The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:
Keycloak: information disclosure via Hardcoded Dummy Domain
An attacker can bypass access restrictions to data via Hardcoded Dummy Domain of Keycloak, in order to obtain sensitive information...
Node.js panellum: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js panellum, in order to run JavaScript code in the context of the web site...
Linux kernel: NULL pointer dereference via relay_open
An attacker can force a NULL pointer to be dereferenced via relay_open() of the Linux kernel, in order to trigger a denial of service...
Linux kernel: buffer overflow via index_rbio_pages
An attacker can trigger a buffer overflow via index_rbio_pages() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via btrfs_queue_work
An attacker can force the usage of a freed memory area via btrfs_queue_work() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
GNOME Dia: infinite loop via Filename Encoding
An attacker can trigger an infinite loop via Filename Encoding of GNOME Dia, in order to trigger a denial of service...
MuleSoft Mule Runtime 3.x: code execution
An attacker can use a vulnerability of MuleSoft Mule Runtime 3.x, in order to run code...
TightVNC: buffer overflow via rfbServerCutText
An attacker can trigger a buffer overflow via rfbServerCutText() of TightVNC, in order to trigger a denial of service, and possibly to run code...
TightVNC: NULL pointer dereference via HandleZlibBPP
An attacker can force a NULL pointer to be dereferenced via HandleZlibBPP() of TightVNC, in order to trigger a denial of service...
TightVNC: buffer overflow via InitialiseRFBConnection
An attacker can trigger a buffer overflow via InitialiseRFBConnection() of TightVNC, in order to trigger a denial of service, and possibly to run code...
TightVNC: buffer overflow via HandleCoRREBBPmay
An attacker can trigger a buffer overflow via HandleCoRREBBPmay() of TightVNC, in order to trigger a denial of service, and possibly to run code...
Python Pillow: denial of service via Image Files
An attacker can trigger a fatal error via Image Files of Python Pillow, in order to trigger a denial of service...
Jhead: out-of-bounds memory reading via ReadJpegSections
An attacker can force a read at an invalid address via ReadJpegSections() of Jhead, in order to trigger a denial of service, or to obtain sensitive information...
FreeRADIUS: information disclosure via EAP-PWD 10 Iterations
An attacker can bypass access restrictions to data via EAP-PWD 10 Iterations of FreeRADIUS, in order to obtain sensitive information...
tnef: privilege escalation via Winmail.dat SSH Authorized Keys
An attacker can bypass restrictions via Winmail.dat SSH Authorized Keys of tnef, in order to escalate his privileges...
grub2: denial of service via grub2-set-bootflag
An attacker can trigger a fatal error via grub2-set-bootflag of grub2, in order to trigger a denial of service...
Centreon Web: two vulnerabilities
An attacker can use several vulnerabilities of Centreon Web...
Linux kernel: use after free via ext4_xattr_set_entry
An attacker can force the usage of a freed memory area via ext4_xattr_set_entry() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
Linux kernel: use after free via rwsem_down_write_slowpath
An attacker can force the usage of a freed memory area via rwsem_down_write_slowpath() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
FortiOS: denial of service via SSL VPN Portal POST Request
An attacker can trigger a fatal error via SSL VPN Portal POST Request of FortiOS, in order to trigger a denial of service...
Linux kernel: information disclosure via Powerpc Spectre-RSB
An attacker can bypass access restrictions to data via Powerpc Spectre-RSB of the Linux kernel, in order to obtain sensitive information...
Intel SMM/TXT: multiple vulnerabilities
An attacker can use several vulnerabilities of Intel SMM/TXT...
Intel Firmware: two vulnerabilities
An attacker can use several vulnerabilities of Intel Firmware...
HPE ProLiant: information disclosure via ST TPM ECDSA Signature Generation
An attacker can bypass access restrictions to data via ST TPM ECDSA Signature Generation of HPE ProLiant, in order to obtain sensitive information...
Intel CSME/AMT/DAL/SPS/TXE: multiple vulnerabilities
An attacker can use several vulnerabilities of Intel CSME...
mod_auth_mellon: open redirect via Login ReturnTo
An attacker can deceive the user via Login ReturnTo of mod_auth_mellon, in order to redirect him to a malicious site...
Node.js iobroker.admin: directory traversal
An attacker can traverse directories of Node.js iobroker.admin, in order to create a file outside the service root path...
Node.js iobroker.web: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js iobroker.web, in order to run JavaScript code in the context of the web site...
ProFTPD: NULL pointer dereference via sk_X509_REVOKED_value tls_verify_crl
An attacker can force a NULL pointer to be dereferenced via sk_X509_REVOKED_value() tls_verify_crl() of ProFTPD, in order to trigger a denial of service...
ProFTPD: privilege escalation via Ignored CRL Entry tls_verify_crl
An attacker can bypass restrictions via Ignored CRL Entry tls_verify_crl() of ProFTPD, in order to escalate his privileges...

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 982 983 984 985 986 987 988 989 990 992 994 995 996 997 998 999 1000 1001 1002 1005