[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:39489
libxml2: GNOME XML library Several security issues were fixed in libxml2.

oval:org.secpod.oval:def:41130
gnutls28: GNU TLS library - gnutls26: GNU TLS library Several security issues were fixed in GnuTLS.

oval:org.secpod.oval:def:703595
lightdm: Display Manager LightDM could allow unintended access to files.

oval:org.secpod.oval:def:703580
libxslt: XSLT processing library Several security issues were fixed in Libxslt.

oval:org.secpod.oval:def:703322
Ubuntu 16.10 is installed

oval:org.secpod.oval:def:38613
nss: Network Security Service library Several security issues were fixed in NSS.

oval:org.secpod.oval:def:703677
systemd: system and service manager systemd-resolved could be made to crash or run programs if it received a specially crafted DNS response.

oval:org.secpod.oval:def:703668
linux: Linux kernel Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:703667
linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:39199
libarchive: Library to read/write archive files libarchive could be made to crash, overwrite files, or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703404
apt: Advanced front-end for dpkg Details: USN-3156-1 fixed vulnerabilities in APT. It also caused a bug in unattended-upgrades on that may require manual intervention to repair. Users on Ubuntu 16.10 should run the following commands at a terminal: sudo dpkg --configure --pending sudo apt-get -f ins ...

oval:org.secpod.oval:def:703646
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to run programs as an administrator.

oval:org.secpod.oval:def:703401
apport: automatically generate crash reports for debugging Apport could be made to run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703393
linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash or run programs as an administrator.

oval:org.secpod.oval:def:703391
linux: Linux kernel The system could be made to crash or run programs as an administrator.

oval:org.secpod.oval:def:703610
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash or run programs as an administrator.

oval:org.secpod.oval:def:703377
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703350
linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash under certain conditions.

oval:org.secpod.oval:def:703348
linux: Linux kernel The system could be made to crash under certain conditions.

oval:org.secpod.oval:def:703321
linux: Linux kernel The system could be made to run programs as an administrator.

oval:org.secpod.oval:def:703325
linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to run programs as an administrator.

oval:org.secpod.oval:def:703424
linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703429
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703537
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash or run programs as an administrator.

oval:org.secpod.oval:def:703500
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash or run programs as an administrator.

oval:org.secpod.oval:def:38802
tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat.

oval:org.secpod.oval:def:37871
dbus: simple interprocess messaging system Several security issues were fixed in DBus.

oval:org.secpod.oval:def:40152
bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:39292
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39290
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39291
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39289
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:38999
irssi: terminal based IRC client Several security issues were fixed in Irssi.

oval:org.secpod.oval:def:39281
The host is installed with icoutils through 0:0.31.0-3 on Ubuntu 16.04, 0:0.31.0-2+deb8u2build0.14.04.1 on Ubuntu 14.04, 0:0.31.0-3build1 on Ubuntu 16.10 or 0:0.29.1-2ubuntu0.1 on Ubuntu 12.04 and is prone to a buffer overflow vulnerability. A flaw is present in scripts, which fails to properly hand ...

oval:org.secpod.oval:def:39282
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39286
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39287
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39288
The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:39280
The host is installed with icoutils through 0:0.31.0-3 on Ubuntu 16.04, 0:0.31.0-2+deb8u2build0.14.04.1 on Ubuntu 14.04, 0:0.31.0-3build1 on Ubuntu 16.10 or 0:0.29.1-2ubuntu0.1 on Ubuntu 12.04 and is prone to a buffer overflow vulnerability. A flaw is present in scripts, which fails to properly hand ...

oval:org.secpod.oval:def:39279
The host is installed with icoutils through 0:0.31.0-3 on Ubuntu 16.04, 0:0.31.0-2+deb8u2build0.14.04.1 on Ubuntu 14.04, 0:0.31.0-3build1 on Ubuntu 16.10 or 0:0.29.1-2ubuntu0.1 on Ubuntu 12.04 and is prone to a buffer overflow vulnerability. A flaw is present in scripts, which fails to properly hand ...

oval:org.secpod.oval:def:38739
bind9: Internet Domain Name Server Several security issues were fixed in Bind.

oval:org.secpod.oval:def:37885
curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl.

oval:org.secpod.oval:def:38605
The host is installed with python-html5lib, python-html5lib-whl or python3-html5lib prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle characters. An attacker who successfully exploited these vulnerability could have unspecified impact

oval:org.secpod.oval:def:38606
The host is installed with python-html5lib, python-html5lib-whl or python3-html5lib prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle characters. An attacker who successfully exploited these vulnerability could have cross site scripting

oval:org.secpod.oval:def:40657
libytnef: improved decoder for application/ms-tnef attachments libytnef could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:38100
The host is installed with cryptsetup through 2:1.6.6-5ubuntu2 on Ubuntu 16.04, cryptsetup through 2:1.6.1-1ubuntu1 on Ubuntu 14.04, cryptsetup through 2:1.7.2-0ubuntu1 on Ubuntu 16.10 or cryptsetup through 2:1.4.1-2ubuntu4 on Ubuntu 12.04 and is prone to security bypass vulnerability. A flaw is pre ...

oval:org.secpod.oval:def:41167
libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Several security issues were fixed in Libgcrypt.

oval:org.secpod.oval:def:703399
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:703398
oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide.

oval:org.secpod.oval:def:703385
ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash, run programs, or disclose sensitive information if it processed a specially crafted file.

oval:org.secpod.oval:def:703384
oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide.

oval:org.secpod.oval:def:703383
c-ares: library for asynchronous name resolves c-ares could be made to crash or run programs if it processed a specially crafted hostname.

oval:org.secpod.oval:def:703493
php7.0: HTML-embedded scripting language interpreter Details: USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. Original advisory USN-3211- ...

oval:org.secpod.oval:def:703499
network-manager-applet: GNOME frontend for NetworkManager The system could be made to expose sensitive information.

oval:org.secpod.oval:def:703376
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:703375
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:38027
qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU.

oval:org.secpod.oval:def:703370
gst-plugins-good1.0: GStreamer plugins - gst-plugins-good0.10: GStreamer plugins Details: USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The original security fix was incomplete. This update fixes the problem. Original advisory GStreamer could be made to crash or run programs as your lo ...

oval:org.secpod.oval:def:703490
libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file.

oval:org.secpod.oval:def:703379
imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick.

oval:org.secpod.oval:def:703483
imagemagick: Image manipulation programs and library Details: USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes introduced a regression with text labels and a regression with the text coder. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-31 ...

oval:org.secpod.oval:def:703361
gst-plugins-good1.0: GStreamer plugins - gst-plugins-good0.10: GStreamer plugins GStreamer could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703367
lxc: Linux Containers userspace tools LXC could be made to allow containers to access to the host filesystem.

oval:org.secpod.oval:def:703366
moin: Collaborative hypertext environment Several security issues were fixed in MoinMoin.

oval:org.secpod.oval:def:703369
python-cryptography: Cryptography Python library python-cryptography could generate incorrect keys.

oval:org.secpod.oval:def:703473
python-crypto: cryptographic algorithms and protocols for Python Details: USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This up ...

oval:org.secpod.oval:def:703471
bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:703470
python-crypto: cryptographic algorithms and protocols for Python Programs using the Python Cryptography Toolkit could be made to crash or run programs if they receive specially crafted network traffic or other input.

oval:org.secpod.oval:def:703476
spice: SPICE protocol client and server library Spice could be made to crash or run programs if it received specially crafted network traffic.

oval:org.secpod.oval:def:703359
tar: GNU version of the tar archiving utility tar could be made to overwrite files.

oval:org.secpod.oval:def:703358
imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick.

oval:org.secpod.oval:def:703479
tcpdump: command-line network traffic analyzer tcpdump could be made to crash or run programs if it received specially crafted network traffic.

oval:org.secpod.oval:def:703460
oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide.

oval:org.secpod.oval:def:703581
ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript.

oval:org.secpod.oval:def:703343
memcached: high-performance memory object caching system Memcached could be made to crash or run programs if it received specially crafted network traffic.

oval:org.secpod.oval:def:703467
libgc: Boehm-Demers-Weiser garbage collecting storage allocator library Applications using libgc could be made to crash or run programs as your login.

oval:org.secpod.oval:def:703334
mailman: Powerful, web-based mailing list manager Several security issues were fixed in Mailman.

oval:org.secpod.oval:def:703333
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:703332
firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox.

oval:org.secpod.oval:def:703331
nginx: small, powerful, scalable web/proxy server Details: USN-3114-1 fixed a vulnerability in nginx. A packaging issue prevented nginx from being reinstalled or upgraded to a subsequent release. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3114-1 introduc ...

oval:org.secpod.oval:def:703338
bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:703459
firefox: Mozilla Open Source web browser Details: USN-3175-1 fixed vulnerabilities in Firefox. The update caused a regression on systems where the AppArmor profile for Firefox is set to enforce mode. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3175-1 intr ...

oval:org.secpod.oval:def:703337
python-django: High-level Python web development framework Several security issues were fixed in Django.

oval:org.secpod.oval:def:703579
mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL.

oval:org.secpod.oval:def:703339
oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide.

oval:org.secpod.oval:def:703440
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:703444
iucode-tool: Intel processor microcode tool iucode-tool could be made to crash or run programs if it opened a specially crafted file.

oval:org.secpod.oval:def:703443
libxpm: X11 pixmap library libXpm could be made to crash or run programs if it opened a specially crafted file.

oval:org.secpod.oval:def:703563
dovecot: IMAP and POP3 email server Details: USN-3258-1 intended to fix a vulnerability in Dovecot. Further investigation revealed that only Dovecot versions 2.2.26 and newer were affected by the vulnerability. Additionally, the change introduced a regression when Dovecot was configured to use the & ...

oval:org.secpod.oval:def:703562
dovecot: IMAP and POP3 email server Dovecot could be made to crash if it received specially crafted input.

oval:org.secpod.oval:def:703327
nginx: small, powerful, scalable web/proxy server The system could be made to run programs as an administrator.

oval:org.secpod.oval:def:703446
ntfs-3g: read/write NTFS driver for FUSE NTFS-3G could be made to load kernel modules as an administrator.

oval:org.secpod.oval:def:703566
freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file.

oval:org.secpod.oval:def:703329
quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:703328
mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL.

oval:org.secpod.oval:def:703550
samba: SMB/CIFS file, print, and login server for Unix Details: USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced a regression when Samba is configured to disable following symbolic links. This update fixes the problem. Original advisory USN-3242-1 introduced a regression in Sam ...

oval:org.secpod.oval:def:703433
nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to crash under certain conditions.

oval:org.secpod.oval:def:703554
nagios3: host/service/network monitoring and management system Several security issues were fixed in Nagios.

oval:org.secpod.oval:def:703558
lightdm: Display Manager LightDM could be made to run programs as an administrator.

oval:org.secpod.oval:def:703557
python-django: High-level Python web development framework Several security issues were fixed in Django.

oval:org.secpod.oval:def:703435
pcsc-lite: Middleware to access a smart card using PC/SC PCSC-Lite could be made to crash or run programs as an administrator if it received specially crafted input.

oval:org.secpod.oval:def:703434
mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL.

oval:org.secpod.oval:def:703439
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:703547
apparmor: Linux security system AppArmor could remove the confinement from some programs.

oval:org.secpod.oval:def:703425
libvncserver: vnc server library Several security issues were fixed in LibVNCServer.

oval:org.secpod.oval:def:703546
oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide.

oval:org.secpod.oval:def:703545
gst-plugins-base1.0: GStreamer Plugins - gst-plugins-base0.10: GStreamer Plugins GStreamer Base Plugins could be made to crash if it opened a specially crafted file.

oval:org.secpod.oval:def:703549
firefox: Mozilla Open Source web browser Details: USN-3216-1 fixed vulnerabilities in Firefox. The update resulted in a startup crash when Firefox is used with XRDP. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3216-1 introduced a regression in Firefox.

oval:org.secpod.oval:def:703548
gst-plugins-good1.0: GStreamer plugins - gst-plugins-good0.10: GStreamer plugins GStreamer Good Plugins could be made to crash if it opened a specially crafted file.

oval:org.secpod.oval:def:703535
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:703533
samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:703417
exim4: Exim is a mail transport agent Exim could be made to expose private DKIM signing keys.

oval:org.secpod.oval:def:703400
apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages.

oval:org.secpod.oval:def:703525
firefox: Mozilla Open Source web browser An integer overflow was discovered in Firefox.

oval:org.secpod.oval:def:703524
nvidia-graphics-drivers-375: NVIDIA binary X.Org driver Details: USN-3173-1 fixed a vulnerability in nvidia-graphics-drivers-304 and nvidia-graphics-drivers-340. This update provides the corresponding update for nvidia-graphics-drivers-375. Original advisory NVIDIA graphics drivers could be made to ...

oval:org.secpod.oval:def:703523
imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick.

oval:org.secpod.oval:def:703529
nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-375: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to crash under certain conditions.

oval:org.secpod.oval:def:703526
freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file.

oval:org.secpod.oval:def:703516
libevent: Asynchronous event notification library Several security issues were fixed in libevent.

oval:org.secpod.oval:def:703508
lxc: Linux Containers userspace tools LXC could be made to create arbitrary virtual network interfaces as an administrator.

oval:org.secpod.oval:def:703502
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:703506
imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick.

oval:org.secpod.oval:def:703700
evince: Document viewer Evince could be made run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703705
apport: automatically generate crash reports for debugging An attacker could trick a user into opening a malicious .crash file and execute arbitrary code as the user.

oval:org.secpod.oval:def:703594
firefox: Mozilla Open Source web browser Details: USN-3260-1 fixed vulnerabilities in Firefox. The update caused the date picker panel and form validation errors to close immediately on opening. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3260-1 caused a ...

oval:org.secpod.oval:def:703599
git: fast, scalable, distributed revision control system Git could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:703583
icu: International Components for Unicode library Several security issues were fixed in ICU.

oval:org.secpod.oval:def:703582
libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted EMF file.

oval:org.secpod.oval:def:703585
freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file.

oval:org.secpod.oval:def:703584
shadow: system login tools su could be made to crash or stop programs as an administrator.

oval:org.secpod.oval:def:703588
apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server.

oval:org.secpod.oval:def:703693
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:703692
samba: SMB/CIFS file, print, and login server for Unix Samba could be made to hang if it received specially crafted network traffic.

oval:org.secpod.oval:def:703694
poppler: PDF rendering library poppler could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703699
nginx: small, powerful, scalable web/proxy server nginx could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:703685
bind9: Internet Domain Name Server Bind could be made to serve incorrect information or expose sensitive information over the network.

oval:org.secpod.oval:def:703674
nss: Network Security Service library NSS could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:703673
valgrind: instrumentation framework for building dynamic analysis tools Valgrind could be made to crash or run programs if it opened a specially crafted file.

oval:org.secpod.oval:def:703672
openvpn: virtual private network software Several security issues were fixed in OpenVPN.

oval:org.secpod.oval:def:703662
exim4: Exim is a mail transport agent Exim could be made to run programs as an administrator.

oval:org.secpod.oval:def:703652
irssi: terminal based IRC client Irssi could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:703656
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:703655
zziplib: library providing read access on ZIP-archives zziplib could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703654
libmwaw: import library for some old Mac text documents libmwaw could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703659
glibc: GNU C Library - eglibc: GNU C Library Gnu C library could be made to run programs as an administrator.

oval:org.secpod.oval:def:703642
libnl3: library for dealing with netlink sockets libnl could be made to crash or run programs.

oval:org.secpod.oval:def:703641
lintian: Debian package checker lintian could be made to run programs if it processed a specially crafted package.

oval:org.secpod.oval:def:703647
nagios3: host/service/network monitoring and management system Details: USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3253-1 introduced a r ...

oval:org.secpod.oval:def:703631
tiff: Tag Image File Format library Details: USN-3212-1 fixed vulnerabilities in LibTIFF. Unfortunately, some of the security patches were misapplied, which caused a regression when processing certain images. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3 ...

oval:org.secpod.oval:def:703639
libtasn1-6: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703638
openldap: OpenLDAP utilities OpenLDAP could be made to crash if it received specially crafted network traffic.

oval:org.secpod.oval:def:703637
libsndfile: Library for reading/writing audio files Several security issues were fixed in libsndfile.

oval:org.secpod.oval:def:703636
nvidia-graphics-drivers-375: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to crash or run programs as an administrator.

oval:org.secpod.oval:def:703620
miniupnpc: UPnP IGD client lightweight library MiniUPnP could be made to crash or run programs if it received specially crafted network traffic.

oval:org.secpod.oval:def:703629
strongswan: IPsec VPN solution strongSwan could be made to crash or hang if it received specially crafted network traffic.

oval:org.secpod.oval:def:703622
juju-core: next generation service orchestration system The system could be made to run programs as an administrator.

oval:org.secpod.oval:def:703621
firefox: Mozilla Open Source web browser Firefox was updated to a new version.

oval:org.secpod.oval:def:703628
sudo: Provide limited super user privileges to specific users Sudo could be made to overwrite files as the administrator.

oval:org.secpod.oval:def:703627
imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick.

oval:org.secpod.oval:def:703619
samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator.

oval:org.secpod.oval:def:703618
jbig2dec: JBIG2 decoder library Several security issues were fixed in jbig2dec.

oval:org.secpod.oval:def:703612
bash: GNU Bourne Again SHell Several security issues were fixed in Bash.

oval:org.secpod.oval:def:703609
thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird.

oval:org.secpod.oval:def:703607
shadow: system login tools Details: USN-3276-1 intended to fix a vulnerability in su. The solution introduced a regression in su signal handling. This update modifies the security fix. We apologize for the inconvenience. Original advisory USN-3276-1 introduced a regression in su.

oval:org.secpod.oval:def:703603
ghostscript: PostScript and PDF interpreter Details: USN-3272-1 fixed vulnerabilities in Ghostscript. This change introduced a regression when the DELAYBIND feature is used with the eqproc command. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3272-1 introd ...

oval:org.secpod.oval:def:703513
pillow: Python Imaging Library Several security issues were fixed in Pillow.

oval:org.secpod.oval:def:703596
openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK 8.

oval:org.secpod.oval:def:703340
openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK 8.

oval:org.secpod.oval:def:703542
eject: ejects CDs and operates CD-Changers under Linux Eject could be made to run programs as an administrator.

oval:org.secpod.oval:def:703512
icu: International Components for Unicode library Several security issues were fixed in ICU.

oval:org.secpod.oval:def:41172
ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP.

oval:org.secpod.oval:def:703707
expat: XML parsing C library Expat could be made to hang if it received specially crafted input.

oval:org.secpod.oval:def:703701
samba: SMB/CIFS file, print, and login server for Unix Samba could allow unintended access to network services.

oval:org.secpod.oval:def:703702
heimdal: Heimdal Kerberos Network Authentication Protocol Heimdal could allow unintended access to network services.

oval:org.secpod.oval:def:703357
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:41305
The host is installed with zlib dependencies through 1:1.2.8.dfsg-2ubuntu4.1 on Ubuntu 16.04, through 1:1.2.8.dfsg-1ubuntu1 on Ubuntu 14.04, through 1:1.2.8.dfsg-2ubuntu5.1 on Ubuntu 16.10 or through 1:1.2.11.dfsg-0ubuntu1 on Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is ...

oval:org.secpod.oval:def:41306
The host is installed with zlib dependencies through 1:1.2.8.dfsg-2ubuntu4.1 on Ubuntu 16.04, through 1:1.2.8.dfsg-1ubuntu1 on Ubuntu 14.04, through 1:1.2.8.dfsg-2ubuntu5.1 on Ubuntu 16.10 or through 1:1.2.11.dfsg-0ubuntu1 on Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is ...

oval:org.secpod.oval:def:41304
The host is installed with zlib dependencies through 1:1.2.8.dfsg-2ubuntu4.1 on Ubuntu 16.04, through 1:1.2.8.dfsg-1ubuntu1 on Ubuntu 14.04, through 1:1.2.8.dfsg-2ubuntu5.1 on Ubuntu 16.10 or through 1:1.2.11.dfsg-0ubuntu1 on Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is ...

oval:org.secpod.oval:def:41307
The host is installed with zlib dependencies through 1:1.2.8.dfsg-2ubuntu4.1 on Ubuntu 16.04, through 1:1.2.8.dfsg-1ubuntu1 on Ubuntu 14.04, through 1:1.2.8.dfsg-2ubuntu5.1 on Ubuntu 16.10 or through 1:1.2.11.dfsg-0ubuntu1 on Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is ...

oval:org.secpod.oval:def:703469
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:703458
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:703457
nettle: low level cryptographic library Nettle could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:703561
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:703565
qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU.

oval:org.secpod.oval:def:703559
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke: Linux kernel for Google Container Engine systems - linux-snapdragon: Linux kernel for Snapdragon Processors - linux-ti-omap4: Linux kernel for OMAP4 The system ...

oval:org.secpod.oval:def:703410
linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703408
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703630
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:703601
qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU.

oval:org.secpod.oval:def:703441
openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.

oval:org.secpod.oval:def:703445
gnutls28: GNU TLS library - gnutls26: GNU TLS library Several security issues were fixed in GnuTLS.

oval:org.secpod.oval:def:39003
squid3: Web proxy cache server Squid could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:703405
samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba.

oval:org.secpod.oval:def:703368
vim: Vi IMproved - enhanced vi editor Vim could be made run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703519
libxml2: GNOME XML library Several security issues were fixed in libxml2.

oval:org.secpod.oval:def:703488
php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703335
libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file.

oval:org.secpod.oval:def:703676
apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server.

oval:org.secpod.oval:def:703463
linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703450
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703480
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:703578
nss: Network Security Service library Several security issues were fixed in NSS.

oval:org.secpod.oval:def:703438
openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK 8.

oval:org.secpod.oval:def:703489
tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:703709
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the Linux kernel.

oval:org.secpod.oval:def:703571
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 The system could be made to crash under certain conditions.

oval:org.secpod.oval:def:703689
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the Linux kernel.

*CPE
cpe:/o:ubuntu:ubuntu_linux:16.10

© SecPod Technologies