The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MWG

Apache Tomcat: open redirect via Directory Redirect
An attacker can deceive the user via Directory Redirect of Apache Tomcat, in order to redirect him to a malicious site...
bulletinoct2018, cpuapr2019, cpujan2020, cpuoct2019, CVE-2018-11784, DLA-1544-1, DLA-1545-1, DSA-4596-1, FEDORA-2018-b18f9dd65b, FEDORA-2018-b89746cb9b, ibm10874888, NTAP-20181014-0002, openSUSE-SU-2018:3453-1, openSUSE-SU-2018:4042-1, openSUSE-SU-2019:0084-1, openSUSE-SU-2019:1547-1, openSUSE-SU-2019:1814-1, RHSA-2019:0130-01, RHSA-2019:0131-01, RHSA-2019:0485-01, RHSA-2019:1529-01, SB10257, SB10264, SUSE-SU-2018:3261-1, SUSE-SU-2018:3388-1, SUSE-SU-2018:3393-1, SUSE-SU-2018:3935-1, SUSE-SU-2018:3968-1, USN-3787-1, VIGILANCE-VUL-27396
Python: denial of service via XML Hash Collisions
An attacker can generate a fatal error via XML Hash Collisions of Python, in order to trigger a denial of service...
34623, bulletinjul2019, CVE-2018-14647, DLA-1834-1, DLA-1835-1, DLA-1835-2, DSA-4306-1, DSA-4307-1, ibm10876694, openSUSE-SU-2019:0292-1, openSUSE-SU-2020:0086-1, RHSA-2019:2030-01, RHSA-2019:3725-01, SSA:2019-062-01, SUSE-SU-2018:3156-1, SUSE-SU-2019:0482-1, SUSE-SU-2019:0482-2, SUSE-SU-2019:2053-1, SUSE-SU-2019:2053-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, USN-3817-1, USN-3817-2, VIGILANCE-VUL-27355
GnuTLS: three vulnerabilities
An attacker can use several vulnerabilities of GnuTLS...
CVE-2018-10844, CVE-2018-10845, CVE-2018-10846, DLA-1560-1, openSUSE-SU-2018:2854-1, openSUSE-SU-2018:2958-1, RHSA-2018:3050-01, SB10267, SUSE-SU-2018:2825-1, SUSE-SU-2018:2842-1, SUSE-SU-2018:2930-1, USN-3999-1, VIGILANCE-VUL-27305
xkbcommon: multiple vulnerabilities
An attacker can use several vulnerabilities of xkbcommon...
CVE-2018-15853, CVE-2018-15854, CVE-2018-15855, CVE-2018-15856, CVE-2018-15857, CVE-2018-15858, CVE-2018-15859, CVE-2018-15860, CVE-2018-15861, CVE-2018-15862, CVE-2018-15863, CVE-2018-15864, FEDORA-2018-11ed8d95e2, FEDORA-2018-4295467df0, openSUSE-SU-2018:3802-1, RHSA-2019:2079-01, SUSE-SU-2018:3685-1, USN-3786-1, USN-3786-2, VIGILANCE-VUL-27107
libX11: three vulnerabilities
An attacker can use several vulnerabilities of libX11...
bulletinoct2018, CERTFR-2018-AVI-490, CVE-2018-14598, CVE-2018-14599, CVE-2018-14600, DLA-1482-1, DSA-2019-131, DSA-2019-197, FEDORA-2019-6a756fe3a5, openSUSE-SU-2018:2567-1, openSUSE-SU-2018:3012-1, RHSA-2019:2079-01, SSA:2018-233-01, SUSE-SU-2018:2934-1, SUSE-SU-2018:2955-1, SUSE-SU-2018:3102-1, USN-3758-1, USN-3758-2, VIGILANCE-VUL-27057
NTP.org: buffer overflow via Command Line openhost
An attacker can generate a buffer overflow via Command Line openhost() of NTP.org, in order to trigger a denial of service, and possibly to run code...
CERTFR-2019-AVI-325, CVE-2018-12327, DSA-2020-030, FEDORA-2018-7051d682fa, FEDORA-2018-e585e25b72, JSA10951, openSUSE-SU-2018:3438-1, openSUSE-SU-2018:3452-1, RHSA-2018:3853-01, RHSA-2018:3854-01, RHSA-2019:2077-01, SB10264, SSA:2018-229-01, SUSE-SU-2018:3342-1, SUSE-SU-2018:3351-1, SUSE-SU-2018:3352-1, SUSE-SU-2018:3356-1, SUSE-SU-2018:3386-1, VIGILANCE-VUL-27033
OpenSSH: information disclosure via Username Enumeration
An attacker can bypass access restrictions to data via Username Enumeration of OpenSSH, in order to obtain sensitive information...
1170352, bulletinjan2019, CERTFR-2018-AVI-410, CVE-2018-15473, DLA-1474-1, DSA-2019-131, DSA-4280-1, FEDORA-2018-065a7722ee, FEDORA-2018-f56ded11c4, NTAP-20181101-0001, openSUSE-SU-2018:3801-1, openSUSE-SU-2018:3946-1, RHSA-2019:0711-01, RHSA-2019:2143-01, SB10267, SSB-439005, SUSE-SU-2018:3540-1, SUSE-SU-2018:3686-1, SUSE-SU-2018:3768-1, SUSE-SU-2018:3776-1, SUSE-SU-2018:3781-1, SUSE-SU-2018:3910-1, SYMSA1469, USN-3809-1, VIGILANCE-VUL-27016
Linux kernel: denial of service via SegmentSmack
An attacker can generate a fatal error via tcp_prune_ofo_queue() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2018-AVI-374, CERTFR-2018-AVI-375, CERTFR-2018-AVI-386, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-420, CERTFR-2018-AVI-428, CERTFR-2018-AVI-457, CERTFR-2018-AVI-584, CERTFR-2019-AVI-346, CERTFR-2019-AVI-354, cisco-sa-20180824-linux-tcp, cpujan2019, CVE-2018-5390, DLA-1466-1, DSA-4266-1, ibm10742755, JSA10876, JSA10917, K95343321, openSUSE-SU-2018:2242-1, openSUSE-SU-2018:2404-1, RHSA-2018:2384-01, RHSA-2018:2395-01, RHSA-2018:2645-01, RHSA-2018:2776-01, RHSA-2018:2785-01, RHSA-2018:2789-01, RHSA-2018:2790-01, RHSA-2018:2791-01, RHSA-2018:2924-01, RHSA-2018:2933-01, RHSA-2018:2948-01, SB10249, SegmentSmack, sk134253, SSB-439005, SUSE-SU-2018:2223-1, SUSE-SU-2018:2328-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2596-1, SUSE-SU-2019:14127-1, SUSE-SU-2019:1870-1, SYMSA1467, USN-3732-1, USN-3732-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3763-1, VIGILANCE-VUL-26913, VU#962459
Poppler: out-of-bounds memory reading via pdfunite
An attacker can force a read at an invalid address via pdfunite() of Poppler, in order to trigger a denial of service, or to obtain sensitive information...
bulletinjan2019, CVE-2018-13988, DLA-1562-1, DLA-1562-2, DLA-1562-3, FEDORA-2018-c8c7d35b83, RHSA-2018:3140-01, USN-3757-1, VIGILANCE-VUL-26882
libcgroup1: information disclosure via /var/log/cgred
An attacker can bypass access restrictions to data via /var/log/cgred of libcgroup1, in order to obtain sensitive information...
CVE-2018-14348, DLA-1472-1, DSA-2020-030, openSUSE-SU-2018:2241-1, RHSA-2019:2047-01, SUSE-SU-2018:2142-1, SUSE-SU-2018:2143-1, SUSE-SU-2018:2468-1, VIGILANCE-VUL-26878
Our database contains other pages. You can request a free trial to read them.

Display information about MWG: