The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Apache httpd: denial of service via mod_http2
An attacker can trigger a fatal error via mod_http2 of Apache httpd, in order to trigger a denial of service...
Poppler: assertion error via Object-dictLookup
An attacker can force an assertion error via Object::dictLookup() of Poppler, in order to trigger a denial of service...
Poppler: NULL pointer dereference via XRef-getEntry
An attacker can force a NULL pointer to be dereferenced via XRef::getEntry() of Poppler, in order to trigger a denial of service...
TYPO3 Core: Cross Site Scripting via Flash WebSVG Component
An attacker can trigger a Cross Site Scripting via Flash WebSVG Component of TYPO3 Core, in order to run JavaScript code in the context of the web site...
TYPO3 Core: code execution via CommandUtility API
An attacker can use a vulnerability via CommandUtility API of TYPO3 Core, in order to run code...
TYPO3 Extensions: four vulnerabilities
An attacker can use several vulnerabilities of TYPO3 Extensions...
apt: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on apt, in order to read or write data in the session, so a malicious package is installed...
TYPO3 Core: multiple vulnerabilities
An attacker can use several vulnerabilities of TYPO3 Core...
WebKitGTK+: multiple vulnerabilities
An attacker can use several vulnerabilities of WebKitGTK+...
FreeRDP: information disclosure via drdynvc_process_capability_request
A local attacker can read a memory fragment via drdynvc_process_capability_request() of FreeRDP, in order to obtain sensitive information...
Axway File Transfer Direct: directory traversal
An attacker can traverse directories of Axway File Transfer Direct, in order to read a file outside the service root path...
Joomla JoomCRM: SQL injection
An attacker can use a SQL injection of Joomla JoomCRM, in order to read or alter data...
Joomla JoomProject: information disclosure via Json Format
An attacker can bypass access restrictions to data via Json Format of Joomla JoomProject, in order to obtain sensitive information...
Joomla J-CruiseReservation: SQL injection
An attacker can use a SQL injection of Joomla J-CruiseReservation, in order to read or alter data...
SPIP: multiple vulnerabilities
An attacker can use several vulnerabilities of SPIP...
PoDoFo: integer overflow via PdfObjectStreamParserObject-ReadObjectsFromStream
An attacker can trigger an integer overflow via PdfObjectStreamParserObject::ReadObjectsFromStream() of PoDoFo, in order to trigger a denial of service, and possibly to run code...
PoDoFo: denial of service via PdfParser-ReadXRefSubsection
An attacker can trigger a fatal error via PdfParser::ReadXRefSubsection() of PoDoFo, in order to trigger a denial of service...
gvfs: privilege escalation via Unavailable Authentication Agent
An attacker can bypass restrictions via Unavailable Authentication Agent of gvfs, in order to escalate his privileges...
Radare2: multiple vulnerabilities
An attacker can use several vulnerabilities of Radare2...
LibRaw: three vulnerabilities
An attacker can use several vulnerabilities of LibRaw...
Node.js loopback: privilege escalation via Authorization Tokens
An attacker can bypass restrictions via Authorization Tokens of Node.js loopback, in order to escalate his privileges...
OTRS Help Desk: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of OTRS Help Desk, in order to run JavaScript code in the context of the web site...
BMC PATROL Agent: privilege escalation via PatrolCli
An attacker can bypass restrictions via PatrolCli of BMC PATROL Agent, in order to escalate his privileges...
LIVE555 Streaming Media Library: denial of service via RTSPServer handleHTTPCmd_TunnelingPOST
An attacker can trigger a fatal error via RTSPServer handleHTTPCmd_TunnelingPOST() of LIVE555 Streaming Media Library, in order to trigger a denial of service...
gitolite: code execution via Rsync Command Line Options
An attacker can use a vulnerability via Rsync Command Line Options of gitolite, in order to run code...
Linux kernel: memory corruption via sk_clone_lock
An attacker can trigger a memory corruption via sk_clone_lock() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Node.js bootstrap-vue: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js bootstrap-vue, in order to run JavaScript code in the context of the web site...
Node.js jquery.terminal: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js jquery.terminal, in order to run JavaScript code in the context of the web site...
SSSD: privilege escalation via Root Directory Home
An attacker can bypass restrictions via Root Directory Home of SSSD, in order to escalate his privileges...
Jenkins Core: two vulnerabilities
An attacker can use several vulnerabilities of Jenkins Core...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 891 892 893 894 895 896 897 898 899 901 903 904 905 906 907 908 909 910 911 921 941 961 981 1001 1021 1041 1061 1069