The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
PowerDNS Recursor: out-of-bounds memory reading via Cache Lookup Hash
An attacker can force a read at an invalid address via Cache Lookup Hash of PowerDNS Recursor, in order to trigger a denial of service, or to obtain sensitive information...
PowerDNS Recursor: denial of service via Cached Meta-Type DNS Query
An attacker can generate a fatal error via Cached Meta-Type DNS Query of PowerDNS Recursor, in order to trigger a denial of service...
WebSphere AS: code execution via Unserialized Object
An attacker can use a vulnerability via Unserialized Object of WebSphere AS, in order to run code...
WebSphere AS: Cross Site Request Forgery via Admin Console
An attacker can trigger a Cross Site Request Forgery via Admin Console of WebSphere AS, in order to force the victim to perform operations...
WebSphere AS: privilege escalation via Cached Value
An attacker can bypass restrictions via Cached Value of WebSphere AS, in order to escalate his privileges...
keepalived: three vulnerabilities
An attacker can use several vulnerabilities of keepalived...
Linux kernel: NULL pointer dereference via kvm_pv_send_ipi
An attacker can force a NULL pointer to be dereferenced via kvm_pv_send_ipi() of the Linux kernel, in order to trigger a denial of service...
Node.js knightjs: directory traversal
An attacker can traverse directories of Node.js knightjs, in order to read a file outside the service root path...
wxWidgets: multiple vulnerabilities via Third Party Libraries
An attacker can use several vulnerabilities via Third Party Libraries of wxWidgets...
CUPS: privilege escalation via Predictable Linux Session Cookies
An attacker can bypass restrictions via Predictable Linux Session Cookies of CUPS, in order to escalate his privileges...
PHP: NULL pointer dereference via imap_mail
An attacker can force a NULL pointer to be dereferenced via imap_mail() of PHP, in order to trigger a denial of service...
LXML: Cross Site Scripting via Spaced URLs
An attacker can trigger a Cross Site Scripting via Spaced URLs of LXML, in order to run JavaScript code in the context of the web site...
Cairo: use after free via cairo_ft_apply_variations
An attacker can force the usage of a freed memory area via cairo_ft_apply_variations() of Cairo, in order to trigger a denial of service, and possibly to run code...
Apache Hadoop: privilege escalation via Yarn User
An attacker can bypass restrictions via Yarn User of Apache Hadoop, in order to escalate his privileges...
messagelib: information disclosure via IP Address
An attacker can bypass access restrictions to data via IP Address of messagelib, in order to obtain sensitive information...
WebSphere AS: information disclosure via httpServletRequest-authenticate
An attacker can bypass access restrictions to data via httpServletRequest::authenticate() of WebSphere AS, in order to obtain sensitive information...
BIRD: buffer overflow via BGP Mask Expressions
An attacker can generate a buffer overflow via BGP Mask Expressions of BIRD, in order to trigger a denial of service, and possibly to run code...
PolicyKit: privilege escalation via INT_MAX uid
An attacker can bypass restrictions via INT_MAX uid of PolicyKit, in order to escalate his privileges...
Symfony: open redirect via Backslashes
An attacker can deceive the user via Backslashes of Symfony, in order to redirect him to a malicious site...
Symfony: information disclosure via File Uploads Form Types
An attacker can bypass access restrictions to data via File Uploads Form Types of Symfony, in order to obtain sensitive information...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
Ruby Active Job: information disclosure via GlobalId
An attacker can bypass access restrictions to data via GlobalId of Ruby Active Job, in order to obtain sensitive information...
WavPack: out-of-bounds memory reading via WavpackVerifySingleBlock
An attacker can force a read at an invalid address via WavpackVerifySingleBlock() of WavPack, in order to trigger a denial of service, or to obtain sensitive information...
WavPack: infinite loop via WavpackPackInit
An attacker can generate an infinite loop via WavpackPackInit() of WavPack, in order to trigger a denial of service...
RabbitMQ: privilege escalation via Predictable Cluster Shared Erlang/OTP Cookie
An attacker can bypass restrictions via Cluster Shared Erlang/OTP Cookie of RabbitMQ, in order to escalate his privileges...
jQuery File Upload: file upload
An attacker can upload a malicious file on jQuery File Upload, in order for example to upload a Trojan...
F5 BIG-IP APM Client: privilege escalation via Linux/macOS
An attacker can bypass restrictions via Linux/macOS of F5 BIG-IP APM Client, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 880 881 882 883 884 885 886 887 888 890 892 893 894 895 896 897 898 899 900 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1103