The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Kubernetes: file creation via Kubectl Cp
A local attacker can create or overwrite a file when "kubectl cp" is used...
Kubernetes: read-write access via API Server Cluster-scoped Resource
An attacker can bypass access restrictions via API Server Cluster-scoped Resource of Kubernetes, in order to read or alter data...
ClamAV: infinite loop via Better Zip Bomb Overlapping
An attacker can trigger an infinite loop via Zip Bomb of ClamAV, in order to trigger a denial of service (same origin than VIGILANCE-VUL-29701)...
Data ONTAP 7-Mode: information disclosure via Insecure SMB Cryptography
An attacker can bypass access restrictions to data via Insecure SMB Cryptography of Data ONTAP 7-Mode, in order to obtain sensitive information...
IBM Spectrum Protect for Enterprise Resource Planning: information disclosure via Password Trace File
An attacker can bypass access restrictions to data via Password Trace File of IBM Spectrum Protect for Enterprise Resource Planning, in order to obtain sensitive information...
VMware ESXi, Workstation: two vulnerabilities
An attacker can use several vulnerabilities of VMware ESXi and Workstation...
OpenBSD: denial of service via OpenSMTPD Large Input
An attacker can trigger a fatal error via OpenSMTPD Large Input of OpenBSD, in order to trigger a denial of service...
Node.js static-resource-server: file reading via Appended Slash
A local attacker can read a file via Appended Slash of Node.js static-resource-server, in order to obtain sensitive information...
IBM MQ: denial of service via Error Logging
An attacker can trigger a fatal error via Error Logging of IBM MQ, in order to trigger a denial of service...
Matrix: multiple vulnerabilities
An attacker can use several vulnerabilities of Matrix...
Vim: file reading via Group Membership
A local attacker can read a file via Group Membership of Vim, in order to obtain sensitive information...
Linux kernel: denial of service via Bluetooth hci_uart
An attacker can trigger a fatal error via Bluetooth hci_uart() of the Linux kernel, in order to trigger a denial of service...
Data ONTAP 7-Mode: information disclosure via Non-default Options
An attacker can bypass access restrictions to data via Non-default Options of Data ONTAP 7-Mode, in order to obtain sensitive information...
Data ONTAP 7-Mode: information disclosure via LDAP Account
An attacker can bypass access restrictions to data via LDAP Account of Data ONTAP 7-Mode, in order to obtain sensitive information...
Dnsmasq: out-of-bounds memory reading via do_doctor
An attacker can force a read at an invalid address via do_doctor() of Dnsmasq, in order to trigger a denial of service, or to obtain sensitive information...
IBM MQ Client: denial of service via Messages
An attacker can trigger a fatal error via Messages of IBM MQ Client, in order to trigger a denial of service...
Sigil: directory traversal via ZIP Archive Entry
An attacker can traverse directories via ZIP Archive Entry of Sigil, in order to write a file outside the service root path...
Django: four vulnerabilities
An attacker can use several vulnerabilities of Django...
SquirrelMail: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of SquirrelMail, in order to run JavaScript code in the context of the web site...
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
Symantec Endpoint Protection: privilege escalation
An attacker can bypass restrictions of Symantec Endpoint Protection, in order to escalate his privileges...
libslirp: buffer overflow via ip_reass
An attacker can trigger a buffer overflow via ip_reass() of libslirp, in order to trigger a denial of service, and possibly to run code...
Gnome Pango: buffer overflow
An attacker can trigger a buffer overflow of Gnome Pango, in order to trigger a denial of service, and possibly to run code...
IcedTea-Web: three vulnerabilities
An attacker can use several vulnerabilities of IcedTea-Web...
Cisco Nexus 9000: buffer overflow via LLDP
An attacker can trigger a buffer overflow via LLDP of Cisco Nexus 9000, in order to trigger a denial of service, and possibly to run code...
Apache Solr: code execution via DataImportHandler
An attacker can use a vulnerability via DataImportHandler of Apache Solr, in order to run code...
Apache Subversion: NULL pointer dereference via svnserve construct_server_baton
An attacker can force a NULL pointer to be dereferenced via svnserve construct_server_baton() of Apache Subversion, in order to trigger a denial of service...
Apache Subversion: assertion error via svnserve get-deleted-rev
An attacker can force an assertion error via svnserve get-deleted-rev of Apache Subversion, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 945 946 947 948 949 950 951 952 953 955 957 958 959 960 961 962 963 964 965 981 1001 1020