Download
| Alert*
oval:org.secpod.oval:def:44096
The host is installed with Apple Mac OS X 10.13.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker processing a maliciously crafted string to lead to heap co ... oval:org.secpod.oval:def:44097 The host is missing a security update according to Apple advisory, APPLE-SA-2018-02-19-2. The update is required to fix memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could allow attackers pro ... oval:org.secpod.oval:def:45302 The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues with improper error handling. Successful exploitation leads an application to gain elevated privileges ... oval:org.secpod.oval:def:45303 The host is installed with Apple Mac OS X 10.13.4 and is prone to a UI-spoofing vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted test message. Successful exploitation leads to UI spoofing. oval:org.secpod.oval:def:45304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-2. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly handle maliciously crafted vectors. Successful exploitation may lead to UI spoofing or memor ... oval:org.secpod.oval:def:43039 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43043 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43041 The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43040 The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to cause unexpected system termination or read ke ... oval:org.secpod.oval:def:43046 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with ... oval:org.secpod.oval:def:43045 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to execute arbitrary c ... oval:org.secpod.oval:def:43044 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43049 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a multiple memory corruption vulnerabilities. The flaw is present in the application, which fails to properly handle a type confusion issue. Successful exploitation allows attackers to allow an application to rea ... oval:org.secpod.oval:def:43048 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43050 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to allow an application to exe ... oval:org.secpod.oval:def:43054 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an inconsistent user interface issue. Successful exploitation gives privileges to attackers so that a S/MIME encrypted e ... oval:org.secpod.oval:def:43053 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43052 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43051 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restricted memory. oval:org.secpod.oval:def:43055 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an encryption issue. Successful exploitation allows attackers with a privileged network position may be able to intercep ... oval:org.secpod.oval:def:44845 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with system privileges. oval:org.secpod.oval:def:44846 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:44841 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an access control vulnerability. A flaw is present in the application, which fails to properly a mounted malicious disk image. Successful exploitation allows an application to launch an application. oval:org.secpod.oval:def:44842 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ... oval:org.secpod.oval:def:44843 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44844 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44850 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with kernel pri ... oval:org.secpod.oval:def:44851 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read issues. Successful exploitation allows an application to execute arbitrary code with system privileges. oval:org.secpod.oval:def:44856 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44857 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44858 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44859 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44852 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted applications. Successful exploitation allows an application to bypass code signing en ... oval:org.secpod.oval:def:44853 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with system pri ... oval:org.secpod.oval:def:44854 The host is installed with Apple Mac OS X 10.13.3 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle S/MIME-encrypted HTML e-mail. Successful exploitation allows an application to exfiltrate the contents of S/MIME-en ... oval:org.secpod.oval:def:44855 The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle inconsistent user-interface. Successful exploitation allows an application to intercept the contents of S/MIME-encrypted e-m ... oval:org.secpod.oval:def:44860 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44861 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44867 The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:44863 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44865 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle bracketed paste mode. Successful exploitation allows an application to execute arbitrary command exe ... oval:org.secpod.oval:def:44866 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle keystrokes entered by unprivileged applications. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44834 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ... oval:org.secpod.oval:def:44835 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44836 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44837 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44832 The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle passwords passed to sysadminctl tool. Successful exploitation leads to the exposure of passwords to other local users. oval:org.secpod.oval:def:44833 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted files in symlinks. Successful exploitation allows attackers to disclose user informa ... oval:org.secpod.oval:def:44839 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information access vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted webpages. Successful exploitation allows an application to mount a disk image. oval:org.secpod.oval:def:1600989 do_bid_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printf and file_vprintf. do_core_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360 . do_core_note in readelf.c in libm ... oval:org.secpod.oval:def:42916 The host is installed with Apple Mac OS X 10.12.6 or before 10.13.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issue. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:42919 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle path handling issue. Successful exploitation could allow attackers to modify restricted areas of file syst ... oval:org.secpod.oval:def:26581 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4, 10.11.x before 10.11.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted XML document. Successful exploitation allows a ... oval:org.secpod.oval:def:26574 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font file. Successful exploitation allows attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26695 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted Unicode string. Successful exploitation allows remote attackers to execute arbitrary code or cause a de ... oval:org.secpod.oval:def:26694 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:26576 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font file. Successful exploitation allows attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26575 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font file. Successful exploitation allows attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26578 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle an AF_INET6 socket. Successful exploitation allows attackers to execute arbitrary code ... oval:org.secpod.oval:def:26577 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font file. Successful exploitation allows attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26691 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a previously visited web site that is rendered during a Quick Look search. Successful exploitation allow ... oval:org.secpod.oval:def:26690 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to handle an XML document containing an external entity declaration in conjunction with an entity reference. Successful ... oval:org.secpod.oval:def:26693 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which does not properly implement authentication. Successful exploitation allows local users to obtain admin privileges. oval:org.secpod.oval:def:26692 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted Collada file. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:26684 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to handle a long digit string associated with an invalid backreference within a regular expression. Successful exploitatio ... oval:org.secpod.oval:def:26689 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a SSL servers spoofing vulnerability. A flaw is present in the application, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a dom ... oval:org.secpod.oval:def:26682 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows local users to gain privileges or cause a denial of service ( ... oval:org.secpod.oval:def:26681 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly remove dismissed notifications. Successful exploitation allows attackers to read arbitrary notifications. oval:org.secpod.oval:def:26669 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted executable file. Successful exploitation allows local users to bypass a code-signing protection mechanism ... oval:org.secpod.oval:def:26673 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malformed plist. Successful exploitation allows attackers to execute arbitrary code in a privileged context or ... oval:org.secpod.oval:def:26672 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted Mach-O file. Successful exploitation allows local users to bypass a code-signing protection mechanism. oval:org.secpod.oval:def:26675 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted regular expression. Successful exploitation allows context-dependent attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26674 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which does not properly validate pathnames in the environment. Successful exploitation allows local users to gain privileges. oval:org.secpod.oval:def:26677 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted regular expression. Successful exploitation allows context-dependent attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26676 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted regular expression. Successful exploitation allows context-dependent attackers to execute arbitrary cod ... oval:org.secpod.oval:def:26679 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted app that sends a malformed XPC message. Successful exploitation allows attackers to execute arbitrary c ... oval:org.secpod.oval:def:26678 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle an app that uses a crafted syscall to interfere with locking. Successful exploitation allows attackers to execute ... oval:org.secpod.oval:def:26671 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted Mach-O file. Successful exploitation allows local users to bypass a code-signing protection mechanism. oval:org.secpod.oval:def:26670 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted multi-architecture executable file. Successful exploitation allows local users to bypass a code-signing p ... oval:org.secpod.oval:def:48696 The host is installed with Apple Mac OS X or Server 10.10.5, 10.11.6 or 10.12.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation could allow attackers to disclose process memory. oval:org.secpod.oval:def:48697 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:48695 The host is installed with Apple Mac OS X or Server 10.10.5, 10.11.6 or 10.12.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation could allow attackers to execute arbitrary code with kerne ... oval:org.secpod.oval:def:26594 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted QuickTime file. Successful exploitation allows attackers to execute arbitrary code or ... oval:org.secpod.oval:def:26593 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a maliciously crafted Office document. Successful exploitation allows attackers to execute arbi ... oval:org.secpod.oval:def:26605 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to execute arbitrary code or caus ... oval:org.secpod.oval:def:26705 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to handle a text file containing an XML external entity declaration in conjunction with an entity reference. Successful ... oval:org.secpod.oval:def:26706 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malformed DMG image. Successful exploitation allows local users to gain privileges or cause a denial of service ... oval:org.secpod.oval:def:30095 The host is installed with Python 2.x before 2.7.9 and 3.x before 3.4.3 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to handle an arbitrary valid certificate. Successful exploitation could allow attackers to spoof SSL servers. oval:org.secpod.oval:def:26659 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows local users to gain privileges or cause a denial of service ( ... oval:org.secpod.oval:def:26658 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary code execute vulnerability. A flaw is present in the application, which fails to handle a crafted app that leverages incorrect privilege dropping associated with a locking error. Successful explo ... oval:org.secpod.oval:def:26662 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted app. Successful exploitation allows attackers to execute arbitrary code or cause a denial of service (m ... oval:org.secpod.oval:def:26661 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows local users to gain privileges or cause a d ... oval:org.secpod.oval:def:26664 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to local users to gain privileges. oval:org.secpod.oval:def:26663 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted app. Successful exploitation allows attackers to execute arbitrary code or cause a denial of service (m ... oval:org.secpod.oval:def:26666 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted app that makes unspecified IOKit API calls. Successful exploitation allows attackers to execute arbitra ... oval:org.secpod.oval:def:26665 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted app. Successful exploitation allows attackers to obtain sensitive memory-layout information. oval:org.secpod.oval:def:26668 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted volume. Successful exploitation allows local users to cause a denial of service. oval:org.secpod.oval:def:26667 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows local users to cause a denial of service (resource consumptio ... oval:org.secpod.oval:def:26660 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows local users to gain privileges or cause a denial of service ( ... oval:org.secpod.oval:def:26648 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a time spoofing vulnerability. A flaw is present in the application, which does not properly restrict access to the Date and Time preferences pane. Successful exploitation allows local users to spoof the time ... oval:org.secpod.oval:def:26647 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted series of Unicode characters. Successful exploitation allows remote proxy servers to execute arbitrary ... oval:org.secpod.oval:def:26649 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not use HTTPS. Successful exploitation allows man-in-the-middle attackers to obtain sensitive information by sniffing ... oval:org.secpod.oval:def:26651 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which does not properly validate pathnames in the environment. Successful exploitation allows local users to gain privileges. oval:org.secpod.oval:def:26650 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed DMG image. Successful exploitation allows local users to gain privileges or cause a denial of service ... oval:org.secpod.oval:def:26653 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary files overwrite vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation allows remote attackers to create, overwrite, rename, or del ... oval:org.secpod.oval:def:26655 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly initialize an unspecified data structure. Successful exploitation allows remote attackers to obtain sensi ... oval:org.secpod.oval:def:26654 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted TIFF image. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:26657 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary code execute vulnerability. A flaw is present in the application, which does not properly drop privileges. Successful exploitation allows remote attackers to execute arbitrary code in a privilege ... oval:org.secpod.oval:def:26656 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly initialize an unspecified data structure. Successful exploitation allows remote attackers to obtain sensi ... oval:org.secpod.oval:def:26636 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted font file. Successful exploitation allows attackers to execute arbitrary code or cause a denial of serv ... oval:org.secpod.oval:def:26626 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary user password change vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to change arbitrary user passwords. oval:org.secpod.oval:def:26628 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a kernel memory-layout information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted app. Successful exploitation allows attackers to obtain sensitive kernel memo ... oval:org.secpod.oval:def:26627 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a kernel memory-layout information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted app. Successful exploitation allows attackers to obtain sensitive kernel memo ... oval:org.secpod.oval:def:26629 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which does not properly restrict Notification Center Service access. Successful exploitation allows attackers to read Notificatio ... oval:org.secpod.oval:def:26631 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to multiple buffer overflows vulnerabilities. The flaws are present in the application, which fails to handle XPC messages. Successful exploitation allows attackers to gain privileges. oval:org.secpod.oval:def:26630 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle malformed Bluetooth ACL packets. Successful exploitation allows attackers to cause a denial of service. oval:org.secpod.oval:def:26633 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted app. Successful exploitation allows attackers to access an iCloud user record associated with a p ... oval:org.secpod.oval:def:26632 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to obtain potentially sensitive information about ... oval:org.secpod.oval:def:26635 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:26634 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation allows attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:48708 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly perform bounds checking. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:48705 The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to an insufficient locking vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow the screen to unexpectedly remain unlocked when the lid is cl ... oval:org.secpod.oval:def:54621 The host is installed with Apple Mac OS X 10.12.6 or 10.13.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows an attacker to execute arbitrary code with system privileges. oval:org.secpod.oval:def:1801090 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801091 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801087 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801089 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:43362 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43361 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43366 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43365 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43364 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle screen sharing sessions. Successful exploitation allows a user with screen sharing access to access any file readable ... oval:org.secpod.oval:def:43363 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a security bypass vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue existing in the kernel. Successful exploitation allows a local user to cause unexp ... oval:org.secpod.oval:def:45930 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with system privile ... oval:org.secpod.oval:def:45902 The host is installed with Apple Mac OS X 10.13.4 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the memory handling issue. Successful exploitation allows attackers with a malicious application to elevate privileges. oval:org.secpod.oval:def:45903 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an object management issue. Successful exploitation allows attackers to determine kernel memory layout. oval:org.secpod.oval:def:45904 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the configuration issue. Successful exploitation allows attackers with root privileges to modify the EFI flash memory region. oval:org.secpod.oval:def:45900 The host is installed with Apple Mac OS X 10.13.4 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle input validation issue. Successful exploitation allows attackers to read kernel memory. oval:org.secpod.oval:def:45909 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to spoof password prompts in iBooks. oval:org.secpod.oval:def:45905 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform arbitrary code execution. oval:org.secpod.oval:def:45906 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the entitlement plists issue. Successful exploitation allows attackers to circumvent sandbox restrictions. oval:org.secpod.oval:def:45907 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:45912 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45913 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45914 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform a denial of service attack. oval:org.secpod.oval:def:45910 The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:45911 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45916 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45917 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45918 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to gain elevated privileges. oval:org.secpod.oval:def:45919 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an encrypted mail issue. Successful exploitation allows attackers to exfiltrate the contents of S/MIME-encrypted e-mail. oval:org.secpod.oval:def:45923 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent account identifier. oval:org.secpod.oval:def:45924 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the S-MIME certificaties issue. Successful exploitation allows attackers to track users by malicious websites using client certificates ... oval:org.secpod.oval:def:45925 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45926 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45920 The host is installed with Apple Mac OS X 10.13.4 and is prone to a messages injection vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to conduct impersonation attacks. oval:org.secpod.oval:def:45921 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a message validation issue. Successful exploitation allows attackers to lead to denial of service. oval:org.secpod.oval:def:45922 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45927 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45928 The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a microphone access issue. Successful exploitation allows attackers to circumvent sandbox restrictions. oval:org.secpod.oval:def:45929 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a text validation issue. Successful exploitation allows attackers to lead to a denial of service. oval:org.secpod.oval:def:45899 The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle memory management issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:116061 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:116108 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:103868 Groff is a document formatting system. Groff takes standard text and formatting commands as input and produces formatted output. The created documents can be shown on a display or printed on a printer. Groff"s formatting commands allow you to specify font type and size, bold type, italic type, the n ... oval:org.secpod.oval:def:103861 Groff is a document formatting system. Groff takes standard text and formatting commands as input and produces formatted output. The created documents can be shown on a display or printed on a printer. Groff"s formatting commands allow you to specify font type and size, bold type, italic type, the n ... oval:org.secpod.oval:def:103862 Groff is a document formatting system. Groff takes standard text and formatting commands as input and produces formatted output. The created documents can be shown on a display or printed on a printer. Groff"s formatting commands allow you to specify font type and size, bold type, italic type, the n ... oval:org.secpod.oval:def:1300179 Multiple vulnerabilities has been found and corrected in groff: contrib/pdfmark/pdfroff.sh in GNU troff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file . The gendef.sh, doc/fixinfo.sh, and contrib/gdiffmk/tests/runtests.in scripts ... oval:org.secpod.oval:def:26652 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary files overwrite vulnerability. A flaw is present in the application, which fails to handle a symlink attack on a pdf#####.tmp temporary file. Successful exploitation allows local users to overwri ... oval:org.secpod.oval:def:113037 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ... oval:org.secpod.oval:def:113032 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ... oval:org.secpod.oval:def:113023 Spatialite-Tools is a set of useful CLI tools for SpatiaLite. oval:org.secpod.oval:def:113139 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:603037 Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5087 Ned Williamson discovered a way to escape the sandbox. CVE-2017-5088 Xiling Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2017-5089 Michal Bentkowski discovered a spoofing issue. C ... oval:org.secpod.oval:def:113068 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:1502003 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:53567 The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an issue in perl. Successful exploitation allows an attacker to cause unspecified impact. oval:org.secpod.oval:def:53350 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:114665 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:114659 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:603428 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:704204 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:51088 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:1901135 do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. oval:org.secpod.oval:def:53018 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:704827 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:45908 The host is installed with Apple Mac OS X 10.13.4 or 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:48636 The host is installed with Apple Mac OS X 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows an attacker to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43634 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a resource exhaustion issue. Successful exploitation allows an application to cause denial of service. oval:org.secpod.oval:def:43633 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43632 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a logic issue. Successful exploitation allows an application to execute an arbitrary code with kernel privile ... oval:org.secpod.oval:def:43631 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute an arbitrary c ... oval:org.secpod.oval:def:43638 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an attacker to read restricted memory. oval:org.secpod.oval:def:43637 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle a certificate evaluation issue. Successful exploitation makes a certificate to have name constraints applied incor ... oval:org.secpod.oval:def:43636 The host is installed with Apple Mac OS X 10.13.2 and is prone to an unspecified vulnerability. The flaw is present in the application, which fails to properly handle an access issue. Successful exploitation allows a sandboxed process to circumvent sandbox restrictions. oval:org.secpod.oval:def:43635 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an attacker to perform an arbitrary code ... oval:org.secpod.oval:def:43627 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code w ... oval:org.secpod.oval:def:43625 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code by processing a ... oval:org.secpod.oval:def:43629 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43630 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a race condition issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:114424 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:48698 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:115029 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:2000274 Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange ... oval:org.secpod.oval:def:46880 The host is installed with Apple Mac OS X 10.13.5 , 10.13.4 or before 10.14 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. On successful exploitation, an attacker may be able to intercept bluetooth tr ... oval:org.secpod.oval:def:43639 The host is installed with Apple Mac OS 10.13.1 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:52478 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:1200003 A use-after-free flaw was found in PHP"s OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. A NULL pointer dereference flaw was found in PHP"s pgsql extension. A specially crafted table name passed to function as pg_insert or pg_select could cause a PHP app ... oval:org.secpod.oval:def:30883 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors that trigger an attempted renaming of a Phar archive to the name of an existing file. Successful explo ... oval:org.secpod.oval:def:52429 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:27071 The host is installed with Apple iTunes before 12.3 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly track directionally isolated pieces of text. Successful exploitation could allow attackers to execute arbitrary code or crash ... oval:org.secpod.oval:def:1200048 A buffer overflow vulnerability was found in PHP"s phar implementation. See https://bugs.php.net/bug.php?id=69324 for more details. A use-after-free flaw was found in PHP"s phar paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memo ... oval:org.secpod.oval:def:601998 Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-2301 Use-after-free in the phar extension. CVE-2015-2331 Emmanuel Law discovered an integer overflow in the processing of ZIP archives, resulting in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1501042 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:30961 The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-30-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:26614 The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.5 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted unserialize call that leverages use of the unset function within an __wakeup function. Successful ex ... oval:org.secpod.oval:def:26617 The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle pipelined HTTP requests. Successful exploitation allow attackers to cause a denial of service (application c ... oval:org.secpod.oval:def:26616 The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.5 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. Successful exploit ... oval:org.secpod.oval:def:26622 The host is installed with Apple Mac OS X or Server 10.9.5 or 10.10.x through 10.10.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which truncates a pathname upon encountering a \x00 character in certain situations. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:602015 The previous update for php5, DSA-3198-1, introduced a regression causing segmentation faults when using SoapClient::__setSoapHeader. Updated packages are now available to address this regression. For reference, the original advisory text follows. Multiple vulnerabilities have been discovered in the ... oval:org.secpod.oval:def:602132 Multiple vulnerabilities have been discovered in PHP: CVE-2015-4025 / CVE-2015-4026 Multiple function didn"t check for NULL bytes in path names. CVE-2015-4024 Denial of service when processing multipart/form-data requests. CVE-2015-4022 Integer overflow in the ftp_genlist function may result in deni ... oval:org.secpod.oval:def:1501060 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:30905 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted text. Successful exploitation could allow attackers to crash the service or execute arbitra ... oval:org.secpod.oval:def:30906 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted text. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:30907 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to produce unknown impact. oval:org.secpod.oval:def:203664 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:203655 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:108766 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:702466 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:602188 Several vulnerabilities were discovered in the International Components for Unicode library. CVE-2014-8146 The Unicode Bidirectional Algorithm implementation does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service or possibly execut ... oval:org.secpod.oval:def:1200076 A use-after-free flaw was found in PHP"s OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. A NULL pointer dereference flaw was found in PHP"s pgsql extension. A specially crafted table name passed to function as pg_insert or pg_select could cause a PHP app ... oval:org.secpod.oval:def:702554 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:501581 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:501590 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:702513 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:27126 The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-16-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:502287 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:705016 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ... oval:org.secpod.oval:def:1502207 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204822 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:57782 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ... oval:org.secpod.oval:def:54654 The host is missing a security update according to Apple advisory, APPLE-SA-2019-5-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause memory ... oval:org.secpod.oval:def:53540 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:53326 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:115530 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114551 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:115435 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1502222 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502220 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114789 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114727 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114614 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1502215 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502217 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:48684 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ... oval:org.secpod.oval:def:46333 The host is installed with Apple Mac OS 10.13.5, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:47664 The host is installed with Apple Mac OS before 10.14 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:603398 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ... oval:org.secpod.oval:def:115038 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1800989 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:53328 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ... oval:org.secpod.oval:def:114497 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114565 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:45915 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an undocumented instructions issue. Successful exploitation allows attackers to execute arbitrary code with ker ... oval:org.secpod.oval:def:1502203 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502204 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502201 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502202 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502205 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:45388 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:1801000 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:1801001 CVE-2018-8897, XSA-260: x86: mishandling of debug exceptions oval:org.secpod.oval:def:1801004 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:45418 The host is missing an important security update for KB4103731 oval:org.secpod.oval:def:45419 The host is missing an important security update for KB4103730 oval:org.secpod.oval:def:45898 The host is installed with Apple Mac OS 10.13.4, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory or ... oval:org.secpod.oval:def:45416 The host is missing an important security update for KB4134651 oval:org.secpod.oval:def:45421 The host is missing an important security update 4103715 oval:org.secpod.oval:def:45422 The host is missing an important security update for KB4103716 oval:org.secpod.oval:def:45543 The host is missing an important security update 4103718 oval:org.secpod.oval:def:45423 The host is missing an important security update for KB4103721 oval:org.secpod.oval:def:45435 The host is missing an important security update for KB4103723 oval:org.secpod.oval:def:45436 The host is missing an important security update for KB4103725 oval:org.secpod.oval:def:45437 The host is missing an important security update 4103726 oval:org.secpod.oval:def:45438 The host is missing an important security update for KB4103727 oval:org.secpod.oval:def:45440 The host is missing an important security update 4103712 oval:org.secpod.oval:def:603396 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:26707 The host is missing a security update according to Apple advisory, APPLE-SA-2015-08-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation may lead to an unexpected application terminati ... oval:org.secpod.oval:def:39718 The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:502286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:204798 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502206 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700044 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:1600892 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... |