The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Xpdf: out-of-bounds memory reading via FlateStream-getChar
An attacker can force a read at an invalid address via FlateStream::getChar() of Xpdf, in order to trigger a denial of service, or to obtain sensitive information...
Xpdf: out-of-bounds memory reading via JBIG2Stream-readTextRegionSeg
An attacker can force a read at an invalid address via JBIG2Stream::readTextRegionSeg() of Xpdf, in order to trigger a denial of service, or to obtain sensitive information...
Xpdf: out-of-bounds memory reading via FoFiType1-parse
An attacker can force a read at an invalid address via FoFiType1::parse() of Xpdf, in order to trigger a denial of service, or to obtain sensitive information...
Xpdf: out-of-bounds memory reading via SampledFunction-transform
An attacker can force a read at an invalid address via SampledFunction::transform() of Xpdf, in order to trigger a denial of service, or to obtain sensitive information...
Xpdf: buffer overflow via DCTStream-decodeImage
An attacker can trigger a buffer overflow via DCTStream::decodeImage() of Xpdf, in order to trigger a denial of service, and possibly to run code...
Apache mod_auth_openidc: open redirect via Logout Backslashes Url
An attacker can deceive the user via Logout Backslashes Url of mod_auth_openidc, in order to redirect him to a malicious site...
mod_auth_openidc: privilege escalation via OIDCUnAuthAction Pass
An attacker can bypass restrictions via OIDCUnAuthAction Pass of mod_auth_openidc, in order to escalate his privileges...
Go: assertion error via dsa.Verify
An attacker can force an assertion error via dsa.Verify() of Go, in order to trigger a denial of service...
Mosquitto: NULL pointer dereference
An attacker can force a NULL pointer to be dereferenced of Mosquitto, in order to trigger a denial of service...
libarchive: use after free via archive_read_format_rar_read_data
An attacker can force the usage of a freed memory area via archive_read_format_rar_read_data() of libarchive, in order to trigger a denial of service, and possibly to run code...
Ignite Openfire: privilege escalation via FaviconServlet.java GET Requests
An attacker can bypass restrictions via FaviconServlet.java GET Requests of Ignite Openfire, in order to escalate his privileges...
Ignite Openfire: directory traversal via PluginServlet.java
An attacker can traverse directories via PluginServlet.java of Ignite Openfire, in order to read a file outside the service root path...
TeamViewer: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of TeamViewer, in order to execute code...
VMware ESXi/Workstation: denial of service via Shader
An attacker can trigger a fatal error via Shader of VMware ESXi/Workstation, in order to trigger a denial of service...
VMware vCenter Server Appliance: information disclosure via File-Based Backup and Restore
An attacker can bypass access restrictions to data via File-Based Backup and Restore of VMware vCenter Server Appliance, in order to obtain sensitive information...
IBM API Connect: information disclosure via Developer Portal
An attacker can bypass access restrictions to data via Developer Portal of IBM API Connect, in order to obtain sensitive information...
PHP: memory corruption via env_path_info
An attacker can trigger a memory corruption via env_path_info() of PHP, in order to trigger a denial of service, and possibly to run code...
Elasticsearch: information disclosure via API Key Username Disclosure
An attacker can bypass access restrictions to data via API Key Username Disclosure of Elasticsearch, in order to obtain sensitive information...
FasterXML jackson-databind: code execution via Polymorphic Typing
An attacker can use a vulnerability via Polymorphic Typing of FasterXML jackson-databind, in order to run code...
Python urllib2: information disclosure via CRLF Injection Host Control Characters
An attacker can bypass access restrictions to data via CRLF Injection Host Control Characters of Python urllib2, in order to obtain sensitive information...
HAProxy: information disclosure via Http-reuse Always
An attacker can bypass access restrictions to data via Http-reuse Always of HAProxy, in order to obtain sensitive information...
Node.js express-fileupload: denial of service
An attacker can trigger a fatal error of Node.js express-fileupload, in order to trigger a denial of service...
Node.js hexo-admin: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js hexo-admin, in order to run JavaScript code in the context of the web site...
Avast Antivirus: executing DLL code via Protected Process Light
An attacker can create a malicious Protected Process Light DLL, and then put it in the current directory of Avast Antivirus, in order to execute code...
WebRTC.org: buffer overflow via UlpfecReceiver
An attacker can trigger a buffer overflow via UlpfecReceiver() of WebRTC.org, in order to trigger a denial of service, and possibly to run code...
file: buffer overflow via cdf_read_property_info
An attacker can trigger a buffer overflow via cdf_read_property_info() of file, in order to trigger a denial of service, and possibly to run code...
Nessus: denial of service
An attacker can trigger a fatal error of Nessus, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 971 972 973 974 975 976 977 978 979 981 983 984 985 986 987 988 989 990 991 1001 1021 1041 1061 1081 1092