The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libav: NULL pointer dereference via get_ue_golomb
An attacker can force a NULL pointer to be dereferenced via get_ue_golomb() of libav, in order to trigger a denial of service...
PAN-OS: privilege escalation via Management Web Interface
An attacker can bypass restrictions via Management Web Interface of PAN-OS, in order to escalate his privileges...
Zend Framework: information disclosure via zend-developer-tools
An attacker can bypass access restrictions to data via zend-developer-tools of Zend Framework, in order to obtain sensitive information...
VMware ESXi/Workstation: multiple vulnerabilities
An attacker can use several vulnerabilities of VMware ESXi/Workstation...
IBM API Connect: information disclosure via Weak Cryptographic Algorithms
An attacker can bypass access restrictions to data via Weak Cryptographic Algorithms of IBM API Connect, in order to obtain sensitive information...
PoDoFo: buffer overflow via PdfString-ConvertUTF16toUTF8
An attacker can trigger a buffer overflow via PdfString::ConvertUTF16toUTF8() of PoDoFo, in order to trigger a denial of service, and possibly to run code...
PoDoFo: NULL pointer dereference via PoDoFo-Impose-PdfTranslator-setSource
An attacker can force a NULL pointer to be dereferenced via PoDoFo::Impose::PdfTranslator::setSource() of PoDoFo, in order to trigger a denial of service...
RubyGems: six vulnerabilities
An attacker can use several vulnerabilities of RubyGems...
Dovecot: buffer overflow via FTS/POP3-UIDL Headers Index
An attacker can trigger a buffer overflow via FTS/POP3-UIDL Headers Index of Dovecot, in order to trigger a denial of service, and possibly to run code...
hostapd: information disclosure via Low Quality PRNG
An attacker can bypass access restrictions to data via Low Quality PRNG of hostapd, in order to obtain sensitive information...
Cisco IOS, IOS XE: multiple vulnerabilities
An attacker can use several vulnerabilities of Cisco IOS and IOS XE...
Linux kernel: use after free via aio_poll_wake
An attacker can force the usage of a freed memory area via aio_poll_wake() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
HP LaserJet: code execution via Application Signature Checking
An attacker can use a vulnerability via Application Signature Checking of HP LaserJet, in order to run code...
Eclipse Jetty: denial of service via Large HTTP2/SETTING Frames
An attacker can trigger a fatal error via Large HTTP2/SETTING Frames of Eclipse Jetty, in order to trigger a denial of service...
IBM API Connect: information disclosure via Caching
An attacker can bypass access restrictions to data via Caching of IBM API Connect, in order to obtain sensitive information...
Drupal Module Filter: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Module Filter, in order to run JavaScript code in the context of the web site...
GnuTLS: use after free via X.509 Certificate Verification
An attacker can force the usage of a freed memory area via X.509 Certificate Verification of GnuTLS, in order to trigger a denial of service, and possibly to run code...
GnuTLS: out-of-bounds memory reading via TLS1.3 Asynchronous Message
An attacker can force a read at an invalid address via TLS1.3 Asynchronous Message of GnuTLS, in order to trigger a denial of service, or to obtain sensitive information...
GRUB: memory leak via grub_ext2_read_block
An attacker can create a memory leak via grub_ext2_read_block of GRUB, in order to trigger a denial of service...
OVMF: buffer overflow via UDF
An attacker can trigger a buffer overflow via UDF of OVMF, in order to trigger a denial of service, and possibly to run code...
Node.js moment: denial of service via Regular Expression
An attacker can trigger a fatal error via Regular Expression of Node.js moment, in order to trigger a denial of service...
ClamAV: multiple vulnerabilities
An attacker can use several vulnerabilities of ClamAV...
OpenStack Ceilometer: information disclosure via Sensitive Configuration Date Loggued
An attacker can bypass access restrictions to data via Sensitive Configuration Date Loggued of OpenStack Ceilometer, in order to obtain sensitive information...
QEMU: buffer overflow via load_device_tree
An attacker, inside a guest system, can trigger a buffer overflow via load_device_tree() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
OpenBSD: privilege escalation via vmmints
An attacker can bypass restrictions via vmmints of OpenBSD, in order to escalate his privileges...
PowerDNS: denial of service via HTTP Remote Backend RESTful
An attacker can trigger a fatal error via HTTP Remote Backend RESTful of PowerDNS, in order to trigger a denial of service...
librsvg: infinite loop via SVG Use
An attacker can trigger an infinite loop via SVG Use of librsvg, in order to trigger a denial of service...
Linux kernel: use after free via em28xx_dvb_fini
An attacker can force the usage of a freed memory area via em28xx_dvb_fini() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
ImageMagick: memory leak via WriteDIBImage
An attacker can create a memory leak via WriteDIBImage() of ImageMagick, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 910 911 912 913 914 915 916 917 918 920 922 923 924 925 926 927 928 929 930 941 961 981 1001 1021 1041 1061 1081 1101 1116