Download
| Alert*
oval:org.secpod.oval:def:2000212
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6. ... oval:org.secpod.oval:def:1502089 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204563 The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, exec ... oval:org.secpod.oval:def:1600846 Denial of service in vpx/src/vpx_image.c fileA vulnerability in the Android media framework related to odd frame width oval:org.secpod.oval:def:1600703 Unsafe second checksum calculation in udp.c:The Linux kernel allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. This may create a kernel panic or memory corruption leadin ... oval:org.secpod.oval:def:1501825 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501836 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1902119 In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 ... oval:org.secpod.oval:def:703828 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Several security issues were fixed in Dnsmasq. oval:org.secpod.oval:def:113295 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-all ... oval:org.secpod.oval:def:113341 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-all ... oval:org.secpod.oval:def:502143 The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, exec ... oval:org.secpod.oval:def:112332 This package contains a convenience library to simplify using the Linux kernels netlink sockets interface for network manipulation oval:org.secpod.oval:def:112300 This package contains a convenience library to simplify using the Linux kernels netlink sockets interface for network manipulation oval:org.secpod.oval:def:113604 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-all ... oval:org.secpod.oval:def:1502020 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51908 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Several security issues were fixed in Dnsmasq. oval:org.secpod.oval:def:1600756 Integer overflow in nlmsg_reserve:An integer overflow leading to a heap-buffer overflow was found in the libnl library. An attacker could use this flaw to cause an application compiled with libnl to crash or possibly execute arbitrary code in the context of the user running such an application oval:org.secpod.oval:def:1600780 Information leak in the DHCPv6 relay codeAn information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. Memory exhaustion vulner ... oval:org.secpod.oval:def:603116 Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron Bowes and Gynvael Coldwind of the Google Security Team discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server, which may result in denial of service, information leak or the execution of arbit ... oval:org.secpod.oval:def:1501942 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703642 libnl3: library for dealing with netlink sockets libnl could be made to crash or run programs. oval:org.secpod.oval:def:53145 Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron Bowes and Gynvael Coldwind of the Google Security Team discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server, which may result in denial of service, information leak or the execution of arbit ... oval:org.secpod.oval:def:1700040 Denial of service in vpx/src/vpx_image.c fileA vulnerability in the Android media framework related to odd frame width. oval:org.secpod.oval:def:1901814 A vulnerability in the Android media framework related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201. oval:org.secpod.oval:def:603300 It was discovered that incorrect validation of frame widths in the libvpx multimedia library may result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:113918 libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide. oval:org.secpod.oval:def:53268 It was discovered that incorrect validation of frame widths in the libvpx multimedia library may result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:1501991 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501999 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501951 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2000274 Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange ... oval:org.secpod.oval:def:46880 The host is installed with Apple Mac OS X 10.13.5 , 10.13.4 or before 10.14 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. On successful exploitation, an attacker may be able to intercept bluetooth tr ... oval:org.secpod.oval:def:46333 The host is installed with Apple Mac OS 10.13.5, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:47664 The host is installed with Apple Mac OS before 10.14 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:1502082 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502053 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502056 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502058 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502000 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:45898 The host is installed with Apple Mac OS 10.13.4, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory or ... oval:org.secpod.oval:def:1501947 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501957 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501966 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:51892 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:703799 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:53120 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the applica ... oval:org.secpod.oval:def:603070 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the applica ... oval:org.secpod.oval:def:703802 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1501863 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501860 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501955 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501956 The advisory is missing the security advisory description. For more information please visit the reference link |