The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
GraphicsMagick: memory leak via WriteMSLImage
An attacker can create a memory leak via WriteMSLImage() of GraphicsMagick, in order to trigger a denial of service...
libmatroska: use after free
An attacker can force the usage of a freed memory area of libmatroska, in order to trigger a denial of service, and possibly to run code...
Xen: denial of service via Shadow Paging
An attacker, inside a guest system, can generate a fatal error via Shadow Paging of Xen, in order to trigger a denial of service on the host system...
Xen: denial of service via INVPCID Non-canonical Addresses
An attacker, inside a guest system, can generate a fatal error via INVPCID Non-canonical Addresses of Xen, in order to trigger a denial of service on the host system...
Xen: denial of service via x86 P2M Page Removals
An attacker, inside a guest system, can generate a fatal error via x86 P2M Page Removals of Xen, in order to trigger a denial of service on the host system...
Xen: denial of service via x86 IOREQ
An attacker, inside a guest system, can generate a fatal error via x86 IOREQ of Xen, in order to trigger a denial of service on the host system...
Xen: privilege escalation via Insufficient AMD IOMMU TLB Flushing
An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system...
WebSphere AS: external XML entity injection
An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service...
liblivemedia: buffer overflow
An attacker can generate a buffer overflow of liblivemedia, in order to trigger a denial of service, and possibly to run code...
Chrome: use after free via GPU
An attacker can force the usage of a freed memory area via GPU of Chrome, in order to trigger a denial of service, and possibly to run code...
Zope 2: information disclosure via Passw String
An attacker can bypass access restrictions to data via Passw String of Zope 2, in order to obtain sensitive information...
TYPO3 libconnect: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of TYPO3 libconnect, in order to run JavaScript code in the context of the web site...
TYPO3 Core: information disclosure via NGINX
An attacker can bypass access restrictions to data via NGINX of TYPO3 Core, in order to obtain sensitive information...
SaltStack Salt: code execution via salt-api
An attacker can use a vulnerability via salt-api of SaltStack Salt, in order to run code...
SaltStack Salt: directory traversal
An attacker can traverse directories of SaltStack Salt, in order to read a file outside the service root path...
Cyrus SASL: denial of service via saslauthd ipc_doors.c
An attacker can generate a fatal error via saslauthd ipc_doors.c of Cyrus SASL, in order to trigger a denial of service...
QEMU: use after free via v9fs_path_copy
An attacker, inside a guest system, can force the usage of a freed memory area via v9fs_path_copy() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
Adobe Flash Player: memory corruption via Type Confusion
An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code...
uriparser: three vulnerabilities
An attacker can use several vulnerabilities of uriparser...
libwpd: NULL pointer dereference via WP6ContentListener-defineTable
An attacker can force a NULL pointer to be dereferenced via WP6ContentListener::defineTable() of libwpd, in order to trigger a denial of service...
OpenJPEG: NULL pointer dereference via imagetopnm
An attacker can force a NULL pointer to be dereferenced via imagetopnm() of OpenJPEG, in order to trigger a denial of service...
Joomla Jimtawl: SQL injection
An attacker can use a SQL injection of Joomla Jimtawl, in order to read or alter data...
FortiGate: information disclosure via PPTP Server Hostname
An attacker can bypass access restrictions to data via PPTP Server Hostname of FortiGate, in order to obtain sensitive information...
FortiGate: privilege escalation via LDAP Server Connectivity
An attacker can bypass restrictions via LDAP Server Connectivity of Fortigate, in order to escalate his privileges...
FortiAnalyzer: Cross Site Scripting via DHCP Hostname Parameter
An attacker can trigger a Cross Site Scripting via DHCP Hostname Parameter of FortiAnalyzer, in order to run JavaScript code in the context of the web site...
Jupyter Notebook: Cross Site Scripting via Nbconvert
An attacker can trigger a Cross Site Scripting via Nbconvert of Jupyter Notebook, in order to run JavaScript code in the context of the web site...
Centreon: SQL injection via searchVM
An attacker can use a SQL injection of Centreon, in order to read or alter data...
Centreon: Cross Site Scripting via Service
An attacker can trigger a Cross Site Scripting of Centreon, in order to run JavaScript code in the context of the web site...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 875 876 877 878 879 880 881 882 883 885 887 888 889 890 891 892 893 894 895 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103