Download
| Alert*
oval:org.secpod.oval:def:33156
The host is installed with OpenSSL 1.0.1 before 1.0.1s or 1.0.2 before 1.0.2g, Oracle MySQL 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle malformed DSA private key. Successful exploitatio ... oval:org.secpod.oval:def:1600404 A double-free flaw was found in the way OpenSSL parsed certain malformed DSA private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. The ssl_verify_server_cert function in sql-co ... oval:org.secpod.oval:def:1600367 A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicl ... oval:org.secpod.oval:def:400661 This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenba ... oval:org.secpod.oval:def:1501379 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to dec ... oval:org.secpod.oval:def:400742 This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a B ... oval:org.secpod.oval:def:203849 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to de ... oval:org.secpod.oval:def:1501381 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to dec ... oval:org.secpod.oval:def:501773 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to de ... oval:org.secpod.oval:def:34943 The host is missing a patch containing a security fixes, which affects the following package(s): openssl.base oval:org.secpod.oval:def:110547 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:52720 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:37845 The host is installed with Xcode before 8.1 on Apple Mac OS X 10.11.5 or later and is prone to an arbitrary code execution vulnerability. A flaw is present in the Node.js, which fails to handle unknown vectors. Successful exploitation allows attackers to cause unexpected application termination or a ... oval:org.secpod.oval:def:602398 Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit. CVE-2016-0702 Yuval Yarom from the University of Adelaide and NICTA, Daniel Genkin from Technion and Tel Aviv University, and Nadia Heninger from the University of Pennsylvania discovered a side-channel attack which m ... oval:org.secpod.oval:def:703004 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:110570 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows libraries and development tools. oval:org.secpod.oval:def:110255 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:110496 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:110297 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:203850 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to de ... oval:org.secpod.oval:def:89045356 This update for openssl fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the DROWN attack : OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbache ... oval:org.secpod.oval:def:505653 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:505578 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:37854 The host is missing a security update according to Apple advisory, APPLE-SA-2016-10-27-1. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to caus ... oval:org.secpod.oval:def:505383 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:89002462 This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit ... oval:org.secpod.oval:def:89002262 This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit ... |