquirrelMail: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of SquirrelMail, in order to run JavaScript code in the context of the web site...
389 Directory Server: denial of service via ldapsearch
An attacker can generate a fatal error via ldapsearch of 389 Directory Server, in order to trigger a denial of service...
389 Directory Server: information disclosure via nsslapd-unhashed-pw-switch
An attacker can bypass access restrictions to data via nsslapd-unhashed-pw-switch of 389 Directory Server, in order to obtain sensitive information...
Spice: buffer overflow via LZ
An attacker can generate a buffer overflow via LZ of Spice, in order to trigger a denial of service, and possibly to run code...
Micro Focus Operations Bridge: code execution
An attacker can use a vulnerability of Micro Focus Operations Bridge, in order to run code...
Micro Focus Service Management Automation: code execution
An attacker can use a vulnerability of Micro Focus Service Management Automation, in order to run code...
HPE Application Performance Management: information disclosure
An attacker can bypass access restrictions to data of HPE Application Performance Management, in order to obtain sensitive information...
Node.js loopback-connector-mongodb: SQL injection
An attacker can use a SQL injection of Node.js loopback-connector-mongodb, in order to read or alter data...
Node.js react-dev-utils: code execution
An attacker can use a vulnerability of Node.js react-dev-utils, in order to run code...
libzypp: vulnerability via RPM
A vulnerability via RPM of libzypp was announced...
Wireshark: three vulnerabilities
An attacker can use several vulnerabilities of Wireshark...
libzypp: denial of service via Infinite Data
An attacker can generate a fatal error via Infinite Data of libzypp, in order to trigger a denial of service...
xkbcommon: multiple vulnerabilities
An attacker can use several vulnerabilities of xkbcommon...
Drupal Bing Autosuggest API: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Bing Autosuggest API, in order to run JavaScript code in the context of the web site...
Drupal Commerce: privilege escalation
An attacker can bypass restrictions of Drupal Commerce, in order to escalate his privileges...
Grafana: privilege escalation via LDAP/OAuth
An attacker can bypass restrictions via LDAP/OAuth of Grafana, in order to escalate his privileges...
Synology DSM: multiple vulnerabilities
An attacker can use several vulnerabilities of Synology DSM...
Joomla Core: three vulnerabilities
An attacker can use several vulnerabilities of Joomla Core...
V8: buffer overflow
An attacker can generate a buffer overflow of V8, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 851 852 853 854 855 856 857 858 859 861 863 864 865 866 867 868 869 870 871 881 901 921 941 961 981 1001 1021 1041 1061 1081 1090