Download
| Alert*
|
oval:org.secpod.oval:def:38963
The host is installed with OpenSSL 1.1.0 before 1.1.0d or 1.0.2 before 1.0.2k and is prone to an unspecified vulnerability. A flaw is present in the application, which fails through unknown vectors. Successful exploitation allows remote attackers to cause unknown impact. oval:org.secpod.oval:def:112006 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:112007 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:51710 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:41382 The host is installed with Oracle MySQL Server through 5.6.35 or 5.7.17 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Security: Encryption (OpenSSL). Successful exploitation allows attackers to affect Confidential ... oval:org.secpod.oval:def:1800846 CVE-2017-3731: Truncated packet could crash via OOB read If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cra ... oval:org.secpod.oval:def:703441 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:2100575 There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed li ... oval:org.secpod.oval:def:89044816 This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-37 ... oval:org.secpod.oval:def:1000749 The remote host is missing a patch 150383-18 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1800417 CVE-2017-3731: Truncated packet could crash via OOB read. If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the cr ... oval:org.secpod.oval:def:505383 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:1000774 The remote host is missing a patch 151913-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89002462 This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit ... oval:org.secpod.oval:def:1000771 The remote host is missing a patch 151912-09 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89002262 This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit ... oval:org.secpod.oval:def:505653 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:1000609 The remote host is missing a patch 151913-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000608 The remote host is missing a patch 151912-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:505578 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... |
