Download
| Alert*
|
oval:org.secpod.oval:def:505604
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 52.0.2743.82. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or d ... oval:org.secpod.oval:def:39489 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:36383 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:602712 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the applica ... oval:org.secpod.oval:def:602576 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1706 Pinkie Pie dis ... oval:org.secpod.oval:def:36402 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:37355 The host is installed with Apple Mac OS X or Server 10.11.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to execute arbitrary code. oval:org.secpod.oval:def:36364 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:36363 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:51610 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:36395 The host is installed with Google Chrome before 52.0.2743.82 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:36350 The host is installed with Google Chrome before 52.0.2743.82 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:703221 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:36376 The host is installed with Mac OS X 10.11.6 or Google Chrome before 52.0.2743.82 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:36349 The host is installed with Google Chrome before 52.0.2743.82 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:703519 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:51745 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:1601179 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnera ... oval:org.secpod.oval:def:1504389 [2.9.1-6.0.1.4] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-6.4] - Fix CVE-2015-8035 - Fix CVE-2018-14404 - Fix CVE-2017-15412 - Fix CVE-2016-5131 - Fix CVE-2017-18258 - Fix CVE-2018-1456 oval:org.secpod.oval:def:1700375 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnera ... oval:org.secpod.oval:def:503595 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c * libxml2: DoS caus ... oval:org.secpod.oval:def:205539 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c * libxml2: DoS caus ... oval:org.secpod.oval:def:37306 The host is missing a critical security update according to Apple advisory, APPLE-SA-2016-09-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:112278 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:112275 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:113949 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:114010 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:89043566 This update for libxml2 fixes one issue. This security issue was fixed: - CVE-2017-15412: Prevent use after free when calling XPath extension functions that allowed remote attackers to cause DoS or potentially RCE - CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed remote attackers to ... oval:org.secpod.oval:def:89043904 This update for libxml2 fixes several issues. Theses security issues were fixed: - CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or memory exhaustion when expanding a parameter entity in a DTD . - CVE-2017-15412: Prevent use after free when calling XPath extension functions ... |
