The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
OpenCC: out-of-bounds memory reading via BinaryDict-NewFromFile
An attacker can force a read at an invalid address via BinaryDict::NewFromFile of OpenCC, in order to trigger a denial of service, or to obtain sensitive information...
ZZIPlib: directory traversal
An attacker can traverse directories of ZZIPlib, in order to create a file outside the service root path...
LibTIFF: buffer overflow via JBIGDecode
An attacker can generate a buffer overflow via JBIGDecode() of LibTIFF, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via AF_PACKET
An attacker can force the usage of a freed memory area via AF_PACKET of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: buffer overflow via nfc_llcp_build_sdreq_tlv
An attacker can generate a buffer overflow via nfc_llcp_build_sdreq_tlv() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: memory corruption via SCSI Driver
An attacker can generate a memory corruption via SCSI Driver of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Mosquitto: denial of service via Dollar Topic
An attacker can generate a fatal error via Dollar Topic of Mosquitto, in order to trigger a denial of service...
Firefox: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox...
Ghostscript: code execution via 1Policy Operator
An attacker can use a vulnerability via 1Policy Operator of Ghostscript, in order to run code...
Ghostscript: code execution via Saved Execution Stack
An attacker can use a vulnerability via Saved Execution Stack of Ghostscript, in order to run code...
Ghostscript: code execution via Errorhandler Setup
An attacker can use a vulnerability via Errorhandler Setup of Ghostscript, in order to run code...
Icinga: privilege escalation via WebUI Pre-configured Account
An attacker can bypass restrictions via WebUI Pre-configured Account of Icinga, in order to escalate his privileges...
Microfocus Real User Monitoring: code execution via BPRDownload Java Deserialization
An attacker can use a vulnerability via BPRDownload Java Deserialization of Microfocus Real User Monitoring, in order to run code...
Apache Commons Compress: infinite loop via ZipArchiveInputStream
An attacker can generate an infinite loop via ZipArchiveInputStream of Apache Commons Compress, in order to trigger a denial of service...
Exiv2: buffer overflow via Exiv2-Internal-PngChunk-parseTXTChunk
An attacker can generate a buffer overflow via Exiv2::Internal::PngChunk::parseTXTChunk() of Exiv2, in order to trigger a denial of service, and possibly to run code...
WordPress Arigato Autoresponder and Newsletter: code execution
An attacker can use a vulnerability of WordPress Arigato Autoresponder and Newsletter, in order to run code...
WordPress WP Live Chat Support: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress WP Live Chat Support, in order to run JavaScript code in the context of the web site...
F5 BIG-IP AFM: Cross Site Scripting via TMUI Page
An attacker can trigger a Cross Site Scripting via TMUI Page of F5 BIG-IP AFM, in order to run JavaScript code in the context of the web site...
F5 BIG-IP AFM: Cross Site Scripting via TMUI Page
An attacker can trigger a Cross Site Scripting via TMUI Page of F5 BIG-IP AFM, in order to run JavaScript code in the context of the web site...
Node.js merge: data change via Prototype Pollution
An attacker can use a prototype pollution of Node.js merge, in order to read or alter data...
Splunk Enterprise: denial of service via HTTP Request
An attacker can generate a fatal error via HTTP Request of Splunk Enterprise, in order to trigger a denial of service...
Splunk Enterprise: directory traversal via Django App
An attacker can traverse directories via Django App of Splunk Enterprise, in order to read a file outside the service root path...
Splunk Enterprise: denial of service via HTTP Request
An attacker can generate a fatal error via HTTP Request of Splunk Enterprise, in order to trigger a denial of service...
Splunk Enterprise: Cross Site Scripting via Splunk Web
An attacker can trigger a Cross Site Scripting via Splunk Web of Splunk Enterprise, in order to run JavaScript code in the context of the web site...
F5 BIG-IP: Cross Site Scripting via Configuration Utility Page
An attacker can trigger a Cross Site Scripting via Configuration Utility Page of F5 BIG-IP, in order to run JavaScript code in the context of the web site...
F5 BIG-IP APM: information disclosure via Multiplex Proxy
An attacker can bypass access restrictions to data via Multiplex Proxy of F5 BIG-IP APM, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 867 868 869 870 871 872 873 874 875 877 879 880 881 882 883 884 885 886 887 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103