The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Siemens SIMATIC HMI/WinCC: privilege escalation via HTTP Header Injection
An attacker can bypass restrictions via HTTP Header Injection of Siemens SIMATIC HMI/WinCC, in order to escalate his privileges...
Siemens SIMATIC IT: privilege escalation via Authentication Bypass
An attacker can bypass restrictions via Authentication Bypass of Siemens SIMATIC IT, in order to escalate his privileges...
Siemens SIMATIC STEP7: information disclosure via Weak Password Hashes
An attacker can bypass access restrictions to data via Weak Password Hashes of Siemens SIMATIC STEP7, in order to obtain sensitive information...
Siemens SIMATIC S7-1200/S7-1500: denial of service via Pool Exhaustion
An attacker can generate a fatal error via Pool Exhaustion of Siemens SIMATIC S7-1200/S7-1500, in order to trigger a denial of service...
Siemens SIMATIC HMI/WinCC: multiple vulnerabilities via Web Panels
An attacker can use several vulnerabilities via Web Panels of Siemens SIMATIC HMI/WinCC...
Siemens SIMATIC S7-400: denial of service via 102/tcp
An attacker can generate a fatal error via 102/tcp of Siemens SIMATIC S7-400, in order to trigger a denial of service...
WordPress Custom Frontend Login Registration Form: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Custom Frontend Login Registration Form, in order to run JavaScript code in the context of the web site...
Linux kernel: privilege escalation via User Namespace map_write
An attacker can bypass restrictions via User Namespace map_write() of the Linux kernel, in order to escalate his privileges...
Flatpak: privilege escalation via Read Write Runtime
An attacker can bypass restrictions via Read Write Runtime of Flatpak, in order to escalate his privileges...
Keycloak: open redirect via org.keycloak.protocol.oidc.utils.RedirectUtils
An attacker can deceive the user via org.keycloak.protocol.oidc.utils.RedirectUtils of Keycloak, in order to redirect him to a malicious site...
Keycloak: privilege escalation via TOPT Brute Force
An attacker can bypass restrictions via TOPT Brute Force of Keycloak, in order to escalate his privileges...
Keycloak: code execution via State Parameter
An attacker can use a vulnerability via State Parameter of Keycloak, in order to run code...
Keycloak: privilege escalation via SAML Expired Certificates
An attacker can bypass restrictions via SAML Expired Certificates of Keycloak, in order to escalate his privileges...
Microsoft Windows: vulnerabilities of November 2018
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Skype for Business: denial of service
An attacker can generate a fatal error of Microsoft Skype for Business, in order to trigger a denial of service...
Microsoft PowerShell Core: vulnerabilities of November 2018
An attacker can use several vulnerabilities of Microsoft products...
Microsoft Lync: denial of service
An attacker can generate a fatal error of Microsoft Lync, in order to trigger a denial of service...
Microsoft Exchange Server: privilege escalation
An attacker can bypass restrictions of Microsoft Exchange Server, in order to escalate his privileges...
Microsoft Office: vulnerabilities of November 2018
An attacker can use several vulnerabilities of Microsoft products...
Microsoft .NET Core 2.1: privilege escalation via Tampering
An attacker can bypass restrictions via Tampering of Microsoft .NET Core 2.1, in order to escalate his privileges...
Microsoft IE/Edge: vulnerabilities of November 2018
An attacker can use several vulnerabilities of Microsoft products...
Adobe Acrobat/Reader: privilege escalation via NTLM SSO Hash Theft
An attacker can bypass restrictions via NTLM SSO Hash Theft of Adobe Acrobat/Reader, in order to escalate his privileges...
Adobe Flash Player: out-of-bounds memory reading
An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information...
SAP: multiples vulnerabilities of November 2018
An attacker can use several vulnerabilities of SAP products...
LibTIFF: NULL pointer dereference via TIFFRewriteDirectory
An attacker can force a NULL pointer to be dereferenced via TIFFRewriteDirectory() of LibTIFF, in order to trigger a denial of service...
systemd: privilege escalation via tmpfiles
An attacker can bypass restrictions via tmpfiles of systemd, in order to escalate his privileges...
systemd: privilege escalation via chown_one
An attacker can bypass restrictions via chown_one() of systemd, in order to escalate his privileges...
ImageMagick: out-of-bounds memory reading via EncodeImage
An attacker can force a read at an invalid address via EncodeImage() of ImageMagick, in order to trigger a denial of service, or to obtain sensitive information...
OpenSSL: information disclosure via ECC Scalar Multiplication
On an Intel processor (VIGILANCE-VUL-27667), an attacker can measure the execution time of the ECC Scalar Multiplication of OpenSSL, in order to obtain the used key...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 873 874 875 876 877 878 879 880 881 883 885 886 887 888 889 890 891 892 893 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103