The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Jenkins Plugin: privilege escalation via Sandbox Bypass
An attacker can bypass restrictions via Sandbox Bypass of Jenkins Plugin, in order to escalate his privileges...
Linux kernel: information disclosure via mremap
An attacker can bypass access restrictions to data via mremap() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: information disclosure via cdrom_ioctl_select_disc
A local attacker can read a memory fragment via cdrom_ioctl_select_disc() of the Linux kernel, in order to obtain sensitive information...
Linux kernel: denial of service via XFS Attributes
An attacker can generate a fatal error via XFS Attributes of the Linux kernel, in order to trigger a denial of service...
LibTIFF: NULL pointer dereference via LZWDecode
An attacker can force a NULL pointer to be dereferenced via LZWDecode of LibTIFF, in order to trigger a denial of service...
Squid cache: denial of service via SNMP
An attacker can send malicious SNMP packets to Squid cache, in order to trigger a denial of service...
Squid cache: Cross Site Scripting via TLS Errors
An attacker can trigger a Cross Site Scripting via TLS Errors of Squid cache, in order to run JavaScript code in the context of the web site...
Intel LLDP Agent: code execution via lldptool mngAddr TLV
An attacker can use a vulnerability via lldptool mngAddr TLV of Intel LLDP Agent, in order to run code...
OpenSSL: information disclosure via ECDSA Signature Generation
An attacker can bypass access restrictions to data via ECDSA Signature Generation of OpenSSL, in order to obtain sensitive information...
Teeworlds: privilege escalation
An attacker can bypass restrictions of Teeworlds, in order to escalate his privileges...
Ruby: code execution via Unpropagaded Tainted Flags
An attacker can use a vulnerability via Unpropagaded Tainted Flags of Ruby, in order to run code...
Ruby: information disclosure via OpenSSL-X509-Name Equality
An attacker can bypass access restrictions to data via OpenSSL::X509::Name Equality of Ruby, in order to obtain sensitive information...
libmspack: vulnerability via Blank Filenames
A vulnerability via Blank Filenames of libmspack was announced...
libmspack: buffer overflow via CAB Quantum Block
An attacker can generate a buffer overflow via CAB Quantum Block of libmspack, in order to trigger a denial of service, and possibly to run code...
Jhead: integer overflow via ProcessGpsInfo EXIF
An attacker can generate an integer overflow via ProcessGpsInfo EXIF of Jhead, in order to trigger a denial of service, and possibly to run code...
Kubernetes: multiple vulnerabilities
An attacker can use several vulnerabilities of Kubernetes...
ALE OmniAccess WLAN BLE Radio Firmware: privilege escalation
An attacker can bypass restrictions of ALE OmniAccess WLAN BLE Radio Firmware, in order to escalate his privileges...
Veritas NetBackup Appliance: use after free via Exec Agents
An attacker can force the usage of a freed memory area via Exec Agents of Veritas NetBackup Appliance, in order to trigger a denial of service, and possibly to run code...
Ubuntu 18.10: privilege escalation via Kernel Module Signatures
An attacker can bypass restrictions via Kernel Module Signatures of Ubuntu 18.10, in order to escalate his privileges...
WebSphere AS: Cross Site Scripting via CacheMonitor
An attacker can trigger a Cross Site Scripting via CacheMonitor of WebSphere AS, in order to run JavaScript code in the context of the web site...
libgit2: denial of service via Status Codes
An attacker can generate a fatal error via Status Codes of libgit2, in order to trigger a denial of service...
Mercurial: out-of-bounds memory reading via Manifest Entry
An attacker can force a read at an invalid address via Manifest Entry of Mercurial, in order to trigger a denial of service, or to obtain sensitive information...
389 Directory Server: denial of service via do_search
An attacker can generate a fatal error via do_search() of 389 Directory Server, in order to trigger a denial of service...
X.Org Server: privilege escalation via modulepath/logfile
An attacker can bypass restrictions via modulepath/logfile of X.Org Server, in order to escalate his privileges...
Centreon Web: multiple vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
Xen: NULL pointer dereference via Disabled Nested VT-x
An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Disabled Nested VT-x of Xen, in order to trigger a denial of service on the host system...
WebKit: information disclosure via SocketStreamHandleImplSoup.cpp
An attacker can bypass access restrictions to data via SocketStreamHandleImplSoup.cpp of WebKit, in order to obtain sensitive information...
WebKit: Man-in-the-Middle via SocketStreamHandleImplSoup.cpp
An attacker can act as a Man-in-the-Middle via SocketStreamHandleImplSoup.cpp on WebKit, in order to read or write data in the session...
WebKitGTK+: memory corruption
An attacker can generate a memory corruption of WebKitGTK+, in order to trigger a denial of service, and possibly to run code...
Grafana: Cross Site Scripting via Query Editor
An attacker can trigger a Cross Site Scripting via Query Editor of Grafana, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 868 869 870 871 872 873 874 875 876 878 880 881 882 883 884 885 886 887 888 901 921 941 961 981 1001 1020