[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:41757
The operating system installed on the system is Microsoft Windows Server 2016.

oval:org.secpod.oval:def:39307
The host is missing an important security update according to Microsoft security bulletin, MS17-016. The update is required to fix an XSS elevation of privilege vulnerability. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:43895
The host is missing a critical security update for KB4074590

oval:org.secpod.oval:def:43884
The host is missing an important security update for KB4074588

oval:org.secpod.oval:def:43893
The host is missing a critical security update for KB4074592

oval:org.secpod.oval:def:43777
This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon at ...

oval:org.secpod.oval:def:43883
The host is missing an important security update for KB4074589

oval:org.secpod.oval:def:43887
The host is missing an important security update for KB4074591

oval:org.secpod.oval:def:43894
The host is missing a critical security update for KB4074593

oval:org.secpod.oval:def:43891
The host is missing a critical security update for KB4074851

oval:org.secpod.oval:def:43898
The host is missing an important security update for KB4074594

oval:org.secpod.oval:def:43897
The host is missing an important security update for KB4074597

oval:org.secpod.oval:def:43896
The host is missing a critical security update for KB4074596

oval:org.secpod.oval:def:43860
A remote code execution vulnerability exists in StructuredQuery when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative us ...

oval:org.secpod.oval:def:43885
The host is missing an important security update for KB4074587

oval:org.secpod.oval:def:43892
The host is missing a critical security update for KB4074598

oval:org.secpod.oval:def:44970
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to l ...

oval:org.secpod.oval:def:44978
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44979
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44974
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ...

oval:org.secpod.oval:def:44980
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44981
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44982
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44983
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44984
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44985
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kern ...

oval:org.secpod.oval:def:44990
An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. An attac ...

oval:org.secpod.oval:def:45005
The host is missing an important security update for KB4093478

oval:org.secpod.oval:def:44989
An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could th ...

oval:org.secpod.oval:def:44997
The host is missing an important security update for KB4093257

oval:org.secpod.oval:def:44999
The host is missing a critical security update for KB4093114

oval:org.secpod.oval:def:44998
The host is missing a critical security update for 4093115

oval:org.secpod.oval:def:45002
The host is missing a critical security update for KB4093119

oval:org.secpod.oval:def:45004
The host is missing an important security update for KB4093109

oval:org.secpod.oval:def:45000
The host is missing a critical security update for KB4093111

oval:org.secpod.oval:def:45001
The host is missing a critical security update for KB4093112

oval:org.secpod.oval:def:45006
The host is missing an important security update for KB4093107

oval:org.secpod.oval:def:45008
The host is missing a critical security update for KB4093108

oval:org.secpod.oval:def:45009
The host is missing a critical security update for KB4093118

oval:org.secpod.oval:def:45013
The host is missing a critical security update for KB4093122

oval:org.secpod.oval:def:45014
The host is missing a critical security update for KB4093123

oval:org.secpod.oval:def:38294
The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Uniscribe, which fails to properly h ...

oval:org.secpod.oval:def:39114
The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Server 2016, or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI, which fails to handle a craf ...

oval:org.secpod.oval:def:39322
The host is missing an important security update according to Microsoft security bulletin, MS17-021. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to discl ...

oval:org.secpod.oval:def:39321
An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.In a web-based attack scenario, an attacker could host a website used to att ...

oval:org.secpod.oval:def:39328
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39329
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ...

oval:org.secpod.oval:def:39330
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39331
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39333
The host is missing a critical security update according to Microsoft security bulletin, MS17-008. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:39332
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ...

oval:org.secpod.oval:def:39334
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ...

oval:org.secpod.oval:def:39369
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ...

oval:org.secpod.oval:def:39411
The host is missing an critical security update according to Microsoft bulletin, MS17-013. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which improperly handles GDI components. An attacker who successfully exploited these vulnerabilities could ex ...

oval:org.secpod.oval:def:39421
The host is missing a critical security update according to Microsoft security bulletin, MS17-012. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:39823
The host is missing an important security update KB4015217

oval:org.secpod.oval:def:39836
A denial of service vulnerability exists in Active Directory when an authenticated attacker sends malicious search queries. An attacker who successfully exploited this vulnerability could cause the Active Directory service to become nonresponsive.To exploit this vulnerability, an attacker must have ...

oval:org.secpod.oval:def:40495
The host is missing an important security update KB4019472

oval:org.secpod.oval:def:40926
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full use ...

oval:org.secpod.oval:def:40879
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.An attacker who successfully exploited this vulnerability c ...

oval:org.secpod.oval:def:39839
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by runnin ...

oval:org.secpod.oval:def:40934
The host is missing an important security update KB4022715

oval:org.secpod.oval:def:41243
The host is missing an important security update KB4025339

oval:org.secpod.oval:def:41213
An Information Disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory.An attacker who successfully exploited this vulnerability could obtain information to further compromise the HTTP.sys server application system.A remote unauthenticated ...

oval:org.secpod.oval:def:41680
The host is missing a critical security update KB4034658

oval:org.secpod.oval:def:42355
The host is missing a critical security update KB4041691

oval:org.secpod.oval:def:42751
The host is missing an important security update KB4048953

oval:org.secpod.oval:def:45376
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first h ...

oval:org.secpod.oval:def:45377
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first h ...

oval:org.secpod.oval:def:45378
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. To exploit the vulnerability, a ...

oval:org.secpod.oval:def:45375
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ...

oval:org.secpod.oval:def:45379
A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker who has a domain user account ...

oval:org.secpod.oval:def:46092
The host is missing an important security update for KB4130956

oval:org.secpod.oval:def:45381
A security feature bypass exists when Windows incorrectly validates kernel driver signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed drivers into the kernel. In an attack scenario, an attacker could bypass security feature ...

oval:org.secpod.oval:def:42058
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

oval:org.secpod.oval:def:42057
An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. There are multiple ways an attacker could exploit the vulne ...

oval:org.secpod.oval:def:42056
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ...

oval:org.secpod.oval:def:46004
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. To exploit the vulnerability, a ...

oval:org.secpod.oval:def:46054
The host is missing a critical security update for KB4284880

oval:org.secpod.oval:def:45418
The host is missing an important security update for KB4103731

oval:org.secpod.oval:def:45419
The host is missing an important security update for KB4103730

oval:org.secpod.oval:def:45421
The host is missing an important security update 4103715

oval:org.secpod.oval:def:45422
The host is missing an important security update for KB4103716

oval:org.secpod.oval:def:45543
The host is missing an important security update 4103718

oval:org.secpod.oval:def:45423
The host is missing an important security update for KB4103721

oval:org.secpod.oval:def:45435
The host is missing an important security update for KB4103723

oval:org.secpod.oval:def:45436
The host is missing an important security update for KB4103725

oval:org.secpod.oval:def:45437
The host is missing an important security update 4103726

oval:org.secpod.oval:def:45438
The host is missing an important security update for KB4103727

oval:org.secpod.oval:def:45440
The host is missing an important security update 4103712

oval:org.secpod.oval:def:46047
The host is missing an important security update for KB4284835

oval:org.secpod.oval:def:46045
The host is missing an important security update for KB4284819

oval:org.secpod.oval:def:46052
The host is missing a critical security update for KB4284874

CVE    237
CVE-2018-0825
CVE-2018-1009
CVE-2018-0968
CVE-2018-0969
...
*CPE
cpe:/o:microsoft:windows_server_2016
XCCDF    6
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_SecPod_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_Server_2016
...

© SecPod Technologies