The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SNS

OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle
An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information...
1170328, bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-2019-201, DSA-2020-062, DSA-2020-072, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, JSA10993, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, PAN-SA-2019-0039, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600
Stormshield Network Security: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Stormshield Network Security, in order to run JavaScript code in the context of the web site...
CVE-2018-20850, STORM-2018-006, VIGILANCE-VUL-28462
libcurl: buffer overflow via NTLM Type-3
An attacker can trigger a buffer overflow via NTLM Type-3 of libcurl, in order to trigger a denial of service, and possibly to run code...
bulletinjan2019, bulletinoct2019, cpuapr2019, cpujul2019, CVE-2019-3822, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, RHSA-2019:3701-01, SSA:2019-037-01, STORM-2019-002, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28444
libcurl: out-of-bounds memory reading via NTLM Type-2
An attacker can force a read at an invalid address via NTLM Type-2 of libcurl, in order to trigger a denial of service, or to obtain sensitive information...
bulletinjan2019, cpuapr2019, cpujul2019, CVE-2018-16890, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, K03314397, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, RHSA-2019:3701-01, SSA:2019-037-01, STORM-2019-002, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28443
libcurl: out-of-bounds memory reading via Warning Message
An attacker can force a read at an invalid address via Warning Message of libcurl, in order to trigger a denial of service, or to obtain sensitive information...
bulletinoct2018, CVE-2018-16842, DLA-1568-1, DSA-2019-114, DSA-2020-030, DSA-4331-1, FEDORA-2018-298a3d2923, FEDORA-2018-69bac0f51c, FEDORA-2018-7785911c9e, FEDORA-2018-fdc4ca8675, openSUSE-SU-2018:3699-1, openSUSE-SU-2018:3706-1, RHSA-2019:2181-01, SSA:2018-304-01, STORM-2019-002, SUSE-SU-2018:3624-1, SUSE-SU-2018:3681-1, SUSE-SU-2019:0339-1, USN-3805-1, USN-3805-2, VIGILANCE-VUL-27650
libcurl: buffer overflow via Curl_auth_create_plain_message
An attacker can generate a buffer overflow via Curl_auth_create_plain_message() of libcurl, in order to trigger a denial of service, and possibly to run code...
bulletinoct2018, CVE-2018-16839, DLA-1568-1, DSA-4331-1, FEDORA-2018-298a3d2923, FEDORA-2018-69bac0f51c, FEDORA-2018-7785911c9e, FEDORA-2018-fdc4ca8675, openSUSE-SU-2018:3706-1, SSA:2018-304-01, STORM-2019-002, SUSE-SU-2018:3624-1, SUSE-SU-2019:0339-1, SUSE-SU-2019:0996-1, USN-3805-1, VIGILANCE-VUL-27648
Intel processors: information disclosure via Foreshadow L1TF Virtualization
An attacker can bypass access restrictions to data via L1TF Virtualization on Intel processors, in order to obtain sensitive information...
525211, 528031, ADV180018, CERTFR-2018-AVI-385, CERTFR-2018-AVI-386, CERTFR-2018-AVI-387, CERTFR-2018-AVI-388, CERTFR-2018-AVI-390, CERTFR-2018-AVI-391, CERTFR-2018-AVI-392, CERTFR-2018-AVI-416, CERTFR-2018-AVI-419, CERTFR-2018-AVI-426, CERTFR-2018-AVI-557, CERTFR-2018-AVI-584, CERTFR-2019-AVI-169, CERTFR-2019-AVI-242, CERTFR-2019-AVI-489, cisco-sa-20180814-cpusidechannel, cpuapr2019, cpujan2019, CTX236548, CVE-2018-3646, DLA-1481-1, DLA-1506-1, DSA-2018-170, DSA-2018-217, DSA-2019-030, DSA-4274-1, DSA-4279-1, DSA-4279-2, FEDORA-2018-1c80fea1cd, FEDORA-2018-f8cba144ae, FG-IR-18-002, Foreshadow, FreeBSD-SA-18:09.l1tf, HPESBHF03874, HT209139, HT209193, ibm10742755, INTEL-SA-00161, JSA10937, K31300402, openSUSE-SU-2018:2399-1, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2018:2434-1, openSUSE-SU-2018:2436-1, openSUSE-SU-2018:4304-1, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2388-01, RHSA-2018:2389-01, RHSA-2018:2390-01, RHSA-2018:2391-01, RHSA-2018:2392-01, RHSA-2018:2393-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2602-01, RHSA-2018:2603-01, SSA-254686, SSA-608355, STORM-2018-005, SUSE-SU-2018:2328-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2332-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2362-1, SUSE-SU-2018:2366-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2384-1, SUSE-SU-2018:2394-1, SUSE-SU-2018:2401-1, SUSE-SU-2018:2409-1, SUSE-SU-2018:2410-1, SUSE-SU-2018:2480-1, SUSE-SU-2018:2482-1, SUSE-SU-2018:2483-1, SUSE-SU-2018:2528-1, SUSE-SU-2018:2596-1, SUSE-SU-2018:2637-1, SUSE-SU-2018:3490-1, SUSE-SU-2018:4300-1, Synology-SA-18:45, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3756-1, USN-3823-1, VIGILANCE-VUL-26999, VMSA-2018-0020, VU#982149, XSA-273, XSA-289
Intel processors: information disclosure via Foreshadow L1TF OS/SMM
An attacker can bypass access restrictions to data via L1TF OS/SMM on Intel processors, in order to obtain sensitive information...
525211, 528031, ADV180018, CERTFR-2018-AVI-385, CERTFR-2018-AVI-386, CERTFR-2018-AVI-387, CERTFR-2018-AVI-388, CERTFR-2018-AVI-390, CERTFR-2018-AVI-391, CERTFR-2018-AVI-392, CERTFR-2018-AVI-416, CERTFR-2018-AVI-419, CERTFR-2018-AVI-426, CERTFR-2018-AVI-557, CERTFR-2018-AVI-584, CERTFR-2019-AVI-169, CERTFR-2019-AVI-242, CERTFR-2019-AVI-489, cisco-sa-20180814-cpusidechannel, cpuapr2019, CTX236548, CVE-2018-3620, DLA-1481-1, DLA-1506-1, DLA-1529-1, DSA-2018-170, DSA-2018-217, DSA-2019-030, DSA-4274-1, DSA-4279-1, DSA-4279-2, FEDORA-2018-1c80fea1cd, FEDORA-2018-f8cba144ae, FG-IR-18-002, Foreshadow, FreeBSD-SA-18:09.l1tf, HPESBHF03874, ibm10742755, INTEL-SA-00161, JSA10917, JSA10937, K95275140, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, RHSA-2018:2384-01, RHSA-2018:2387-01, RHSA-2018:2388-01, RHSA-2018:2389-01, RHSA-2018:2390-01, RHSA-2018:2391-01, RHSA-2018:2392-01, RHSA-2018:2393-01, RHSA-2018:2394-01, RHSA-2018:2395-01, RHSA-2018:2396-01, RHSA-2018:2602-01, RHSA-2018:2603-01, SSA:2018-240-01, SSA-254686, SSA-608355, STORM-2018-005, SUSE-SU-2018:2328-1, SUSE-SU-2018:2332-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2362-1, SUSE-SU-2018:2366-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2384-1, SUSE-SU-2018:2596-1, SUSE-SU-2018:2637-1, Synology-SA-18:45, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3823-1, VIGILANCE-VUL-26998, VMSA-2018-0021, VU#982149, XSA-273, XSA-289
Intel processors: information disclosure via Foreshadow L1TF SGX
An attacker can bypass access restrictions to data via L1TF SGX on Intel processeurs, in order to obtain sensitive information...
528031, ADV180018, CERTFR-2018-AVI-387, CERTFR-2019-AVI-489, cisco-sa-20180814-cpusidechannel, CVE-2018-3615, DLA-1506-1, DSA-2018-217, DSA-2019-030, FEDORA-2020-0ab860bb95, FEDORA-2020-e7f95c4df0, FG-IR-18-002, Foreshadow, HPESBHF03874, INTEL-SA-00161, SSA:2018-240-01, SSA-254686, SSA-608355, STORM-2018-005, Synology-SA-18:45, VIGILANCE-VUL-26997, VU#982149
curl: buffer overflow via FTP Shutdown Response
An attacker can generate a buffer overflow via FTP Shutdown Response of curl, in order to trigger a denial of service, and possibly to run code...
cpujan2019, cpuoct2018, CVE-2018-1000300, FEDORA-2018-9dc7338487, FEDORA-2018-fa01002d7e, openSUSE-SU-2018:1624-1, SSA:2018-136-01, STORM-2019-002, USN-3648-1, VIGILANCE-VUL-26142
Our database contains other pages. You can request a free trial to read them.

Display information about SNS: