The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Apple iPhone

computer weakness announce CVE-2019-8779

Apple iOS: privilege escalation via extensions

Synthesis of the vulnerability

An attacker can bypass restrictions via extensions of Apple iOS, in order to escalate his privileges.
Severity: 1/4.
Creation date: 30/09/2019.
Identifiers: CERTFR-2019-AVI-473, CVE-2019-8779, HT210613, HT210624, VIGILANCE-VUL-30466.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via extensions of Apple iOS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security threat CVE-2019-9506

Bluetooth BR/EDR: information disclosure via Key Negotiation

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Key Negotiation of Bluetooth BR/EDR, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 14/08/2019.
Identifiers: CERTFR-2019-AVI-419, CERTFR-2019-AVI-441, CERTFR-2019-AVI-482, CERTFR-2019-AVI-486, CERTFR-2019-AVI-502, CERTFR-2019-AVI-503, CERTFR-2019-AVI-513, CERTFR-2019-AVI-519, CERTFR-2019-AVI-522, CERTFR-2019-AVI-528, CERTFR-2019-AVI-561, cisco-sa-20190813-bluetooth, CVE-2019-9506, DLA-1919-1, DLA-1919-2, DLA-1930-1, HT210346, HT210348, openSUSE-SU-2019:2307-1, openSUSE-SU-2019:2308-1, RHSA-2019:2975-01, RHSA-2019:3055-01, RHSA-2019:3076-01, RHSA-2019:3089-01, RHSA-2019:3165-01, RHSA-2019:3187-01, RHSA-2019:3217-01, RHSA-2019:3218-01, RHSA-2019:3220-01, RHSA-2019:3231-01, RHSA-2019:3309-01, RHSA-2019:3517-01, SUSE-SU-2019:2648-1, SUSE-SU-2019:2651-1, SUSE-SU-2019:2658-1, SUSE-SU-2019:2706-1, SUSE-SU-2019:2710-1, SUSE-SU-2019:2879-1, SUSE-SU-2019:2949-1, SUSE-SU-2019:2950-1, SUSE-SU-2019:2984-1, Synology-SA-19:33, USN-4115-1, USN-4115-2, USN-4118-1, USN-4147-1, VIGILANCE-VUL-30041.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Key Negotiation of Bluetooth BR/EDR, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2019-13118

libxslt: out-of-bounds memory reading via xsltNumberFormatDecimal

Synthesis of the vulnerability

An attacker can force a read at an invalid address via xsltNumberFormatDecimal() of libxslt, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 18/07/2019.
Identifiers: bulletinjul2019, CVE-2019-13118, DLA-1860-1, HT210346, HT210348, SUSE-SU-2019:1867-1, USN-4164-1, VIGILANCE-VUL-29809.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via xsltNumberFormatDecimal() of libxslt, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

weakness note CVE-2019-8595 CVE-2019-8607 CVE-2019-8615

WebKit2: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WebKit2.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 20/05/2019.
Identifiers: CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, FEDORA-2019-f18fb0f37d, HT210118, HT210119, openSUSE-SU-2019:2207-1, openSUSE-SU-2019:2208-1, SUSE-SU-2019:2345-1, SUSE-SU-2019:2345-2, SUSE-SU-2019:2428-1, USN-3992-1, VIGILANCE-VUL-29357.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of WebKit2.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2018-16860

Samba: Man-in-the-Middle

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle on Samba, in order to read or write data in the session.
Severity: 2/4.
Creation date: 14/05/2019.
Identifiers: CERTFR-2019-AVI-206, CVE-2018-16860, DLA-1788-1, DSA-4443-1, DSA-4455-1, FEDORA-2019-208cc34d40, FEDORA-2019-307e117a2e, HT210346, HT210348, openSUSE-SU-2019:1682-1, openSUSE-SU-2019:1688-1, openSUSE-SU-2019:1888-1, Synology-SA-19:23, USN-3976-1, USN-3976-2, USN-3976-3, USN-3976-4, VIGILANCE-VUL-29289.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can act as a Man-in-the-Middle on Samba, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2019-6223 CVE-2019-7286 CVE-2019-7287

Apple iOS: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apple iOS.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 08/02/2019.
Revision date: 07/05/2019.
Identifiers: CERTFR-2019-AVI-048, CVE-2019-6223, CVE-2019-7286, CVE-2019-7287, CVE-2019-7288, HT209520, VIGILANCE-VUL-28466.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of Apple iOS.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert CVE-2019-8506 CVE-2019-8518 CVE-2019-8523

WebKitGTK: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WebKitGTK.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 11.
Creation date: 17/04/2019.
Identifiers: 1753, CVE-2019-8506, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, HT209599, HT209600, openSUSE-SU-2019:1374-1, openSUSE-SU-2019:1391-1, SUSE-SU-2019:1137-1, SUSE-SU-2019:1155-1, USN-3948-1, VIGILANCE-VUL-29056.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of WebKitGTK.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2018-5383

Bluetooth Firmware: information disclosure via Weak Elliptic Curve Parameters

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Weak Elliptic Curve Parameters of Bluetooth Firmware, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 19/02/2019.
Identifiers: CERTFR-2019-AVI-188, CERTFR-2019-AVI-391, CERTFR-2019-AVI-419, CVE-2018-5383, DLA-1747-1, HT208848, HT208849, HT208937, HT209139, openSUSE-SU-2019:0275-1, RHSA-2019:2169-01, SUSE-SU-2019:0422-1, SUSE-SU-2019:0427-1, SUSE-SU-2019:0427-2, SUSE-SU-2019:0466-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4118-1, VIGILANCE-VUL-28536.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Weak Elliptic Curve Parameters of Bluetooth Firmware, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-6212 CVE-2019-6215 CVE-2019-6216

WebKitGTK+: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WebKitGTK+.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 9.
Creation date: 13/02/2019.
Identifiers: bulletinapr2019, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, HT209443, openSUSE-SU-2019:0308-1, openSUSE-SU-2019:0309-1, SUSE-SU-2019:0497-1, SUSE-SU-2019:0511-1, USN-3889-1, VIGILANCE-VUL-28505.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of WebKitGTK+.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2018-4416 CVE-2018-4438 CVE-2018-4441

WebKitGTK+: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WebKitGTK+.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 23/01/2019.
Identifiers: bulletinjan2019, CVE-2018-4416, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464, HT209340, openSUSE-SU-2019:0081-1, openSUSE-SU-2019:0108-1, openSUSE-SU-2019:0308-1, SUSE-SU-2019:0146-1, SUSE-SU-2019:0497-1, VIGILANCE-VUL-28338.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of WebKitGTK+.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Apple iPhone: