[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108684

 
 

909

 
 

85446

 
 

134

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:38294
The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Uniscribe, which fails to properly h ...

oval:org.secpod.oval:def:41757
The operating system installed on the system is Microsoft Windows Server 2016.

oval:org.secpod.oval:def:39307
The host is missing an important security update according to Microsoft security bulletin, MS17-016. The update is required to fix an XSS elevation of privilege vulnerability. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:39823
The host is missing an important security update KB4015217

oval:org.secpod.oval:def:40934
The host is missing an important security update KB4022715

oval:org.secpod.oval:def:42751
The host is missing an important security update KB4048953

oval:org.secpod.oval:def:41680
The host is missing a critical security update KB4034658

oval:org.secpod.oval:def:43777
This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon at ...

oval:org.secpod.oval:def:40495
The host is missing an important security update KB4019472

oval:org.secpod.oval:def:41243
The host is missing an important security update KB4025339

oval:org.secpod.oval:def:42355
The host is missing a critical security update KB4041691

oval:org.secpod.oval:def:45002
The host is missing a critical security update for KB4093119

oval:org.secpod.oval:def:45001
The host is missing a critical security update for KB4093112

oval:org.secpod.oval:def:45006
The host is missing an important security update for KB4093107

oval:org.secpod.oval:def:44989
An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could th ...

oval:org.secpod.oval:def:44997
The host is missing an important security update for KB4093257

oval:org.secpod.oval:def:44999
The host is missing a critical security update for KB4093114

oval:org.secpod.oval:def:44998
The host is missing a critical security update for 4093115

oval:org.secpod.oval:def:45004
The host is missing an important security update for KB4093109

oval:org.secpod.oval:def:45000
The host is missing a critical security update for KB4093111

oval:org.secpod.oval:def:45008
The host is missing a critical security update for KB4093108

oval:org.secpod.oval:def:45009
The host is missing a critical security update for KB4093118

oval:org.secpod.oval:def:45013
The host is missing a critical security update for KB4093122

oval:org.secpod.oval:def:45014
The host is missing a critical security update for KB4093123

oval:org.secpod.oval:def:39114
The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Server 2016, or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI, which fails to handle a craf ...

oval:org.secpod.oval:def:39321
An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.In a web-based attack scenario, an attacker could host a website used to att ...

oval:org.secpod.oval:def:39322
The host is missing an important security update according to Microsoft security bulletin, MS17-021. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to discl ...

oval:org.secpod.oval:def:39328
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39329
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ...

oval:org.secpod.oval:def:39330
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39331
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39332
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ...

oval:org.secpod.oval:def:39333
The host is missing a critical security update according to Microsoft security bulletin, MS17-008. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:39334
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ...

oval:org.secpod.oval:def:39369
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ...

oval:org.secpod.oval:def:39411
The host is missing an critical security update according to Microsoft bulletin, MS17-013. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which improperly handles GDI components. An attacker who successfully exploited these vulnerabilities could ex ...

oval:org.secpod.oval:def:39421
The host is missing a critical security update according to Microsoft security bulletin, MS17-012. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:39836
A denial of service vulnerability exists in Active Directory when an authenticated attacker sends malicious search queries. An attacker who successfully exploited this vulnerability could cause the Active Directory service to become nonresponsive.To exploit this vulnerability, an attacker must have ...

oval:org.secpod.oval:def:39839
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by runnin ...

oval:org.secpod.oval:def:40879
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.An attacker who successfully exploited this vulnerability c ...

oval:org.secpod.oval:def:40926
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full use ...

oval:org.secpod.oval:def:41213
An Information Disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory.An attacker who successfully exploited this vulnerability could obtain information to further compromise the HTTP.sys server application system.A remote unauthenticated ...

oval:org.secpod.oval:def:45376
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first h ...

oval:org.secpod.oval:def:45377
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first h ...

oval:org.secpod.oval:def:45378
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. To exploit the vulnerability, a ...

oval:org.secpod.oval:def:45375
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would have to log on to ...

oval:org.secpod.oval:def:46092
The host is missing an important security update for KB4130956

oval:org.secpod.oval:def:45379
A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker who has a domain user account ...

oval:org.secpod.oval:def:45418
The host is missing an important security update for KB4103731

oval:org.secpod.oval:def:45419
The host is missing an important security update for KB4103730

oval:org.secpod.oval:def:45421
The host is missing an important security update 4103715

oval:org.secpod.oval:def:45422
The host is missing an important security update for KB4103716

oval:org.secpod.oval:def:45543
The host is missing an important security update 4103718

oval:org.secpod.oval:def:45423
The host is missing an important security update for KB4103721

oval:org.secpod.oval:def:45435
The host is missing an important security update for KB4103723

oval:org.secpod.oval:def:45436
The host is missing an important security update for KB4103725

oval:org.secpod.oval:def:45437
The host is missing an important security update 4103726

oval:org.secpod.oval:def:45438
The host is missing an important security update for KB4103727

oval:org.secpod.oval:def:45440
The host is missing an important security update 4103712

CVE    223
CVE-2018-1008
CVE-2016-7214
CVE-2016-7215
CVE-2016-7246
...
*CPE
cpe:/o:microsoft:windows_server_2016
XCCDF    6
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_SecPod_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
...

© SecPod Technologies