The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Node.js jingo: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js jingo, in order to run JavaScript code in the context of the web site...
Spring Framework: privilege escalation via JWT Issuer Validation
An attacker can bypass restrictions via JWT Issuer Validation of Spring Framework, in order to escalate his privileges...
BlackBerry UEM: three vulnerabilities via Management Console
An attacker can use several vulnerabilities via Management Console of BlackBerry UEM...
Go: three vulnerabilities
An attacker can use several vulnerabilities of Go...
Linux kernel: use after free via bc_svc_process
An attacker can force the usage of a freed memory area via bc_svc_process() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
libQt5: denial of service via QBmpHandler
An attacker can generate a fatal error via QBmpHandler() of libQt5, in order to trigger a denial of service...
libQt5: use after free via QXmlStreamReader
An attacker can force the usage of a freed memory area via QXmlStreamReader() of libQt5, in order to trigger a denial of service, and possibly to run code...
OpenBSD: assertion error via recv MSG_WAITALL
An attacker can force an assertion error via recv() MSG_WAITALL of OpenBSD, in order to trigger a denial of service...
QEMU: infinite loop via pvrdma_qp_send
An attacker, inside a guest system, can generate an infinite loop via pvrdma_qp_send() of QEMU, in order to trigger a denial of service on the host system...
QEMU: memory leak via pvrdma QP/CQ Creation
An attacker, inside a guest system, can create a memory leak via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system...
QEMU: NULL pointer dereference via pvrdma QP/CQ Creation
An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system...
Linux kernel: use after free via nested_get_vmcs12_pages
An attacker, inside a guest system, can force the usage of a freed memory area via nested_get_vmcs12_pages() of the Linux kernel, in order to trigger a denial of service, and possibly to run code on the host system...
Linux kernel: buffer overflow via usb_get_extra_descriptor
An attacker can generate a buffer overflow via usb_get_extra_descriptor() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Nagios Core: Cross Site Scripting via Plugin Output
An attacker can trigger a Cross Site Scripting via Plugin Output of Nagios Core, in order to run JavaScript code in the context of the web site...
QEMU: out-of-bounds memory reading via rdma_backend_post
An attacker, inside a guest system, can force a read at an invalid address via rdma_backend_post of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
QEMU: NULL pointer dereference via pvrdma_main.c-uar_ops.read
An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma_main.c::uar_ops.read of QEMU, in order to trigger a denial of service on the host system...
Sleuth Kit: out-of-bounds memory reading via tsk_getu16
An attacker can force a read at an invalid address via tsk_getu16() of Sleuth Kit, in order to trigger a denial of service, or to obtain sensitive information...
OVMF: five vulnerabilities
An attacker can use several vulnerabilities of OVMF...
OVMF: information disclosure via AuthVariable Timestamp
A local attacker can read a memory fragment via AuthVariable Timestamp of OVMF, in order to obtain sensitive information...
Ghostscript: memory corruption via SetPattern
An attacker can generate a memory corruption via SetPattern of Ghostscript, in order to trigger a denial of service, and possibly to run code...
Node.js cordova-plugin-ionic-webview: directory traversal
An attacker can traverse directories of Node.js cordova-plugin-ionic-webview, in order to read a file outside the service root path...
Bootstrap: Cross Site Scripting via Scrollspy Data-target Property
An attacker can trigger a Cross Site Scripting via Scrollspy Data-target Property of Bootstrap, in order to run JavaScript code in the context of the web site...
IBM DB2: denial of service via TRUNCATE System Z
An attacker can generate a fatal error via TRUNCATE System Z of IBM DB2, in order to trigger a denial of service...
IBM GSKit: information disclosure via PKCS#1 Padding Side Channel
An attacker can bypass access restrictions to data via PKCS#1 Padding Side Channel of IBM GSKit, in order to obtain sensitive information...
IBM Notes/Domino: code execution via NSD Shared Memory IPC
An attacker can use a vulnerability via NSD Shared Memory IPC of IBM Notes/Domino, in order to run code...
GnuPG Dirmngr: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of GnuPG Dirmngr, in order to force the victim to perform operations...
Mbed TLS: information disclosure via RSA Decryption Local Timing Attack
An attacker can bypass access restrictions to data via RSA Decryption Local Timing Attack of Mbed TLS, in order to obtain sensitive information...
nbdkit: memory leak via TLS Connection
An attacker can create a memory leak via TLS Connection of nbdkit, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 882 883 884 885 886 887 888 889 890 892 894 895 896 897 898 899 900 901 902 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1138