The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
amanda: privilege escalation via Tar Command Options
An attacker can bypass restrictions via Tar Command Options of amanda, in order to escalate his privileges...
OpenBSD: denial of service via POSIX File Locks
An attacker can generate a fatal error via POSIX File Locks of OpenBSD, in order to trigger a denial of service...
KDE kio-extras: information disclosure via HTML Thumbnailer
An attacker can bypass access restrictions to data via HTML Thumbnailer of KDE kio-extras, in order to obtain sensitive information...
Flatpak: privilege escalation via Setuid Root Files Creation
An attacker can bypass restrictions via Setuid Root Files Creation of Flatpak, in order to escalate his privileges...
Firefox: denial of service
An attacker can generate a fatal error of Firefox, in order to trigger a denial of service...
Poppler: assertion error via Object.h
An attacker can force an assertion error via Object.h of Poppler, in order to trigger a denial of service...
Poppler: out-of-bounds memory reading via EmbFile-save2
An attacker can force a read at an invalid address via EmbFile::save2() of Poppler, in order to trigger a denial of service, or to obtain sensitive information...
Poppler: NULL pointer dereference via goo/GooString.h
An attacker can force a NULL pointer to be dereferenced via goo/GooString.h of Poppler, in order to trigger a denial of service...
elfutils: denial of service via arlib_add_symbols
An attacker can generate a fatal error via arlib_add_symbols() of elfutils, in order to trigger a denial of service...
elfutils: NULL pointer dereference via elf_end
An attacker can force a NULL pointer to be dereferenced via elf_end() of elfutils, in order to trigger a denial of service...
elfutils: NULL pointer dereference via dwfl_segment_report_module.c
An attacker can force a NULL pointer to be dereferenced via dwfl_segment_report_module.c of elfutils, in order to trigger a denial of service...
MuPDF: memory corruption via pdf_get_xref_entry
An attacker can generate a memory corruption via pdf_get_xref_entry() of MuPDF, in order to trigger a denial of service, and possibly to run code...
MuPDF: memory corruption via pdf_dev_alpha
An attacker can generate a memory corruption via pdf_dev_alpha() of MuPDF, in order to trigger a denial of service, and possibly to run code...
MuPDF: out-of-bounds memory reading via fz_run_t3_glyph
An attacker can force a read at an invalid address via fz_run_t3_glyph() of MuPDF, in order to trigger a denial of service, or to obtain sensitive information...
Suricata: memory corruption via ProcessMimeEntity
An attacker can generate a memory corruption via ProcessMimeEntity() of Suricata, in order to trigger a denial of service, and possibly to run code...
Avast Antivirus: code execution
An attacker can use a vulnerability of Avast Antivirus, in order to run code...
WordPress Ninja Forms: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress Ninja Forms, in order to run JavaScript code in the context of the web site...
PHP: memory leak via Garbage Collector Cyclic Reference
An attacker can create a memory leak via Garbage Collector Cyclic Reference of PHP, in order to trigger a denial of service...
PowerDNS: denial of service via Packet Cache Pollution
An attacker can generate a fatal error via Packet Cache Pollution of PowerDNS, in order to trigger a denial of service...
PowerDNS: denial of service via Zone Record
An attacker can generate a fatal error via Zone Record of PowerDNS, in order to trigger a denial of service...
Prim'X Technologies ZoneCentral: information disclosure via Unencrypted Small NTFS Files
An attacker can bypass access restrictions to data via Unencrypted Small NTFS Files of Prim'X Technologies ZoneCentral, in order to obtain sensitive information...
Centreon: SQL injection via SNMP trap
An attacker can use a SQL injection via SNMP trap of Centreon, in order to read or alter data...
Centreon: Cross Site Scripting via Adding Poller Macros
An attacker can trigger a Cross Site Scripting via Adding Poller Macros of Centreon, in order to run JavaScript code in the context of the web site...
Centreon: SQL injection via searchH
An attacker can use a SQL injection via searchH of Centreon, in order to read or alter data...
WebSphere AS: directory traversal via EBA
An attacker can traverse directories via EBA of WebSphere AS, in order to create a file outside the service root path...
KDE Connect: privilege escalation via SSH Encryption Algorithms
An attacker can bypass restrictions via SSH Encryption Algorithms of KDE Connect, in order to escalate his privileges...
Simple DirectMedia Layer: buffer overflow via do_layer_surface
An attacker can generate a buffer overflow via do_layer_surface() of Simple DirectMedia Layer, in order to trigger a denial of service, and possibly to run code...
Red Hat Subscription Manager: privilege escalation via Dbus
An attacker can bypass restrictions via Dbus of Red Hat Subscription Manager, in order to escalate his privileges...
Asterisk: denial of service via DNS-SRV/NAPTR Lookups
An attacker can generate a fatal error via DNS-SRV/NAPTR Lookups of Asterisk, in order to trigger a denial of service...
Grafana: file reading via Text Panels
A local attacker can read a file via Text Panels of Grafana, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 874 875 876 877 878 879 880 881 882 884 886 887 888 889 890 891 892 893 894 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103