The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Node.js webpack-dev-server: information disclosure
An attacker can bypass access restrictions to data of Node.js webpack-dev-server, in order to obtain sensitive information...
Node.js express-cart: SQL injection
An attacker can use a SQL injection of Node.js express-cart, in order to read or alter data...
Synology DSM VS960HD: code execution
An attacker can use a vulnerability of Synology DSM VS960HD, in order to run code...
Synology DSM Surveillance Station: code execution
An attacker can use a vulnerability of Synology DSM Surveillance Station, in order to run code...
VirtualBox: privilege escalation via DevE1000-e1kXmitPending
An attacker, inside a guest system, can bypass restrictions via DevE1000::e1kXmitPending() of VirtualBox, in order to escalate his privileges on the host system...
SSD drives: information disclosure via Self Encrypting Password Weaknesses
An attacker can decrypt data of some SSD drives (Crucial, Micron and Samsung were tested), by using either a Master Password or a weakness in the password management...
Cisco Content Security Management Appliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Content Security Management Appliance, in order to run JavaScript code in the context of the web site...
Cisco Prime Collaboration Assurance: privilege escalation via Web-based UI File Overwrite
An attacker can bypass restrictions via Web-based UI File Overwrite of Cisco Prime Collaboration Assurance, in order to escalate his privileges...
Cisco Meraki: privilege escalation via Local Status Page
An attacker can bypass restrictions via Local Status Page of Cisco Meraki, in order to escalate his privileges...
Node.js pem: information disclosure via readPkcs12
An attacker can bypass access restrictions to data via readPkcs12 of Node.js pem, in order to obtain sensitive information...
Zope 2: vulnerability
A vulnerability of Zope 2 was announced...
systemd: code execution via unit_deserialize
An attacker can use a vulnerability via unit_deserialize() of systemd, in order to run code...
Elasticsearch: information disclosure via User Data Caching
An attacker can bypass access restrictions to data via User Data Caching of Elasticsearch, in order to obtain sensitive information...
Xen: denial of service via Intel HLE Transaction
An attacker, inside a guest system, can generate a fatal error via Intel HLE Transaction of Xen, in order to trigger a denial of service on the host system...
QEMU: memory corruption via pnv_lpc_do_eccb
An attacker, inside a guest system, can generate a memory corruption via pnv_lpc_do_eccb() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
SpamAssassin: code execution via PDFInfo
An attacker can use a vulnerability via PDFInfo of SpamAssassin, in order to run code...
ppp: privilege escalation via EAP-TLS
An attacker can bypass restrictions via EAP-TLS of ppp, in order to escalate his privileges...
RichFaces Framework: code execution via UserResource Expression Language Injection
An attacker can use a vulnerability via UserResource Expression Language Injection of RichFaces Framework, in order to run code...
nginx: infinite loop via ngx_http_mp4_module
An attacker can generate an infinite loop via ngx_http_mp4_module of nginx, in order to trigger a denial of service...
nginx: denial of service via ngx_http_v2_module
An attacker can generate a fatal error via ngx_http_v2_module of nginx, in order to trigger a denial of service...
IBM DB2: four vulnerabilities
An attacker can use several vulnerabilities of IBM DB2...
IBM DB2: privilege escalation via Untrusted Loaded Libraries
An attacker can bypass restrictions via Untrusted Loaded Libraries of IBM DB2, in order to escalate his privileges...
IBM DB2: privilege escalation via RCAC
An attacker can bypass restrictions via RCAC of IBM DB2, in order to escalate his privileges...
Google Android/Pixel: multiple vulnerabilities of November 2018
An attacker can use several vulnerabilities of Google Android/Pixel...
Node.js merge: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js merge, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 871 872 873 874 875 876 877 878 879 881 883 884 885 886 887 888 889 890 891 901 921 941 961 981 1001 1005