Download
| Alert*
oval:org.secpod.oval:def:43087
The host is installed with Google Chrome before 63.0.3239.84 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:43062 The host is installed with Google Chrome before 63.0.3239.84 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:43088 The host is installed with Google Chrome before 63.0.3239.84 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:505593 Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 63.0.3239.84. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or d ... oval:org.secpod.oval:def:43076 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:114193 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:113857 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:43116 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:43115 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:43136 The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:52092 libxml2: GNOME XML library libxml2 could be made to crash or run arbitrary code if it opened a specially crafted file. oval:org.secpod.oval:def:603240 Nick Wellnhofer discovered that certain function calls inside XPath predicates can lead to use-after-free and double-free errors when executed by libxml2"s XPath engine via an XSLT transformation. oval:org.secpod.oval:def:43122 The host is installed with Google Chrome before 63.0.3239.84 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:53231 Nick Wellnhofer discovered that certain function calls inside XPath predicates can lead to use-after-free and double-free errors when executed by libxml2"s XPath engine via an XSLT transformation. oval:org.secpod.oval:def:704219 libxml2: GNOME XML library libxml2 could be made to crash or run arbitrary code if it opened a specially crafted file. oval:org.secpod.oval:def:113859 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:89043566 This update for libxml2 fixes one issue. This security issue was fixed: - CVE-2017-15412: Prevent use after free when calling XPath extension functions that allowed remote attackers to cause DoS or potentially RCE - CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed remote attackers to ... oval:org.secpod.oval:def:89043904 This update for libxml2 fixes several issues. Theses security issues were fixed: - CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or memory exhaustion when expanding a parameter entity in a DTD . - CVE-2017-15412: Prevent use after free when calling XPath extension functions ... oval:org.secpod.oval:def:1601179 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnera ... oval:org.secpod.oval:def:1504389 [2.9.1-6.0.1.4] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-6.4] - Fix CVE-2015-8035 - Fix CVE-2018-14404 - Fix CVE-2017-15412 - Fix CVE-2016-5131 - Fix CVE-2017-18258 - Fix CVE-2018-1456 oval:org.secpod.oval:def:1700375 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnera ... oval:org.secpod.oval:def:503595 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c * libxml2: DoS caus ... oval:org.secpod.oval:def:205539 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c * libxml2: DoS caus ... |