The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
OpenStack Neutron: denial of service via Security Groups Separate/Overlapping Port Ranges
An attacker can trigger a fatal error via Security Groups Separate/Overlapping Port Ranges of OpenStack Neutron, in order to trigger a denial of service...
Linux kernel: denial of service via nVMX L0 MSR
An attacker, inside a guest system, can trigger a fatal error via nVMX L0 MSR of the Linux kernel, in order to trigger a denial of service on the host system...
Evolution EWS: Man-in-the-Middle via Ignored Certificate Errors
An attacker can act as a Man-in-the-Middle via Ignored Certificate Errors on Evolution EWS, in order to read or write data in the session...
PSPP: assertion error via write_long_string_missing_values
An attacker can force an assertion error via write_long_string_missing_values() of PSPP, in order to trigger a denial of service...
GLPI: multiple vulnerabilities
An attacker can use several vulnerabilities of GLPI...
Tryton: information disclosure via Record Ordering
An attacker can bypass access restrictions to data via Record Ordering of Tryton, in order to obtain sensitive information...
Roundup: Cross Site Scripting via 404 Errors
An attacker can trigger a Cross Site Scripting via 404 Errors of Roundup, in order to run JavaScript code in the context of the web site...
WebKitGTK: buffer overflow via UIProcess
An attacker can trigger a buffer overflow via UIProcess of WebKitGTK, in order to trigger a denial of service, and possibly to run code...
ZNC: denial of service via Invalid Encoding
An attacker can trigger a fatal error via Invalid Encoding of ZNC, in order to trigger a denial of service...
Poppler: out-of-bounds memory reading via downsample_row_box_filter
An attacker can force a read at an invalid address via downsample_row_box_filter() of Poppler, in order to trigger a denial of service, or to obtain sensitive information...
IBM API Connect: privilege escalation via Developer Portal OpenID Connect
An attacker can bypass restrictions via Developer Portal OpenID Connect of IBM API Connect, in order to escalate his privileges...
IBM QRadar SIEM: privilege escalation
An attacker can bypass restrictions of IBM QRadar SIEM, in order to escalate his privileges...
Node.js Modules: multiple vulnerabilities
An attacker can use several vulnerabilities of Node.js Modules...
FortiOS: privilege escalation via ZebOS Routing Settings Change
An attacker can bypass restrictions via ZebOS Routing Settings Change of FortiOS, in order to escalate his privileges...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
IBM API Connect: information disclosure via URIs
An attacker can bypass access restrictions to data via URIs of IBM API Connect, in order to obtain sensitive information...
Drupal Services: file reading via attach_file
A local attacker can read a file via attach_file of Drupal Services, in order to obtain sensitive information...
Go: information disclosure via Net/http CRLF Injection
An attacker can bypass access restrictions to data via Net/http CRLF Injection of Go, in order to obtain sensitive information...
Linux kernel: information disclosure via ASLR Bypass
An attacker can bypass access restrictions to data via ASLR Bypass of the Linux kernel, in order to obtain sensitive information...
Jenkins plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins plugins...
netpbm: out-of-bounds memory reading via pm_mallocarray2
An attacker can force a read at an invalid address via pm_mallocarray2() of netpbm, in order to trigger a denial of service, or to obtain sensitive information...
Node.js serve: directory traversal
An attacker can traverse directories of Node.js serve, in order to read a file outside the service root path...
Node.js highcharts: denial of service via Regular Expression
An attacker can trigger a fatal error via Regular Expression of Node.js highcharts, in order to trigger a denial of service...
Vtiger CRM: two vulnerabilities
An attacker can use several vulnerabilities of Vtiger CRM...
Linux kernel: denial of service via vfio/type1 DMA Mappings
An attacker can trigger a fatal error via vfio/type1 DMA Mappings of the Linux kernel, in order to trigger a denial of service...
FortiOS: buffer overflow via Javascript HREF Content
An attacker can trigger a buffer overflow via Javascript HREF Content of FortiOS, in order to trigger a denial of service, and possibly to run code...
FortiOS: privilege escalation via Restoring Modified Configurations
An attacker can bypass restrictions via Restoring Modified Configurations of FortiOS, in order to escalate his privileges...
IBM Spectrum Protect: information disclosure via Restored Files Permissions
An attacker can bypass access restrictions to data via Restored Files Permissions of IBM Spectrum Protect, in order to obtain sensitive information...
Firebird: NULL pointer dereference via xdr_status_vector
An attacker can force a NULL pointer to be dereferenced via xdr_status_vector() of Firebird, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 912 913 914 915 916 917 918 919 920 922 924 925 926 927 928 929 930 931 932 941 961 981 1001 1021 1041 1061 1081 1101 1116