[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:1100524
The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link.

oval:org.secpod.oval:def:89043855
This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - ...

oval:org.secpod.oval:def:89043867
This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - ...

oval:org.secpod.oval:def:1504440
[15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ...

oval:org.secpod.oval:def:89043524
This update for xen fixes several issues. These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass , Variant 4 . - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 m ...

oval:org.secpod.oval:def:1504737
[15:3.0.0-1.el7] - net: ignore packet size greater than INT_MAX [Orabug: 28763782] {CVE-2018-17963} - pcnet: fix possible buffer overflow [Orabug: 28763774] {CVE-2018-17962} - rtl8139: fix possible out of bound access [Orabug: 28763765] {CVE-2018-17958} - ne2000: fix possible out of bound access ...

oval:org.secpod.oval:def:60360
The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64. For more information please visit vendor advisory link.

oval:org.secpod.oval:def:60359
The remote host is missing a patch containing a security fix, which affects the following packages: bos.mp64 and bos.mp. For more information please visit vendor advisory link.

oval:org.secpod.oval:def:89002298
This update for webkit2gtk3 fixes the following issues: Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of quot;highquot; resolution time to 1ms. + bsc#1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown . Update ...

oval:org.secpod.oval:def:52011
linux-hwe: Linux hardware enablement kernel Details:This update provides the corresponding updates for the Linux Hardware Enablement kernel for Linux Mint 18.x LTS. USNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures for Linux Mint 1 ...

oval:org.secpod.oval:def:51533
It was discovered that a new class of side channel attacks impact most processors, including processors from Intel, AMD, and ARM. The attack allows malicious userspace processes to read kernel memory and malicious code in guests to read hypervisor memory. To address the issue, updates to the Linux M ...

oval:org.secpod.oval:def:89043690
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka Spectre and Meltdown attacks - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS or p ...

oval:org.secpod.oval:def:51976
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-euclid: Linux kernel for Intel Euclid systems Details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. T ...

oval:org.secpod.oval:def:51977
linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Details: This update provides the corresponding updates for the Linux Hardware Enableme ...

oval:org.secpod.oval:def:704010
linux-hwe: Linux hardware enablement kernel Details: USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. USNS 3541-2 and 3523-2 provided mitigations fo ...

oval:org.secpod.oval:def:704011
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 Details: USNS 3541-1 and 3523-1 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures in Ubuntu 17.10. This update provides the corresponding mitigations for the arm64 architecture. Original a ...

oval:org.secpod.oval:def:52911
linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: USN-3540-1 addressed vulnerabilities in the Linux kernel for Linux Mint 18.x LTS. This update provides the corresponding updates for the Linux Hardware Enable ...

oval:org.secpod.oval:def:1502094
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502095
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:89043590
This update for xen fixes several issues. This new feature was included: - add script and sysv service to watch for vcpu online/offline events in a HVM domU These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative exec ...

oval:org.secpod.oval:def:2100114
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

oval:org.secpod.oval:def:89002259
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753 / quot;Spec#197;#167;reAttackquot;: Local attac ...

oval:org.secpod.oval:def:89002248
This update for xen fixes the following issues: Update to Xen 4.7.5 bug fix only release Security issues fixed: - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing - CVE-2018-7541: A grant table v2 -gt; v1 transition may crash Xen - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 F ...

oval:org.secpod.oval:def:89002227
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753: Local attackers on systems with modern CPUs fe ...

oval:org.secpod.oval:def:703963
linux: Linux kernel Details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel m ...

oval:org.secpod.oval:def:703962
linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablemen ...

oval:org.secpod.oval:def:703959
linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Details: USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. Thi ...

oval:org.secpod.oval:def:703958
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-euclid: Linux kernel for Intel Euclid systems Details: Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. T ...

oval:org.secpod.oval:def:43415
It was discovered that a new class of side channel attacks impact most processors, including processors from Intel, AMD, and ARM. The attack allows malicious userspace processes to read kernel memory and malicious code in guests to read hypervisor memory. To address the issue, updates to the Ubuntu ...

oval:org.secpod.oval:def:703933
firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information.

oval:org.secpod.oval:def:43422
The host is missing a critical security update 4056568

oval:org.secpod.oval:def:43429
The host is missing a critical security update 4056888

oval:org.secpod.oval:def:43428
The host is missing an important security update 4056897

oval:org.secpod.oval:def:43426
The host is missing a critical security update 4056891

oval:org.secpod.oval:def:43432
The host is missing an important security update 4056898

oval:org.secpod.oval:def:1800826
CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, XSA-254: Information leak via side effects of speculative execution Reference:¶

oval:org.secpod.oval:def:89043925
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / Spectre Attack : IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE- ...

oval:org.secpod.oval:def:1502120
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502126
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502127
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:89043778
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka Spectre and Meltdown attacks - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS or p ...

oval:org.secpod.oval:def:51963
firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information.

oval:org.secpod.oval:def:1800270
CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages Reference CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check Reference CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling Reference CVE-2017-17565, XSA-251: improper bug check ...

oval:org.secpod.oval:def:89043499
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / Spectre Attack : IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE- ...

oval:org.secpod.oval:def:89002312
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753 / quot;SpectreAttackquot;: Local attackers on s ...

oval:org.secpod.oval:def:1800236
CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages Reference: CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check Reference: CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling Reference: CVE-2017-17565, XSA-251: improper bug che ...

oval:org.secpod.oval:def:53259
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controllin ...

oval:org.secpod.oval:def:1800444
CVE-2017-17566, XSA-248: x86 PV guests may gain access to internally used pages Reference: CVE-2017-17563, XSA-249: broken x86 shadow mode refcount overflow check Reference: CVE-2017-17564, XSA-250: improper x86 shadow mode refcount error handling Reference: CVE-2017-17565, XSA-251: improper bug che ...

oval:org.secpod.oval:def:603232
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read m ...

oval:org.secpod.oval:def:204791
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * kernel: Buffer overflow in firewire driver via crafted incoming packets * kernel: Use-after-free vulnerability in DCCP socket * Kernel: ...

oval:org.secpod.oval:def:204798
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ...

oval:org.secpod.oval:def:1700002
An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously incorp ...

oval:org.secpod.oval:def:52908
linux: Linux kernel Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:52907
linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:1600829
An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously incorp ...

oval:org.secpod.oval:def:52916
linux: Linux kernel Details: It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. It wa ...

oval:org.secpod.oval:def:43398
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ...

oval:org.secpod.oval:def:703996
linux: Linux kernel Details: It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. It wa ...

oval:org.secpod.oval:def:43639
The host is installed with Apple Mac OS 10.13.1 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory.

oval:org.secpod.oval:def:703941
linux: Linux kernel Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:703945
linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:703939
linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:703938
linux: Linux kernel Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:703937
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:53223
Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Meltdown and is add ...

oval:org.secpod.oval:def:43628
The host is installed with Apple Mac OS X 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle systems with microprocessors utilizing speculative execution and indirect branch prediction. Successful exploit ...

oval:org.secpod.oval:def:1502102
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502103
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:89043577
This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially privilege escalation/inf ...

oval:org.secpod.oval:def:1502133
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502132
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:2105792
Oracle Solaris 11 - ( CVE-2018-1165 )

oval:org.secpod.oval:def:51966
linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:51969
linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oem: Linux kernel for OEM processors Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:603228
Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Meltdown and is add ...

oval:org.secpod.oval:def:603280
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controllin ...

oval:org.secpod.oval:def:89048663
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen . * CVE-201 ...

oval:org.secpod.oval:def:43395
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant ...

oval:org.secpod.oval:def:43427
The host is missing a critical security update 4056890

oval:org.secpod.oval:def:43520
The host is missing an important security update ADV180002

CPE    1059
cpe:/h:intel:core_i5:3330
cpe:/h:intel:core_i5:3570
cpe:/h:intel:core_i5:4440s
cpe:/h:intel:xeon:x5647
...
CWE    1
CWE-200
*CVE
CVE-2017-5754

© SecPod Technologies