[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:52443
tiff: Tag Image File Format library Details: USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for ...

oval:org.secpod.oval:def:44096
The host is installed with Apple Mac OS X 10.13.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker processing a maliciously crafted string to lead to heap co ...

oval:org.secpod.oval:def:44097
The host is missing a security update according to Apple advisory, APPLE-SA-2018-02-19-2. The update is required to fix memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could allow attackers pro ...

oval:org.secpod.oval:def:45302
The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues with improper error handling. Successful exploitation leads an application to gain elevated privileges ...

oval:org.secpod.oval:def:45303
The host is installed with Apple Mac OS X 10.13.4 and is prone to a UI-spoofing vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted test message. Successful exploitation leads to UI spoofing.

oval:org.secpod.oval:def:45304
The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-2. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly handle maliciously crafted vectors. Successful exploitation may lead to UI spoofing or memor ...

oval:org.secpod.oval:def:43039
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:43043
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:43041
The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:43040
The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to cause unexpected system termination or read ke ...

oval:org.secpod.oval:def:43046
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with ...

oval:org.secpod.oval:def:43045
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to execute arbitrary c ...

oval:org.secpod.oval:def:43044
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:43049
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a multiple memory corruption vulnerabilities. The flaw is present in the application, which fails to properly handle a type confusion issue. Successful exploitation allows attackers to allow an application to rea ...

oval:org.secpod.oval:def:43048
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:43050
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to allow an application to exe ...

oval:org.secpod.oval:def:43054
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an inconsistent user interface issue. Successful exploitation gives privileges to attackers so that a S/MIME encrypted e ...

oval:org.secpod.oval:def:43053
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ...

oval:org.secpod.oval:def:43052
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ...

oval:org.secpod.oval:def:43051
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restricted memory.

oval:org.secpod.oval:def:43055
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an encryption issue. Successful exploitation allows attackers with a privileged network position may be able to intercep ...

oval:org.secpod.oval:def:44845
The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:44846
The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:44841
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an access control vulnerability. A flaw is present in the application, which fails to properly a mounted malicious disk image. Successful exploitation allows an application to launch an application.

oval:org.secpod.oval:def:44842
The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ...

oval:org.secpod.oval:def:44843
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44844
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44850
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with kernel pri ...

oval:org.secpod.oval:def:44851
The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read issues. Successful exploitation allows an application to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:44856
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44857
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44858
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:44859
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:44852
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted applications. Successful exploitation allows an application to bypass code signing en ...

oval:org.secpod.oval:def:44853
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with system pri ...

oval:org.secpod.oval:def:44854
The host is installed with Apple Mac OS X 10.13.3 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle S/MIME-encrypted HTML e-mail. Successful exploitation allows an application to exfiltrate the contents of S/MIME-en ...

oval:org.secpod.oval:def:44855
The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle inconsistent user-interface. Successful exploitation allows an application to intercept the contents of S/MIME-encrypted e-m ...

oval:org.secpod.oval:def:44860
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:44861
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44867
The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory.

oval:org.secpod.oval:def:44863
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:44865
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle bracketed paste mode. Successful exploitation allows an application to execute arbitrary command exe ...

oval:org.secpod.oval:def:44866
The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle keystrokes entered by unprivileged applications. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:44834
The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ...

oval:org.secpod.oval:def:44835
The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44836
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44837
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges.

oval:org.secpod.oval:def:44832
The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle passwords passed to sysadminctl tool. Successful exploitation leads to the exposure of passwords to other local users.

oval:org.secpod.oval:def:44833
The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted files in symlinks. Successful exploitation allows attackers to disclose user informa ...

oval:org.secpod.oval:def:44839
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information access vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted webpages. Successful exploitation allows an application to mount a disk image.

oval:org.secpod.oval:def:1600989
do_bid_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printf and file_vprintf. do_core_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360 . do_core_note in readelf.c in libm ...

oval:org.secpod.oval:def:42916
The host is installed with Apple Mac OS X 10.12.6 or before 10.13.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issue. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:42919
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle path handling issue. Successful exploitation could allow attackers to modify restricted areas of file syst ...

oval:org.secpod.oval:def:48696
The host is installed with Apple Mac OS X or Server 10.10.5, 10.11.6 or 10.12.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation could allow attackers to disclose process memory.

oval:org.secpod.oval:def:48697
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:48695
The host is installed with Apple Mac OS X or Server 10.10.5, 10.11.6 or 10.12.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation could allow attackers to execute arbitrary code with kerne ...

oval:org.secpod.oval:def:702489
tiff: Tag Image File Format library Details: USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for ...

oval:org.secpod.oval:def:48708
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly perform bounds checking. Successful exploitation allows attackers to read restricted memory.

oval:org.secpod.oval:def:48705
The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to an insufficient locking vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow the screen to unexpectedly remain unlocked when the lid is cl ...

oval:org.secpod.oval:def:54621
The host is installed with Apple Mac OS X 10.12.6 or 10.13.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows an attacker to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:1801090
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

oval:org.secpod.oval:def:1801091
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

oval:org.secpod.oval:def:1801087
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

oval:org.secpod.oval:def:1801089
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

oval:org.secpod.oval:def:24433
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted bundle. Successful exploitation allows remote attackers to launch specially cr ...

oval:org.secpod.oval:def:24434
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted bundle. Successful exploitation allows remote attackers to launch specially cr ...

oval:org.secpod.oval:def:24417
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle a crafted localized string. Successful exploitation allows local users to gain privileges ...

oval:org.secpod.oval:def:24403
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges.

oval:org.secpod.oval:def:24404
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges.

oval:org.secpod.oval:def:24405
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges.

oval:org.secpod.oval:def:24406
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges.

oval:org.secpod.oval:def:24407
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to gain privileges.

oval:org.secpod.oval:def:24408
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:24410
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted .sgi file. Successful exploitation allows attackers to crash the service.

oval:org.secpod.oval:def:24411
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows attackers to execute arbitrary code.

oval:org.secpod.oval:def:24451
The host is installed with Apple Mac OS X or Server 10.9.5 or 10.10.x through 10.10.2 and is prone to a null pointer dereference vulnerability. A flaw is present in the application, which fails to properly perform content validation. Successful exploitation allows attackers to execute arbitrary code ...

oval:org.secpod.oval:def:24452
The host is installed with Apple Mac OS X or Server 10.9.5 or 10.10.x through 10.10.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which sends unencrypted password-change requests in certain circumstances involving missing certificates. Successful ex ...

oval:org.secpod.oval:def:43362
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ...

oval:org.secpod.oval:def:43361
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ...

oval:org.secpod.oval:def:43366
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:43365
The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:43364
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle screen sharing sessions. Successful exploitation allows a user with screen sharing access to access any file readable ...

oval:org.secpod.oval:def:43363
The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a security bypass vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue existing in the kernel. Successful exploitation allows a local user to cause unexp ...

oval:org.secpod.oval:def:45930
The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with system privile ...

oval:org.secpod.oval:def:45902
The host is installed with Apple Mac OS X 10.13.4 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the memory handling issue. Successful exploitation allows attackers with a malicious application to elevate privileges.

oval:org.secpod.oval:def:45903
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an object management issue. Successful exploitation allows attackers to determine kernel memory layout.

oval:org.secpod.oval:def:45904
The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the configuration issue. Successful exploitation allows attackers with root privileges to modify the EFI flash memory region.

oval:org.secpod.oval:def:45900
The host is installed with Apple Mac OS X 10.13.4 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle input validation issue. Successful exploitation allows attackers to read kernel memory.

oval:org.secpod.oval:def:45909
The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to spoof password prompts in iBooks.

oval:org.secpod.oval:def:45905
The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform arbitrary code execution.

oval:org.secpod.oval:def:45906
The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the entitlement plists issue. Successful exploitation allows attackers to circumvent sandbox restrictions.

oval:org.secpod.oval:def:45907
The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory.

oval:org.secpod.oval:def:45912
The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:45913
The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:45914
The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform a denial of service attack.

oval:org.secpod.oval:def:45910
The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory.

oval:org.secpod.oval:def:45911
The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:45916
The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:45917
The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:45918
The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to gain elevated privileges.

oval:org.secpod.oval:def:45919
The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an encrypted mail issue. Successful exploitation allows attackers to exfiltrate the contents of S/MIME-encrypted e-mail.

oval:org.secpod.oval:def:45923
The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent account identifier.

oval:org.secpod.oval:def:45924
The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the S-MIME certificaties issue. Successful exploitation allows attackers to track users by malicious websites using client certificates ...

oval:org.secpod.oval:def:45925
The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier.

oval:org.secpod.oval:def:45926
The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier.

oval:org.secpod.oval:def:45920
The host is installed with Apple Mac OS X 10.13.4 and is prone to a messages injection vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to conduct impersonation attacks.

oval:org.secpod.oval:def:45921
The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a message validation issue. Successful exploitation allows attackers to lead to denial of service.

oval:org.secpod.oval:def:45922
The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:45927
The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier.

oval:org.secpod.oval:def:45928
The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a microphone access issue. Successful exploitation allows attackers to circumvent sandbox restrictions.

oval:org.secpod.oval:def:45929
The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a text validation issue. Successful exploitation allows attackers to lead to a denial of service.

oval:org.secpod.oval:def:45899
The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle memory management issue. Successful exploitation allows attackers to execute arbitrary code with system privileges.

oval:org.secpod.oval:def:116061
The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats.

oval:org.secpod.oval:def:116108
The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats.

oval:org.secpod.oval:def:113037
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ...

oval:org.secpod.oval:def:113032
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ...

oval:org.secpod.oval:def:113023
Spatialite-Tools is a set of useful CLI tools for SpatiaLite.

oval:org.secpod.oval:def:113139
Chromium is an open-source web browser, powered by WebKit .

oval:org.secpod.oval:def:603037
Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5087 Ned Williamson discovered a way to escape the sandbox. CVE-2017-5088 Xiling Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2017-5089 Michal Bentkowski discovered a spoofing issue. C ...

oval:org.secpod.oval:def:113068
Chromium is an open-source web browser, powered by WebKit .

oval:org.secpod.oval:def:45896
The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:21758
The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted application. Successful exploitation allows attackers to obtain sensitive memory-co ...

oval:org.secpod.oval:def:21756
The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted application. Successful exploitation allows attackers to obtain sensitive memory-co ...

oval:org.secpod.oval:def:21757
The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted application. Successful exploitation allows attackers to obtain sensitive memory-co ...

oval:org.secpod.oval:def:53567
The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an issue in perl. Successful exploitation allows an attacker to cause unspecified impact.

oval:org.secpod.oval:def:53350
Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive.

oval:org.secpod.oval:def:114665
Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ...

oval:org.secpod.oval:def:114659
Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ...

oval:org.secpod.oval:def:603428
Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive.

oval:org.secpod.oval:def:704204
perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file.

oval:org.secpod.oval:def:51088
perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file.

oval:org.secpod.oval:def:1901135
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

oval:org.secpod.oval:def:53018
file: Tool to determine file types Several security issues were fixed in file.

oval:org.secpod.oval:def:704827
file: Tool to determine file types Several security issues were fixed in file.

oval:org.secpod.oval:def:45908
The host is installed with Apple Mac OS X 10.13.4 or 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:48636
The host is installed with Apple Mac OS X 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows an attacker to execute arbitrary code with kernel privileges.

oval:org.secpod.oval:def:43634
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a resource exhaustion issue. Successful exploitation allows an application to cause denial of service.

oval:org.secpod.oval:def:43633
The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:43632
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a logic issue. Successful exploitation allows an application to execute an arbitrary code with kernel privile ...

oval:org.secpod.oval:def:43631
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute an arbitrary c ...

oval:org.secpod.oval:def:43638
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an attacker to read restricted memory.

oval:org.secpod.oval:def:43637
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle a certificate evaluation issue. Successful exploitation makes a certificate to have name constraints applied incor ...

oval:org.secpod.oval:def:43636
The host is installed with Apple Mac OS X 10.13.2 and is prone to an unspecified vulnerability. The flaw is present in the application, which fails to properly handle an access issue. Successful exploitation allows a sandboxed process to circumvent sandbox restrictions.

oval:org.secpod.oval:def:43635
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an attacker to perform an arbitrary code ...

oval:org.secpod.oval:def:1800989
CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM

oval:org.secpod.oval:def:53326
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ...

oval:org.secpod.oval:def:53328
Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ...

oval:org.secpod.oval:def:114497
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:114565
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:45915
The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an undocumented instructions issue. Successful exploitation allows attackers to execute arbitrary code with ker ...

oval:org.secpod.oval:def:53540
The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ...

oval:org.secpod.oval:def:43627
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code w ...

oval:org.secpod.oval:def:43625
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code by processing a ...

oval:org.secpod.oval:def:43629
The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:43630
The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a race condition issue. Successful exploitation allows an application to read restricted memory.

oval:org.secpod.oval:def:114424
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:705016
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ...

oval:org.secpod.oval:def:113991
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:48698
The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:1502203
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502204
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502201
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502202
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502205
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:113936
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:1801000
CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM

oval:org.secpod.oval:def:1801001
CVE-2018-8897, XSA-260: x86: mishandling of debug exceptions

oval:org.secpod.oval:def:1801004
CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM

oval:org.secpod.oval:def:45418
The host is missing an important security update for KB4103731

oval:org.secpod.oval:def:45419
The host is missing an important security update for KB4103730

oval:org.secpod.oval:def:45416
The host is missing an important security update for KB4134651

oval:org.secpod.oval:def:45421
The host is missing an important security update 4103715

oval:org.secpod.oval:def:45543
The host is missing an important security update 4103718

oval:org.secpod.oval:def:45423
The host is missing an important security update for KB4103721

oval:org.secpod.oval:def:45436
The host is missing an important security update for KB4103725

oval:org.secpod.oval:def:45437
The host is missing an important security update 4103726

oval:org.secpod.oval:def:45438
The host is missing an important security update for KB4103727

oval:org.secpod.oval:def:57782
linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ...

oval:org.secpod.oval:def:45440
The host is missing an important security update 4103712

oval:org.secpod.oval:def:603396
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ...

oval:org.secpod.oval:def:43213
The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ...

oval:org.secpod.oval:def:703972
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:43587
The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ...

oval:org.secpod.oval:def:115029
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:115530
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:114551
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:115435
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:1502222
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:114789
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:114727
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:114614
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:204852
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ...

oval:org.secpod.oval:def:48684
The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ...

oval:org.secpod.oval:def:47664
The host is installed with Apple Mac OS before 10.14 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory.

oval:org.secpod.oval:def:502332
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ...

oval:org.secpod.oval:def:115038
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor

oval:org.secpod.oval:def:1800708
CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ...

oval:org.secpod.oval:def:54654
The host is missing a security update according to Apple advisory, APPLE-SA-2019-5-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause memory ...

oval:org.secpod.oval:def:2000274
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange ...

oval:org.secpod.oval:def:46333
The host is installed with Apple Mac OS 10.13.5, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory.

oval:org.secpod.oval:def:45898
The host is installed with Apple Mac OS 10.13.4, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory or ...

oval:org.secpod.oval:def:46880
The host is installed with Apple Mac OS X 10.13.5 , 10.13.4 or before 10.14 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. On successful exploitation, an attacker may be able to intercept bluetooth tr ...

oval:org.secpod.oval:def:502287
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ...

oval:org.secpod.oval:def:1700044
A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ...

oval:org.secpod.oval:def:1502207
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:204822
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ...

oval:org.secpod.oval:def:43639
The host is installed with Apple Mac OS 10.13.1 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory.

oval:org.secpod.oval:def:502286
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ...

oval:org.secpod.oval:def:204798
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ...

oval:org.secpod.oval:def:1502206
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:603398
Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ...

oval:org.secpod.oval:def:1501540
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:1501543
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:1200003
A use-after-free flaw was found in PHP"s OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. A NULL pointer dereference flaw was found in PHP"s pgsql extension. A specially crafted table name passed to function as pg_insert or pg_select could cause a PHP app ...

oval:org.secpod.oval:def:52440
tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:1200048
A buffer overflow vulnerability was found in PHP"s phar implementation. See https://bugs.php.net/bug.php?id=69324 for more details. A use-after-free flaw was found in PHP"s phar paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memo ...

oval:org.secpod.oval:def:25257
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in libtiff, which fails to handle unspecified vectors. Successful exploitation allows attackers to arbitrary code execution.

oval:org.secpod.oval:def:25258
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in libtiff, which fails to handle unspecified vectors. Successful exploitation allows attackers to arbitrary code execution.

oval:org.secpod.oval:def:1501042
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ...

oval:org.secpod.oval:def:30961
The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-30-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ...

oval:org.secpod.oval:def:26614
The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.5 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted unserialize call that leverages use of the unset function within an __wakeup function. Successful ex ...

oval:org.secpod.oval:def:26616
The host is installed with Apple Mac OS X or Server 10.8, 10.9 or before 10.10.5 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. Successful exploit ...

oval:org.secpod.oval:def:602114
William Robinet and Michal Zalewski discovered multiple vulnerabilities in the TIFF library and its tools, which may result in denial of service or the execution of arbitrary code if a malformed TIFF file is processed.

oval:org.secpod.oval:def:203982
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:26707
The host is missing a security update according to Apple advisory, APPLE-SA-2015-08-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation may lead to an unexpected application terminati ...

oval:org.secpod.oval:def:203978
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:602132
Multiple vulnerabilities have been discovered in PHP: CVE-2015-4025 / CVE-2015-4026 Multiple function didn"t check for NULL bytes in path names. CVE-2015-4024 Denial of service when processing multipart/form-data requests. CVE-2015-4022 Integer overflow in the ftp_genlist function may result in deni ...

oval:org.secpod.oval:def:1501060
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ...

oval:org.secpod.oval:def:501854
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:30907
The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to produce unknown impact.

oval:org.secpod.oval:def:39718
The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:501858
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:702486
tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file.

oval:org.secpod.oval:def:25312
The host is missing a security update according to Apple advisory, APPLE-SA-2015-06-30-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation leads to information disclosure, security bypas ...

oval:org.secpod.oval:def:203664
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ...

oval:org.secpod.oval:def:203655
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ...

oval:org.secpod.oval:def:108766
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:1600435
Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. Multiple flaws have been discovered in va ...

oval:org.secpod.oval:def:1200076
A use-after-free flaw was found in PHP"s OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. A NULL pointer dereference flaw was found in PHP"s pgsql extension. A specially crafted table name passed to function as pg_insert or pg_select could cause a PHP app ...

oval:org.secpod.oval:def:24750
The host is installed with libtiff on RHEL 5, 6 or 7 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:24753
The host is installed with libtiff in RHEL 5, 6 or 7 and is prone to a divide by zero vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:501581
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ...

oval:org.secpod.oval:def:501590
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ...

oval:org.secpod.oval:def:702513
php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:24460
The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ...

oval:org.secpod.oval:def:45422
The host is missing an important security update for KB4103716

oval:org.secpod.oval:def:45388
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ...

oval:org.secpod.oval:def:45435
The host is missing an important security update for KB4103723

oval:org.secpod.oval:def:1502220
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502215
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502217
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1600892
A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ...

CVE    194
CVE-2017-13904
CVE-2017-13853
CVE-2017-13852
CVE-2017-13850
...
*CPE
cpe:/o:apple:mac_os_x:10.10.1

© SecPod Technologies