The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
libmspack: information disclosure via chmd_read_headers
An attacker can bypass access restrictions to data via chmd_read_headers() of libmspack, in order to obtain sensitive information...
IBM Spectrum Protect Backup-Archive Client: read-write access via VxFS HP-UX Filesystems
An attacker can bypass access restrictions via VxFS HP-UX Filesystems of IBM Spectrum Protect Backup-Archive Client, in order to read or alter data...
IBM Spectrum Protect Backup-Archive Client: buffer overflow
An attacker can trigger a buffer overflow of IBM Spectrum Protect Backup-Archive Client, in order to trigger a denial of service, and possibly to run code...
Knot Resolver: privilege escalation via DNSSEC Downgrade
An attacker can bypass restrictions via DNSSEC Downgrade of Knot Resolver, in order to escalate his privileges...
Knot Resolver: privilege escalation via DNSSEC Validation Bypass
An attacker can bypass restrictions via DNSSEC Validation Bypass of Knot Resolver, in order to escalate his privileges...
FreeTDS: vulnerability
A vulnerability of FreeTDS was announced...
glibc: assertion error via parse_reg_exp
An attacker can force an assertion error via parse_reg_exp() of glibc, in order to trigger a denial of service...
Docker Engine: information disclosure via Stack Deploy Debug Mode
An attacker can bypass access restrictions to data via Stack Deploy Debug Mode of Docker Engine, in order to obtain sensitive information...
Node.js Modules: malicious code
Several Node.js modules are malicious, which can be used by an attacker in order to run code...
Linux kernel: privilege escalation via ptrace_link
An attacker can bypass restrictions via ptrace_link of the Linux kernel, in order to escalate his privileges...
IBM QRadar SIEM: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of IBM QRadar SIEM, in order to run JavaScript code in the context of the web site...
IBM QRadar SIEM: information disclosure via Content Export
An attacker can bypass access restrictions to data via Content Export of IBM QRadar SIEM, in order to obtain sensitive information...
IBM QRadar SIEM: information disclosure
An attacker can bypass access restrictions to data of IBM QRadar SIEM, in order to obtain sensitive information...
IBM QRadar SIEM: Cross Site Scripting via Web UI
An attacker can trigger a Cross Site Scripting of IBM QRadar SIEM, in order to run JavaScript code in the context of the web site...
Oracle Solaris: code execution via /proc/self
An attacker can use a vulnerability via /proc/self of Oracle Solaris, in order to run code...
Wireshark: denial of service via ASN.1 BER
An attacker can trigger a fatal error via ASN.1 BER of Wireshark, in order to trigger a denial of service...
Drupal Meta Tags Quick: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Meta Tags Quick, in order to run JavaScript code in the context of the web site...
Drupal ImageCache Actions: multiple vulnerabilities
An attacker can use several vulnerabilities of Drupal ImageCache Actions...
Drupal Core: privilege escalation via Experimental Workspaces Module
An attacker can bypass restrictions via Experimental Workspaces Module of Drupal Core, in order to escalate his privileges...
Cacti: Cross Site Scripting via Page Navigation
An attacker can trigger a Cross Site Scripting via Page Navigation of Cacti, in order to run JavaScript code in the context of the web site...
libxslt: out-of-bounds memory reading via xsltNumberFormatDecimal
An attacker can force a read at an invalid address via xsltNumberFormatDecimal() of libxslt, in order to trigger a denial of service, or to obtain sensitive information...
libxslt: memory corruption via xsltNumberFormatInsertNumbers
An attacker can trigger a memory corruption via xsltNumberFormatInsertNumbers() of libxslt, in order to trigger a denial of service, and possibly to run code...
Jenkins Core: three vulnerabilities
An attacker can use several vulnerabilities of Jenkins Core...
Oniguruma: use after free via onig_new_deluxe
An attacker can force the usage of a freed memory area via onig_new_deluxe() of Oniguruma, in order to trigger a denial of service, and possibly to run code...
WordPress Email Subscribers Newsletters: SQL injection
An attacker can use a SQL injection of WordPress Email Subscribers Newsletters, in order to read or alter data...
Node.js Modules: malicious code
Several Node.js modules are malicious, which can be used by an attacker in order to run code...
nginx: buffer overflow via njs nxt_sprintf.c
An attacker can trigger a buffer overflow via njs nxt_sprintf.c of nginx, in order to trigger a denial of service, and possibly to run code...
VideoLAN VLC: buffer overflow via demux_sys_t-FreeUnused
An attacker can trigger a buffer overflow via demux_sys_t::FreeUnused() of VideoLAN VLC, in order to trigger a denial of service, and possibly to run code...
Libgcrypt: information disclosure via Flush-and-reload
An attacker can bypass access restrictions to data via Flush-and-reload of Libgcrypt, in order to obtain sensitive information...
Microsoft Windows PowerShell Core: privilege escalation via WDAC
An attacker can bypass restrictions via WDAC of Microsoft Windows PowerShell Core, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 942 943 944 945 946 947 948 949 951 953 954 955 956 957 958 959 960 961 981 1001 1020