The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Drupal Core: code execution via Phar Stream Wrapper
An attacker can use a vulnerability via Phar Stream Wrapper of Drupal Core, in order to run code...
Node.js terriajs-server: information disclosure via Server-Side Request Forgery
An attacker can bypass access restrictions to data via Server-Side Request Forgery of Node.js terriajs-server, in order to obtain sensitive information...
Node.js loopback-connector-mongodb: NoSQL injection
An attacker can use a NoSQL injection of Node.js loopback-connector-mongodb, in order to read or alter data...
Apache OpenOffice: integer overflow via Small End Line Termination
An attacker can trigger an integer overflow via Small End Line Termination of Apache OpenOffice, in order to trigger a denial of service, and possibly to run code...
Synology DSM Moments: file upload
An attacker can upload a malicious file on Synology DSM Moments, in order for example to upload a Trojan...
Oracle VM VirtualBox: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle Solaris: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle MySQL: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle Java: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle Outside In Technology: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle Fusion Middleware: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle Communications: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Oracle Database: vulnerabilities of January 2019
Several vulnerabilities were announced in Oracle products...
Microsoft Skype for Business: Cross Site Scripting via Authenticated Spoofing
An attacker can trigger a Cross Site Scripting via Authenticated Spoofing of Microsoft Skype for Business, in order to run JavaScript code in the context of the web site...
Horde Form: file upload via Image
An attacker can upload a malicious file via Image on Horde Form, in order for example to upload a Trojan...
UnRTF: buffer overflow via cmd_
An attacker can trigger a buffer overflow via cmd_ of UnRTF, in order to trigger a denial of service, and possibly to run code...
Joomla Core: four vulnerabilities
An attacker can use several vulnerabilities of Joomla Core...
Openfire: Cross Site Scripting via LDAP Setup Pages
An attacker can trigger a Cross Site Scripting via LDAP Setup Pages of Openfire, in order to run JavaScript code in the context of the web site...
Node.js sandbox: code execution via Sandbox Breakout
An attacker can use a vulnerability via Sandbox Breakout of Node.js sandbox, in order to run code...
Node.js portionfatty12: code execution via Malicious Package
An attacker can use a vulnerability via Malicious Package of Node.js portionfatty12, in order to run code...
Synology DSM Calendar: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Synology DSM Calendar, in order to run JavaScript code in the context of the web site...
Synology DSM Surveillance Station: code execution
An attacker can use a vulnerability of Synology DSM Surveillance Station, in order to run code...
Synology DSM VS960HD: code execution
An attacker can use a vulnerability of Synology DSM VS960HD, in order to run code...
Webmin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Webmin, in order to run JavaScript code in the context of the web site...
HAProxy: denial of service via HTTP/2 Priority Flag
An attacker can trigger a fatal error via HTTP/2 Priority Flag of HAProxy, in order to trigger a denial of service...
WordPress easy-redirect-manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of WordPress easy-redirect-manager, in order to run JavaScript code in the context of the web site...
ZeroMQ: code execution via size_ready
An attacker can use a vulnerability via size_ready() of ZeroMQ, in order to run code...
PEAR: code execution via Archive_Tar
An attacker can use a vulnerability via Archive_Tar of PEAR, in order to run code...
GNOME Bluetooth: privilege escalation via BlueZ Visibility
An attacker can bypass restrictions via BlueZ Visibility of GNOME Bluetooth, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 890 891 892 893 894 895 896 897 898 900 902 903 904 905 906 907 908 909 910 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1127