The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
WebSphere AS: Cross Site Scripting via Installation Verification Tool
An attacker can trigger a Cross Site Scripting via Installation Verification Tool of WebSphere AS, in order to run JavaScript code in the context of the web site...
Node.js morgan: code execution via Filter
An attacker can use a vulnerability via Filter of Node.js morgan, in order to run code...
Chrome: out-of-bounds memory reading via V8
An attacker can force a read at an invalid address via V8 of Chrome, in order to trigger a denial of service, or to obtain sensitive information...
WordPress PeepSo: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress PeepSo, in order to run JavaScript code in the context of the web site...
WordPress WP User Manager: SQL injection
An attacker can use a SQL injection of WordPress WP User Manager, in order to read or alter data...
IBM MQ: privilege escalation via Libraries
An attacker can bypass restrictions via Libraries of IBM MQ, in order to escalate his privileges...
GNU gettext: use after free via default_add_message
An attacker can force the usage of a freed memory area via default_add_message() of GNU gettext, in order to trigger a denial of service, and possibly to run code...
Connector/J: code execution
An attacker can use a vulnerability of Connector/J, in order to run code...
Zchunk: memory corruption via Checksum
An attacker can generate a memory corruption via Checksum of Zchunk, in order to trigger a denial of service, and possibly to run code...
VMware ESXi/Workstation: information disclosure via vmxnet3
A local attacker, inside a guest system, can read a memory fragment via vmxnet3 of VMware ESXi/Workstation, in order to obtain sensitive information on the host system...
Node.js ircdkit: denial of service
An attacker can generate a fatal error of Node.js ircdkit, in order to trigger a denial of service...
OTRS Help Desk: Cross Site Scripting via Admin User
An attacker can trigger a Cross Site Scripting via Admin User of OTRS Help Desk, in order to run JavaScript code in the context of the web site...
OTRS Help Desk: Cross Site Scripting via Admin User
An attacker can trigger a Cross Site Scripting via Admin User of OTRS Help Desk, in order to run JavaScript code in the context of the web site...
OTRS Help Desk: denial of service via Files Deletion
An attacker can generate a fatal error via Files Deletion of OTRS Help Desk, in order to trigger a denial of service...
IBM Spectrum Protect: denial of service via TCP CLOSE_WAIT
An attacker can generate a fatal error via TCP CLOSE_WAIT of IBM Spectrum Protect, in order to trigger a denial of service...
WebSphere AS: Cross Site Scripting via SIBMsgMigration Utility
An attacker can trigger a Cross Site Scripting via SIBMsgMigration Utility of WebSphere AS, in order to run JavaScript code in the context of the web site...
ICU: integer overflow via number-impl-DecimalQuantity-toScientificString
An attacker can generate an integer overflow via number::impl::DecimalQuantity::toScientificString() of ICU, in order to trigger a denial of service, and possibly to run code...
PHP PEAR: Cross Site Scripting via Proxy Mode
An attacker can trigger a Cross Site Scripting via Proxy Mode of PHP PEAR, in order to run JavaScript code in the context of the web site...
pyopenssl: memory leak via PKCS 12 Store
An attacker can create a memory leak via PKCS 12 Store of pyopenssl, in order to trigger a denial of service...
pyopenssl: use after free via X509
An attacker can force the usage of a freed memory area via X509 of pyopenssl, in order to trigger a denial of service, and possibly to run code...
PostgreSQL: SQL injection via pg_upgrade/pg_dump
An attacker can use a SQL injection via pg_upgrade/pg_dump of PostgreSQL, in order to read or alter data...
Node.js samsung-remote: code execution
An attacker can use a vulnerability of Node.js samsung-remote, in order to run code...
Node.js electron: code execution
An attacker can use a vulnerability of Node.js electron, in order to run code...
Node.js m-server: directory traversal
An attacker can traverse directories of Node.js m-server, in order to read a file outside the service root path...
Node.js express-cart: privilege escalation
An attacker can bypass restrictions of Node.js express-cart, in order to escalate his privileges...
Node.js m-server: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js m-server, in order to run JavaScript code in the context of the web site...
Node.js ps: code execution
An attacker can use a vulnerability of Node.js ps, in order to run code...
Node.js ascii-art: code execution
An attacker can use a vulnerability of Node.js ascii-art, in order to run code...
Node.js browserify-hmr: information disclosure
An attacker can bypass access restrictions to data of Node.js browserify-hmr, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 872 873 874 875 876 877 878 879 880 882 884 885 886 887 888 889 890 891 892 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103