Download
| Alert*
|
oval:org.secpod.oval:def:44867
The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:16643 The host is installed with Apple iTunes before 11.1.4 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle the contents of the iTunes Tutorials window. Successful exploitation allows attackers to gain control and inject arbitrar ... oval:org.secpod.oval:def:15598 The host is missing a security update according to Apple advisory, APPLE-SA-2013-09-18-1. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle certain vectors in ActiveX control. Successful exploitation allows attackers to c ... oval:org.secpod.oval:def:15599 The host is installed with Apple iTunes before 11.1.0.126 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle certain vectors in ActiveX control. Successful exploitation allows attackers to cause an unexpected application termination or ar ... oval:org.secpod.oval:def:45925 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45926 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45927 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:1801183 CVE-2018-4246 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4261 Processing maliciously crafted web content may lead to arbitrary code execution ... oval:org.secpod.oval:def:704334 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:44802 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-8. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:2000193 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:16642 The host is missing a security update according to Apple advisory, APPLE-SA-2014-01-22-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the contents of the iTunes Tutorials window. Successful exploitation allows attac ... oval:org.secpod.oval:def:11131 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11132 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11133 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11134 The host is installed with Apple iTunes before 11.0.3.42 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle a multiple memory corruption issues. Successful exploitation could allow attackers to execute arbitrary code or cras ... oval:org.secpod.oval:def:11135 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11136 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11162 The host is installed with Apple iTunes before 11.0.3.42 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arb ... oval:org.secpod.oval:def:11164 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11165 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11166 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11167 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpec ... oval:org.secpod.oval:def:11168 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11169 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11173 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11174 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11175 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11176 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11177 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11178 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11179 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11170 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11171 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11172 The host is installed with Apple iTunes before 11.0.3, Apple Safari before 6.0.5 on Mac OS X 10.7 or later or Safari before 5.1.10 on Mac OS X 10.6 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruptio ... oval:org.secpod.oval:def:11140 The host is installed with Apple iTunes before 11.0.3.42 and is prone to man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:11141 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11142 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11143 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11144 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11145 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11146 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11137 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11138 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11139 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitr ... oval:org.secpod.oval:def:11184 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11185 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11188 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11180 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11181 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11182 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:11183 The host is installed with Apple iTunes before 11.0.3 or Apple Safari before 6.0.5 and is prone to a man in the middle attack vulnerability. A flaw is present in the applications, which fail to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to unexpe ... oval:org.secpod.oval:def:45936 The host is installed with Apple Safari before 11.1.1 and is prone to an address bar spoofing vulnerability. A flaw is present in the applications, which fails to properly handle inconsistent user interface issues. Successful exploitation may lead to address bar spoofing. oval:org.secpod.oval:def:45944 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to cause arbitra ... oval:org.secpod.oval:def:2001499 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:45307 The host is installed with Apple Safari before 11.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle a memory corruption issue. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:45305 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sens ... oval:org.secpod.oval:def:45884 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45885 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2000468 An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" componen ... oval:org.secpod.oval:def:45895 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:11163 The host is missing an important security update according to Apple security advisory, APPLE-2013-05-16-1. The update is required to fix man in the middle attack vulnerability. The flaws are present in the application, which fails to properly handle multiple memory corruption issues. Successful expl ... oval:org.secpod.oval:def:11187 The host is missing an important security update according to Apple security advisory, APPLE-2013-05-16-1. The update is required to fix man in the middle attack vulnerability. The flaws are present in the application, which fails to properly handle multiple memory corruption issues. Successful expl ... oval:org.secpod.oval:def:20049 The host is missing an important security update according to Apple security advisory, APPLE-SA-2014-05-16-1. The update is required to fix security bypass vulnerability. The flaw is present in the application, which fail to handle standard filesystem operations. Successful exploitation could allow ... oval:org.secpod.oval:def:20048 The host is installed with Apple iTunes before 11.2.1 and is prone to security bypass vulnerability. A flaw is present in the application, which fail to handle standard filesystem operations. Successful exploitation could allow attackers to modify files and consequently obtain access to arbitrary us ... oval:org.secpod.oval:def:11147 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly verify X.509 certificates. Successful exploitation could allow attackers to spoof HTTPS servers via an arbitrary certificate. oval:org.secpod.oval:def:11186 The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly verify X.509 certificates. Successful exploitation could allow attackers to spoof HTTPS servers via an arbitrary certificate. oval:org.secpod.oval:def:16644 The host is installed with Apple iTunes before 11.1.4 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle the contents of the iTunes Tutorials window. Successful exploitation allows attackers to gain control and inject arbitrar ... oval:org.secpod.oval:def:16645 The host is missing a security update according to Apple advisory, APPLE-SA-2014-01-22-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the contents of the iTunes Tutorials window. Successful exploitation allows attac ... oval:org.secpod.oval:def:704127 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:2000204 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000464 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:45942 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle memory issues. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2001407 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows ... oval:org.secpod.oval:def:46817 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:44801 The host is installed with Apple iCloud before 7.4, Apple iTunes before 12.7.4 or Google Chrome before 68.0.3440.75 and is prone to a cross-origin information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation cou ... oval:org.secpod.oval:def:44800 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2000406 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:44812 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44814 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44823 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44824 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44825 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44826 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2001604 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:44821 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44829 The host is installed with Apple Safari before 11.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service. oval:org.secpod.oval:def:44830 The host is installed with Apple Safari before 11.1 or Google Chrome before 68.0.3440.75 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service ... oval:org.secpod.oval:def:44831 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:2000518 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:114649 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:2000168 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:704068 webkit2gtk: Web content engine library for GTK+ A security issue was fixed in WebKitGTK+. oval:org.secpod.oval:def:2000156 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:704062 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:114541 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:2000389 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:114411 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:46785 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:46780 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:114728 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:46823 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:51060 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:52040 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:2001460 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:44784 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44786 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44793 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44795 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44796 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44797 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44798 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45890 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:45934 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:46304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to spoof address bars or ... oval:org.secpod.oval:def:46307 The host is installed with Apple Safari before 11.1.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a malicious website. Successful exploitation allows attackers to exfiltrate cross-origin the sound fetched through audio elements. oval:org.secpod.oval:def:46311 The host is installed with Apple Safari before 11.1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:2000536 In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. oval:org.secpod.oval:def:46303 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:46302 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:704284 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46294 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted content. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:46290 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a cross-origin data bypass vulnerability. A flaw is present in the application, which fails to properly perform audio taint tracking. Successful exploitation could allow attackers to exfiltrate audio data ... oval:org.secpod.oval:def:45886 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113825 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113612 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113854 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:703931 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:44922 The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44923 The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113665 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:42619 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:703886 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:113634 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:51986 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43212 The host is missing a security update according to Apple advisory, APPLE-SA-2017-12-13-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successful exploitation c ... oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:46789 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46752 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46827 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46821 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:115120 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:53380 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issu ... oval:org.secpod.oval:def:115022 Chromium is an open-source web browser, powered by WebKit . |
