The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Grafana: code execution via go-macaroon
An attacker can use a vulnerability via go-macaroon of Grafana, in order to run code...
Mozilla NSS: information disclosure via Cache Side-channel
An attacker can bypass access restrictions to data via Cache Side-channel of Mozilla NSS, in order to obtain sensitive information...
pfSense: privilege escalation via system_advanced_misc.php
An attacker can bypass restrictions via system_advanced_misc.php of pfSense, in order to escalate his privileges...
pfSense: privilege escalation via dhcp_relinquish_lease
An attacker can bypass restrictions via dhcp_relinquish_lease of pfSense, in order to escalate his privileges...
pfSense: Cross Site Scripting via WebGUI
An attacker can trigger a Cross Site Scripting via WebGUI of pfSense, in order to run JavaScript code in the context of the web site...
pfSense: Cross Site Scripting via WebGUI
An attacker can trigger a Cross Site Scripting via WebGUI of pfSense, in order to run JavaScript code in the context of the web site...
Smarty: code execution via Shell Injection
An attacker can use a vulnerability via Shell Injection of Smarty, in order to run code...
PowerDNS DNSDist: information disclosure via Trailing Data
An attacker can bypass access restrictions to data via Trailing Data of PowerDNS DNSDist, in order to obtain sensitive information...
IBM QRadar SIEM: privilege escalation via Certificate Validation
An attacker can bypass restrictions via Certificate Validation of IBM QRadar SIEM, in order to escalate his privileges...
NSIS: code execution via Version.dll
An attacker can use a vulnerability via Version.dll of NSIS, in order to run code...
NSIS: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of NSIS...
libsndfile: out-of-bounds memory reading via wav_write_header
An attacker can force a read at an invalid address via wav_write_header() of libsndfile, in order to trigger a denial of service, or to obtain sensitive information...
libsndfile: buffer overflow via i2alaw/i2ulaw_array
An attacker can generate a buffer overflow via i2alaw/i2ulaw_array() of libsndfile, in order to trigger a denial of service, and possibly to run code...
Pulse Secure Desktop Client: privilege escalation via Insecure ACLs
An attacker can bypass restrictions via Insecure ACLs of Pulse Secure Desktop Client, in order to escalate his privileges...
OpenBSD 6.4: denial of service via Qcow2 4GB Write
An attacker can generate a fatal error via Qcow2 4GB Write of OpenBSD 6.4, in order to trigger a denial of service...
OpenBSD: memory leak via Sockets SCM_RIGHTS MSG_PEEK
An attacker can create a memory leak via Sockets SCM_RIGHTS MSG_PEEK of OpenBSD, in order to trigger a denial of service...
WebSphere AS: privilege escalation via Security Domain Federated Repository
An attacker can bypass restrictions via Security Domain Federated Repository of WebSphere AS, in order to escalate his privileges...
glibc: descriptor leak via getaddrinfo
An attacker can create a descriptor leak via getaddrinfo() of glibc, in order to trigger a denial of service...
Moodle: Cross Site Request Forgery via Login Form
An attacker can trigger a Cross Site Request Forgery via Login Form of Moodle, in order to force the victim to perform operations...
Perl Core: buffer overflow via S_regatom
An attacker can generate a buffer overflow via S_regatom() of Perl Core, in order to trigger a denial of service, and possibly to run code...
Perl Core: out-of-bounds memory reading via S_grok_bslash_N
An attacker can force a read at an invalid address via S_grok_bslash_N() of Perl Core, in order to trigger a denial of service, or to obtain sensitive information...
Perl Core: buffer overflow via Regular Expression Compilation
An attacker can generate a buffer overflow via Regular Expression Compilation of Perl Core, in order to trigger a denial of service, and possibly to run code...
Perl Core: integer overflow via Perl_my_setenv
An attacker can generate an integer overflow via Perl_my_setenv() of Perl Core, in order to trigger a denial of service, and possibly to run code...
Ansible Core: information disclosure via Windows Powershell Log
An attacker can bypass access restrictions to data via Windows Powershell Log of Ansible Core, in order to obtain sensitive information...
Ubuntu 18: file reading via OverlayFS
A local attacker can read a file via OverlayFS of Ubuntu 18, in order to obtain sensitive information...
Node.js tianma-static: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js tianma-static, in order to run JavaScript code in the context of the web site...
Node.js takeapeek: directory traversal
An attacker can traverse directories of Node.js takeapeek, in order to read a file outside the service root path...
Node.js cached-path-relative: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js cached-path-relative, in order to escalate his privileges...
Node.js text-qrcode: information disclosure via Entropy Backdoor
An attacker can bypass access restrictions to data via Entropy Backdoor of Node.js text-qrcode, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 878 879 880 881 882 883 884 885 886 888 890 891 892 893 894 895 896 897 898 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103