The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
MAD: use after free via mad_decoder_run
An attacker can force the usage of a freed memory area via mad_decoder_run() of MAD, in order to trigger a denial of service, and possibly to run code...
MAD: memory corruption via mad_decoder_run
An attacker can generate a memory corruption via mad_decoder_run() of MAD, in order to trigger a denial of service, and possibly to run code...
Horde Groupware: Cross Site Scripting via Calendar New Event
An attacker can trigger a Cross Site Scripting via Calendar New Event of Horde Groupware, in order to run JavaScript code in the context of the web site...
Horde Groupware: Cross Site Scripting via Create Task List Color
An attacker can trigger a Cross Site Scripting via Create Task List Color of Horde Groupware, in order to run JavaScript code in the context of the web site...
AdPlug: use after free via CEmuopl
An attacker can force the usage of a freed memory area via CEmuopl of AdPlug, in order to trigger a denial of service, and possibly to run code...
Git: code execution via Clone Gitmodules Hyphen Url
An attacker can use a vulnerability via Clone Gitmodules Hyphen Url of Git, in order to run code...
OTRS Help Desk: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of OTRS Help Desk, in order to run JavaScript code in the context of the web site...
ImageMagick: memory corruption via ReadMATImageV4
An attacker can generate a memory corruption via ReadMATImageV4() of ImageMagick, in order to trigger a denial of service, and possibly to run code...
AppArmor: security improvement
The security of AppArmor was improved...
Bitcoin Core: information disclosure via Spent Twice
An attacker can bypass access restrictions to data via Spent Twice of Bitcoin Core, in order to obtain sensitive information...
Ansible Core: multiple vulnerabilities
An attacker can use several vulnerabilities of Ansible Core...
WordPress Tribulant Slideshow Gallery: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Tribulant Slideshow Gallery, in order to run JavaScript code in the context of the web site...
Linux kernel: information disclosure via proc_pid_stack
An attacker can bypass access restrictions to data via proc_pid_stack() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: information disclosure via show_opcodes
A local attacker can read a memory fragment via show_opcodes() of the Linux kernel, in order to obtain sensitive information...
Drupal Printer Email And PDF Versions: code execution via dompdf
An attacker can use a vulnerability via dompdf of Drupal Printer Email And PDF Versions, in order to run code...
ImageMagick: out-of-bounds memory reading via ParseImageResourceBlocks
An attacker can force a read at an invalid address via ParseImageResourceBlocks() of ImageMagick, in order to trigger a denial of service, or to obtain sensitive information...
ClamAV: denial of service via MEW Unpacking
An attacker can generate a fatal error via MEW Unpacking of ClamAV, in order to trigger a denial of service...
DNS: security improvement via Root Zone Key Signing Key Rollover
The security of DNS was improved via Root Zone Key Signing Key Rollover...
Cisco Unified IP Phone 7900: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified IP Phone 7900, in order to run JavaScript code in the context of the web site...
Cisco UCS Director: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco UCS Director, in order to run JavaScript code in the context of the web site...
Cisco SD-WAN Solution: code execution via Certificate Validation Bypass
An attacker can use a vulnerability via Certificate Validation Bypass of Cisco SD-WAN Solution, in order to run code...
Cisco Prime Infrastructure: information disclosure via GET Request
An attacker can bypass access restrictions to data via GET Request of Cisco Prime Infrastructure, in order to obtain sensitive information...
Cisco Prime Infrastructure: file upload via Unrestricted Directory Permissions
An attacker can upload a malicious file via Unrestricted Directory Permissions on Cisco Prime Infrastructure, in order for example to upload a Trojan...
Cisco Prime Infrastructure: information disclosure via Server Backup
An attacker can bypass access restrictions to data via Server Backup of Cisco Prime Infrastructure, in order to obtain sensitive information...
Cisco IOS XR: denial of service via BGP
An attacker can generate a fatal error via BGP of Cisco IOS XR, in order to trigger a denial of service...
Cisco UCS Director: information disclosure via Web Interface
An attacker can bypass access restrictions to data via Web Interface of Cisco UCS Director, in order to obtain sensitive information...
Cisco UCS Director: denial of service via Web Interface
An attacker can generate a fatal error via Web Interface of Cisco UCS Director, in order to trigger a denial of service...
Cisco Unified Communications Manager: open redirect
An attacker can deceive the user of Cisco Unified Communications Manager, in order to redirect him to a malicious site...
Cisco ASA: buffer overflow via TCP Syslog
An attacker can generate a buffer overflow via TCP Syslog of Cisco ASA, in order to trigger a denial of service, and possibly to run code...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 862 863 864 865 866 867 868 869 871 873 874 875 876 877 878 879 880 881 901 921 941 961 981 1001 1021 1041 1061 1069