The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Apple iPhone

usersctp: use after free via sctp_process_a_data_chunk
An attacker can force the usage of a freed memory area via sctp_process_a_data_chunk() of usersctp, in order to trigger a denial of service, and possibly to run code...
ADV200002, CVE-2020-15969, DLA-2411-1, DLA-2416-1, DSA-4778-1, DSA-4780-1, DSA-4824-1, FEDORA-2020-127d40f1ab, FEDORA-2020-4e8e48da22, FEDORA-2020-8aca25b5c8, FEDORA-2020-aba1d14e9e, FEDORA-2021-bdaf015218, HT212003, MFSA2020-45, MFSA2020-46, openSUSE-SU-2020:1705-1, openSUSE-SU-2020:1715-1, openSUSE-SU-2020:1731-1, openSUSE-SU-2020:1732-1, openSUSE-SU-2020:1748-1, openSUSE-SU-2020:1780-1, openSUSE-SU-2020:1785-1, openSUSE-SU-2020:1829-1, RHSA-2020:4235-01, RHSA-2020:4310-01, RHSA-2020:4311-01, RHSA-2020:4315-01, RHSA-2020:4317-01, RHSA-2020:4330-01, RHSA-2020:4909-01, RHSA-2020:4913-01, RHSA-2020:4944-01, RHSA-2020:4945-01, RHSA-2020:4947-01, RHSA-2020:4948-01, SUSE-SU-2020:14522-1, SUSE-SU-2020:3021-1, SUSE-SU-2020:3022-1, SUSE-SU-2020:3053-1, SUSE-SU-2020:3091-1, USN-4599-1, USN-4599-2, USN-4599-3, USN-4647-1, VIGILANCE-VUL-33635
libxml2: buffer overflow
An attacker can trigger a buffer overflow of libxml2, in order to trigger a denial of service, and possibly to run code...
CVE-2020-3911, HT211100, HT211102, VIGILANCE-VUL-33106
libxml2: buffer overflow
An attacker can trigger a buffer overflow of libxml2, in order to trigger a denial of service, and possibly to run code...
CVE-2020-3910, HT211100, HT211102, VIGILANCE-VUL-33105
libxml2: buffer overflow
An attacker can trigger a buffer overflow of libxml2, in order to trigger a denial of service, and possibly to run code...
CVE-2020-3909, HT211100, HT211102, VIGILANCE-VUL-33104
WebKitGTK: multiple vulnerabilities
An attacker can use several vulnerabilities of WebKitGTK...
bulletinoct2020, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, DSA-4739-1, FEDORA-2020-24b936a870, FEDORA-2020-a496a39b00, HT211288, openSUSE-SU-2020:1256-1, openSUSE-SU-2020:1275-1, RHSA-2020:4451-01, SUSE-SU-2020:2198-1, SUSE-SU-2020:2199-1, SUSE-SU-2020:2232-1, USN-4444-1, VIGILANCE-VUL-32994
WebKitGTK: multiple vulnerabilities
An attacker can use several vulnerabilities of WebKitGTK...
bulletinoct2020, CVE-2020-13753, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, DSA-4724-1, FEDORA-2020-ab074c6cdf, FEDORA-2020-d2736ee493, HT201222, HT211168, HT211169, openSUSE-SU-2020:1064-1, RHSA-2020:4451-01, SUSE-SU-2020:1990-1, SUSE-SU-2020:1992-1, SUSE-SU-2020:2069-1, USN-4422-1, USN-4648-1, VIGILANCE-VUL-32802
Apple iOS: privilege escalation
An attacker can bypass restrictions of the Apple iOS kernel, in order to make some code run with kernel privilege level...
CERTFR-2020-AVI-332, CVE-2020-9859, HT211214, HT211215, VIGILANCE-VUL-32348, VU#127371
Apple iOS: multiple vulnerabilities
An attacker can use several vulnerabilities of Apple iOS...
CERTFR-2020-AVI-063, CVE-2020-3825, CVE-2020-3828, CVE-2020-3829, CVE-2020-3831, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3840, CVE-2020-3841, CVE-2020-3842, CVE-2020-3844, CVE-2020-3853, CVE-2020-3856, CVE-2020-3857, CVE-2020-3858, CVE-2020-3859, CVE-2020-3860, CVE-2020-3869, CVE-2020-3870, CVE-2020-3872, CVE-2020-3873, CVE-2020-3874, CVE-2020-3875, CVE-2020-3878, CVE-2020-3880, HT210918, PROJ-ZERO-1954, PROJ-ZERO-1960, PROJ-ZERO-1976, PROJ-ZERO-1986, PROJ-ZERO-2004, VIGILANCE-VUL-31448
WebKitGTK, WPE WebKit: eight vulnerabilities
An attacker can use several vulnerabilities of WebKitGTK, WPE WebKit...
CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, DSA-4681-1, HT211102, openSUSE-SU-2020:0558-1, openSUSE-SU-2020:0646-1, RHSA-2020:4035-01, RHSA-2020:4451-01, SUSE-SU-2020:1198-1, SUSE-SU-2020:1211-1, USN-4347-1, VIGILANCE-VUL-32113
usrsctp: out-of-bounds memory reading via sctp_load_addresses_from_init
An attacker can force a read at an invalid address via sctp_load_addresses_from_init() of usrsctp, in order to trigger a denial of service, or to obtain sensitive information...
ADV200002, bulletinapr2020, CVE-2019-20503, DLA-2140-1, DLA-2150-1, DSA-4639-1, DSA-4642-1, DSA-4645-1, FEDORA-2020-18f712ef2d, FEDORA-2020-39e0b8bd14, FEDORA-2020-b00f3fbb69, HT201222, HT211168, MFSA-2020-08, MFSA2020-08, MFSA-2020-09, MFSA2020-09, MFSA-2020-10, MFSA2020-10, openSUSE-SU-2020:0340-1, openSUSE-SU-2020:0365-1, openSUSE-SU-2020:0366-1, openSUSE-SU-2020:0389-1, RHSA-2020:0815-01, RHSA-2020:0816-01, RHSA-2020:0819-01, RHSA-2020:0820-01, RHSA-2020:0905-01, RHSA-2020:0914-01, RHSA-2020:0918-01, RHSA-2020:0919-01, RHSA-2020:1270-01, SSA:2020-070-01, SSA:2020-073-01, SUSE-SU-2020:0686-1, SUSE-SU-2020:0717-1, SUSE-SU-2020:0721-1, SUSE-SU-2020:14312-1, USN-4299-1, USN-4328-1, USN-4335-1, VIGILANCE-VUL-31834
Our database contains other pages. You can request a free trial to read them.

Display information about Apple iPhone: