The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Jenkins Plugins: multiple vulnerabilities
An attacker can use several vulnerabilities of Jenkins Plugins...
VideoLAN VLC: multiple vulnerabilities
An attacker can use several vulnerabilities of VideoLAN VLC...
Synology DSM Photo Station: privilege escalation
An attacker can bypass restrictions of Synology DSM Photo Station, in order to escalate his privileges...
Dell EMC Avamar: file reading via ADMe Web UI
A local attacker can read a file via ADMe Web UI of Dell EMC Avamar, in order to obtain sensitive information...
Linux kernel: NULL pointer dereference via sunxi_divs_clk_setup
An attacker can force a NULL pointer to be dereferenced via sunxi_divs_clk_setup() of the Linux kernel, in order to trigger a denial of service...
Vim: code execution via Source Commande Modeline
An attacker can use a vulnerability via Source Commande Modeline of Vim, in order to run code...
Undertow: information disclosure via UndertowLogger.REQUEST_LOGGER.undertowRequestFailed
An attacker can bypass access restrictions to data via UndertowLogger.REQUEST_LOGGER.undertowRequestFailed of Undertow, in order to obtain sensitive information...
PicketLink: privilege escalation via xinclude Parameter URL Injection
An attacker can bypass restrictions via xinclude Parameter URL Injection of PicketLink, in order to escalate his privileges...
PicketLink: Cross Site Scripting via SAMLRequest RelayState Parameter
An attacker can trigger a Cross Site Scripting via SAMLRequest RelayState Parameter of PicketLink, in order to run JavaScript code in the context of the web site...
stunnel: privilege escalation via Insecure OpenSSL Cross-compilation
An attacker can bypass restrictions via Insecure OpenSSL Cross-compilation of stunnel, in order to escalate his privileges...
GLib: file reading via file_copy_fallback
A local attacker can read a file via file_copy_fallback() of GLib, in order to obtain sensitive information...
Bubblewrap: denial of service via Temporary Monted Directories
An attacker can trigger a fatal error via Temporary Monted Directories of Bubblewrap, in order to trigger a denial of service...
Dell EMC OpenManage Server Administrator: two vulnerabilities
An attacker can use several vulnerabilities of Dell EMC OpenManage Server Administrator...
Vtiger CRM: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Vtiger CRM, in order to run JavaScript code in the context of the web site...
Cyrus IMAP: buffer overflow via Httpd Daemon
An attacker can trigger a buffer overflow via Httpd Daemon of Cyrus IMAP, in order to trigger a denial of service, and possibly to run code...
Poppler: out-of-bounds memory reading via FoFiTrueType-dumpString
An attacker can force a read at an invalid address via FoFiTrueType::dumpString() of Poppler, in order to trigger a denial of service, or to obtain sensitive information...
Poppler: out-of-bounds memory reading via JPXStream-init
An attacker can force a read at an invalid address via JPXStream::init() of Poppler, in order to trigger a denial of service, or to obtain sensitive information...
Poppler: out-of-bounds memory reading via Splash-blitTransparent
An attacker can force a read at an invalid address via Splash::blitTransparent() of Poppler, in order to trigger a denial of service, or to obtain sensitive information...
Joomla YOOtheme ZOO: SQL injection
An attacker can use a SQL injection of Joomla YOOtheme ZOO, in order to read or alter data...
Node.js modules: malicious code
The Node team found modules containing malicious code, which executes for example during the installation. Administrator thus have to ensure they do not have those modules installed on their platforms...
Grafana: privilege escalation via CSV Formula Injection
An attacker can bypass restrictions via CSV Formula Injection of Grafana, in order to escalate his privileges...
Cisco Unified Computing System: privilege escalation via BIOS Upgrade
An attacker can bypass restrictions via BIOS Upgrade of Cisco Unified Computing System, in order to escalate his privileges...
Cisco IOS XR: information disclosure via SSH Double Authentication
An attacker can bypass access restrictions to data via SSH Double Authentication of Cisco IOS XR, in order to obtain sensitive information...
Cisco Unified Communications Manager IM&P Service: denial of service via XMPP Authentication
An attacker can trigger a fatal error via XMPP Authentication of Cisco Unified Communications Manager IM&P Service, in order to trigger a denial of service...
Linux kernel: buffer overflow via mwifiex_update_bss_desc_with_ie
An attacker can trigger a buffer overflow via mwifiex_update_bss_desc_with_ie() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
deepin-api: privilege escalation via Polkit Actions
An attacker can bypass restrictions via Polkit Actions of deepin-api, in order to escalate his privileges...
VMware Workstation Linux: use after free via ALSA Backend
An attacker can force the usage of a freed memory area via ALSA Backend of VMware Workstation Linux, in order to trigger a denial of service, and possibly to run code...
Chrome: multiple vulnerabilities
An attacker can use several vulnerabilities of Chrome...
NetBSD: information disclosure
A local attacker can read a memory fragment of NetBSD, in order to obtain sensitive information...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 930 931 932 933 934 935 936 937 938 940 942 943 944 945 946 947 948 949 950 961 981 1001 1020