The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Unix (platform) ~ not comprehensive

weakness bulletin CVE-2019-0136

Intel PROSet/Wireless WiFi Software: denial of service

Synthesis of the vulnerability

An attacker can trigger a fatal error of Intel PROSet/Wireless WiFi Software, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 16/09/2019.
Identifiers: CERTFR-2019-AVI-419, CERTFR-2019-AVI-441, CERTFR-2019-AVI-478, CERTFR-2019-AVI-482, CVE-2019-0136, DLA-1919-1, DLA-1919-2, DLA-1930-1, INTEL-SA-00232, USN-4115-1, USN-4115-2, USN-4118-1, USN-4145-1, USN-4147-1, VIGILANCE-VUL-30330.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error of Intel PROSet/Wireless WiFi Software, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-11184

Intel Xeon: information disclosure via DDIO NetCAT

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via DDIO NetCAT of Intel Xeon, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 11/09/2019.
Identifiers: CERTFR-2019-AVI-430, CVE-2019-11184, INTEL-SA-00290, VIGILANCE-VUL-30310.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via DDIO NetCAT of Intel Xeon, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2019-13627

Libgcrypt: information disclosure via ECDSA Timing Attack

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via ECDSA Timing Attack of Libgcrypt, in order to obtain sensitive information. This vulnerability originates from VIGILANCE-VUL-30530.
Severity: 1/4.
Creation date: 30/08/2019.
Identifiers: CVE-2019-13627, DLA-1931-1, openSUSE-SU-2019:2161-1, SUSE-SU-2019:2349-1, SUSE-SU-2019:2510-1, VIGILANCE-VUL-30205.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via ECDSA Timing Attack of Libgcrypt, in order to obtain sensitive information. This vulnerability originates from VIGILANCE-VUL-30530.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2019-1125

Intel 64-bit CPU: information disclosure via SWAPGS

Synthesis of the vulnerability

A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 07/08/2019.
Identifiers: 1103505, CERTFR-2019-AVI-375, CERTFR-2019-AVI-376, CERTFR-2019-AVI-381, CERTFR-2019-AVI-390, CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-417, CERTFR-2019-AVI-418, CERTFR-2019-AVI-428, CERTFR-2019-AVI-440, CERTFR-2019-AVI-458, CERTFR-2019-AVI-467, CERTFR-2019-AVI-486, CVE-2019-1125, DLA-1884-1, DLA-1885-1, DSA-4495-1, DSA-4497-1, FEDORA-2019-6bda4c81f4, FEDORA-2019-e37c348348, K31085564, openSUSE-SU-2019:1923-1, openSUSE-SU-2019:1924-1, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2473-01, RHSA-2019:2476-01, RHSA-2019:2600-01, RHSA-2019:2609-01, RHSA-2019:2695-01, RHSA-2019:2696-01, RHSA-2019:2730-01, RHSA-2019:2899-01, RHSA-2019:2900-01, RHSA-2019:2975-01, RHSA-2019:3220-01, SB10297, SSA:2019-226-01, STORM-2019-007, SUSE-SU-2019:14157-1, SUSE-SU-2019:2068-1, SUSE-SU-2019:2069-1, SUSE-SU-2019:2070-1, SUSE-SU-2019:2071-1, SUSE-SU-2019:2072-1, SUSE-SU-2019:2073-1, SUSE-SU-2019:2262-1, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SWAPGS, Synology-SA-19:32, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4096-1, VIGILANCE-VUL-29962.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2019-3786

Pivotal Cloud Foundry BOSH Backup and Restore CLI: information disclosure via Job Metadata File

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Job Metadata File of Pivotal Cloud Foundry BOSH Backup and Restore CLI, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 19/07/2019.
Identifiers: CVE-2019-3786, VIGILANCE-VUL-29834.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Job Metadata File of Pivotal Cloud Foundry BOSH Backup and Restore CLI, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-12387

Python Twisted: information disclosure via URI CRLF

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via URI CRLF of Python Twisted, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 03/07/2019.
Identifiers: CVE-2019-12387, openSUSE-SU-2019:1760-1, openSUSE-SU-2019:1785-1, SUSE-SU-2019:1731-1, SUSE-SU-2019:2066-1, VIGILANCE-VUL-29682.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via URI CRLF of Python Twisted, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2018-12019

Enigmail: creation of fake status messages

Synthesis of the vulnerability

An attacker can create fake status messages in GnuPG, in order to deceive the victime.
Severity: 2/4.
Creation date: 14/06/2018.
Revision date: 02/05/2019.
Identifiers: CVE-2018-12019, FEDORA-2018-a4bb79ea75, FEDORA-2018-fd67c19256, openSUSE-SU-2018:1706-1, openSUSE-SU-2018:1708-1, SUSE-SU-2018:2243-1, VIGILANCE-VUL-26424.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create fake status messages in Enigmail, in order to deceive the victime.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2018-12020

GnuPG: creation of fake status messages

Synthesis of the vulnerability

An attacker can create fake status messages in GnuPG, in order to deceive the victime.
Severity: 2/4.
Creation date: 08/06/2018.
Revision date: 02/05/2019.
Identifiers: bulletinjul2018, CVE-2018-12020, DSA-4222-1, DSA-4223-1, FEDORA-2018-4ef71d3525, FEDORA-2018-69780fc4d7, FEDORA-2018-a4e13742b4, JSA10917, openSUSE-SU-2018:1706-1, openSUSE-SU-2018:1708-1, openSUSE-SU-2018:1722-1, openSUSE-SU-2018:1724-1, RHSA-2018:2180-01, RHSA-2018:2181-01, SSA:2018-159-01, SSA:2018-170-01, SUSE-SU-2018:1696-1, SUSE-SU-2018:1698-1, SUSE-SU-2018:2243-1, T4012, USN-3675-1, USN-3675-2, USN-3675-3, USN-3964-1, VIGILANCE-VUL-26364.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create fake status messages in GnuPG, in order to deceive the victime.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2019-11236

Python urllib3: information disclosure via CRLF Injection

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via CRLF Injection of Python urllib3, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 16/04/2019.
Identifiers: 1553, bulletinjul2019, CVE-2019-11236, DLA-1828-1, FEDORA-2019-20bc611b61, FEDORA-2019-fbda9f1e49, openSUSE-SU-2019:2131-1, openSUSE-SU-2019:2133-1, RHSA-2019:2272-01, RHSA-2019:3335-01, RHSA-2019:3590-01, SUSE-SU-2019:2331-1, SUSE-SU-2019:2332-1, SUSE-SU-2019:2370-1, USN-3990-1, USN-3990-2, VIGILANCE-VUL-29042.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via CRLF Injection of Python urllib3, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2019-9628

XMLTooling: denial of service via Malformed XML Declaration

Synthesis of the vulnerability

An attacker can trigger a fatal error via Malformed XML Declaration of XMLTooling, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 11/03/2019.
Identifiers: CVE-2019-9628, DLA-1710-1, DSA-4407-1, openSUSE-SU-2019:1235-1, openSUSE-SU-2019:1276-1, SUSE-SU-2019:0928-1, SUSE-SU-2019:0929-1, USN-3921-1, VIGILANCE-VUL-28709.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a fatal error via Malformed XML Declaration of XMLTooling, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.