The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
TightVNC: buffer overflow via InitialiseRFBConnection
An attacker can trigger a buffer overflow via InitialiseRFBConnection() of TightVNC, in order to trigger a denial of service, and possibly to run code...
TightVNC: buffer overflow via HandleCoRREBBPmay
An attacker can trigger a buffer overflow via HandleCoRREBBPmay() of TightVNC, in order to trigger a denial of service, and possibly to run code...
Python Pillow: denial of service via Image Files
An attacker can trigger a fatal error via Image Files of Python Pillow, in order to trigger a denial of service...
Jhead: out-of-bounds memory reading via ReadJpegSections
An attacker can force a read at an invalid address via ReadJpegSections() of Jhead, in order to trigger a denial of service, or to obtain sensitive information...
FreeRADIUS: information disclosure via EAP-PWD 10 Iterations
An attacker can bypass access restrictions to data via EAP-PWD 10 Iterations of FreeRADIUS, in order to obtain sensitive information...
tnef: privilege escalation via Winmail.dat SSH Authorized Keys
An attacker can bypass restrictions via Winmail.dat SSH Authorized Keys of tnef, in order to escalate his privileges...
grub2: denial of service via grub2-set-bootflag
An attacker can trigger a fatal error via grub2-set-bootflag of grub2, in order to trigger a denial of service...
Centreon Web: two vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
Linux kernel: use after free via ext4_xattr_set_entry
An attacker can force the usage of a freed memory area via ext4_xattr_set_entry() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via rwsem_down_write_slowpath
An attacker can force the usage of a freed memory area via rwsem_down_write_slowpath() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
FortiOS: denial of service via SSL VPN Portal POST Request
An attacker can trigger a fatal error via SSL VPN Portal POST Request of FortiOS, in order to trigger a denial of service...
Linux kernel: information disclosure via Powerpc Spectre-RSB
An attacker can bypass access restrictions to data via Powerpc Spectre-RSB of the Linux kernel, in order to obtain sensitive information...
Intel SMM/TXT: multiple vulnerabilities
An attacker can use several vulnerabilities of Intel SMM/TXT...
Intel Firmware: two vulnerabilities
An attacker can use several vulnerabilities of Intel Firmware...
HPE ProLiant: information disclosure via ST TPM ECDSA Signature Generation
An attacker can bypass access restrictions to data via ST TPM ECDSA Signature Generation of HPE ProLiant, in order to obtain sensitive information...
Intel CSME/AMT/DAL/SPS/TXE: multiple vulnerabilities
An attacker can use several vulnerabilities of Intel CSME...
mod_auth_mellon: open redirect via Login ReturnTo
An attacker can deceive the user via Login ReturnTo of mod_auth_mellon, in order to redirect him to a malicious site...
Node.js iobroker.admin: directory traversal
An attacker can traverse directories of Node.js iobroker.admin, in order to create a file outside the service root path...
Node.js iobroker.web: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js iobroker.web, in order to run JavaScript code in the context of the web site...
ProFTPD: NULL pointer dereference via sk_X509_REVOKED_value tls_verify_crl
An attacker can force a NULL pointer to be dereferenced via sk_X509_REVOKED_value() tls_verify_crl() of ProFTPD, in order to trigger a denial of service...
ProFTPD: privilege escalation via Ignored CRL Entry tls_verify_crl
An attacker can bypass restrictions via Ignored CRL Entry tls_verify_crl() of ProFTPD, in order to escalate his privileges...
ProFTPD: privilege escalation via CRL Entry Revoked Certificates tls_verify_crl
An attacker can bypass restrictions via CRL Entry Revoked Certificates tls_verify_crl() of ProFTPD, in order to escalate his privileges...
ProFTPD: NULL pointer dereference via Client Certificate tls_verify_crl
An attacker can force a NULL pointer to be dereferenced via Client Certificate tls_verify_crl() of ProFTPD, in order to trigger a denial of service...
Centreon: Cross Site Scripting via My Account
An attacker can trigger a Cross Site Scripting via My Account of Centreon, in order to run JavaScript code in the context of the web site...
NetBSD: information disclosure via Kern.arandom Sysctl Forward Secrecy
An attacker can bypass access restrictions to data via Kern.arandom Sysctl Forward Secrecy of NetBSD, in order to obtain sensitive information...
FreeImage: denial of service via TIFFReadDirectory
An attacker can trigger a fatal error via TIFFReadDirectory() of FreeImage, in order to trigger a denial of service...
FreeImage: buffer overflow via PluginTIFF.cpp
An attacker can trigger a buffer overflow via PluginTIFF.cpp of FreeImage, in order to trigger a denial of service, and possibly to run code...
F5 BIG-IP: denial of service via Age Header Value
An attacker can trigger a fatal error via Age Header Value of F5 BIG-IP, in order to trigger a denial of service...
F5 BIG-IP: infinite loop via TMM FIX Profile
An attacker can trigger an infinite loop via TMM FIX Profile of F5 BIG-IP, in order to trigger a denial of service...
F5 BIG-IP: denial of service via HTTP/2 Full Proxy Mode
An attacker can trigger a fatal error via HTTP/2 Full Proxy Mode of F5 BIG-IP, in order to trigger a denial of service...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 982 983 984 985 986 987 988 989 991 993 994 995 996 997 998 999 1000 1001 1021 1041 1049