Download
| Alert*
oval:org.secpod.oval:def:45302
The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues with improper error handling. Successful exploitation leads an application to gain elevated privileges ... oval:org.secpod.oval:def:45304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-2. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly handle maliciously crafted vectors. Successful exploitation may lead to UI spoofing or memor ... oval:org.secpod.oval:def:44096 The host is installed with Apple Mac OS X 10.13.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker processing a maliciously crafted string to lead to heap co ... oval:org.secpod.oval:def:44097 The host is missing a security update according to Apple advisory, APPLE-SA-2018-02-19-2. The update is required to fix memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could allow attackers pro ... oval:org.secpod.oval:def:43046 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with ... oval:org.secpod.oval:def:43049 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a multiple memory corruption vulnerabilities. The flaw is present in the application, which fails to properly handle a type confusion issue. Successful exploitation allows attackers to allow an application to rea ... oval:org.secpod.oval:def:43048 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43050 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to allow an application to exe ... oval:org.secpod.oval:def:43053 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43052 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43051 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restricted memory. oval:org.secpod.oval:def:44843 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44857 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44861 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44867 The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:44835 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44836 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44837 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:1600989 do_bid_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printf and file_vprintf. do_core_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360 . do_core_note in readelf.c in libm ... oval:org.secpod.oval:def:43362 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:45905 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform arbitrary code execution. oval:org.secpod.oval:def:45914 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform a denial of service attack. oval:org.secpod.oval:def:45916 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45917 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45918 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to gain elevated privileges. oval:org.secpod.oval:def:45923 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent account identifier. oval:org.secpod.oval:def:45925 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45926 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45920 The host is installed with Apple Mac OS X 10.13.4 and is prone to a messages injection vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to conduct impersonation attacks. oval:org.secpod.oval:def:45921 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a message validation issue. Successful exploitation allows attackers to lead to denial of service. oval:org.secpod.oval:def:45927 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45929 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a text validation issue. Successful exploitation allows attackers to lead to a denial of service. oval:org.secpod.oval:def:116061 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:116108 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:1801183 CVE-2018-4246 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4261 Processing maliciously crafted web content may lead to arbitrary code execution ... oval:org.secpod.oval:def:704334 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:44802 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-8. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:2000193 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:45936 The host is installed with Apple Safari before 11.1.1 and is prone to an address bar spoofing vulnerability. A flaw is present in the applications, which fails to properly handle inconsistent user interface issues. Successful exploitation may lead to address bar spoofing. oval:org.secpod.oval:def:45944 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to cause arbitra ... oval:org.secpod.oval:def:2001499 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:45884 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45895 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:704127 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:45942 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle memory issues. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2001407 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows ... oval:org.secpod.oval:def:46817 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:44801 The host is installed with Apple iCloud before 7.4, Apple iTunes before 12.7.4 or Google Chrome before 68.0.3440.75 and is prone to a cross-origin information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation cou ... oval:org.secpod.oval:def:44800 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2000406 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:44812 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44823 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44824 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44825 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2001604 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:44821 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44829 The host is installed with Apple Safari before 11.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service. oval:org.secpod.oval:def:44830 The host is installed with Apple Safari before 11.1 or Google Chrome before 68.0.3440.75 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service ... oval:org.secpod.oval:def:2000518 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:114649 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:2000168 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000156 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:704062 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:2000389 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:46785 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:46780 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:114728 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:46823 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:51060 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:52040 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:2001460 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:44784 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44793 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44795 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44796 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44797 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45890 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:45934 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:46304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to spoof address bars or ... oval:org.secpod.oval:def:46311 The host is installed with Apple Safari before 11.1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:2000536 In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. oval:org.secpod.oval:def:46303 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:46302 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:704284 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46294 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted content. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:45886 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:1901135 do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. oval:org.secpod.oval:def:53018 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:704827 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:43634 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a resource exhaustion issue. Successful exploitation allows an application to cause denial of service. oval:org.secpod.oval:def:43633 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43631 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute an arbitrary c ... oval:org.secpod.oval:def:43637 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle a certificate evaluation issue. Successful exploitation makes a certificate to have name constraints applied incor ... oval:org.secpod.oval:def:43635 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an attacker to perform an arbitrary code ... oval:org.secpod.oval:def:44923 The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:43625 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code by processing a ... oval:org.secpod.oval:def:43629 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43630 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a race condition issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:51986 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43212 The host is missing a security update according to Apple advisory, APPLE-SA-2017-12-13-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successful exploitation c ... oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:46789 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:44831 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:46752 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46827 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46821 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:115120 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:53380 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issu ... oval:org.secpod.oval:def:115022 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:34287 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:36326 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attackers to crash the service, disclose th ... oval:org.secpod.oval:def:36255 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-6. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the servi ... oval:org.secpod.oval:def:34616 The host is missing a security update according to Apple advisory, APPLE-SA-2016-05-16-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:602524 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the applica ... oval:org.secpod.oval:def:34666 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34667 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34664 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34665 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34663 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to have unsp ... oval:org.secpod.oval:def:34660 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... oval:org.secpod.oval:def:34661 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to an unexpe ... |