[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77982

 
 

109

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:1501407
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. This update ...

oval:org.secpod.oval:def:1500297
Updated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a ...

oval:org.secpod.oval:def:1500360
Updated augeas packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available f ...

oval:org.secpod.oval:def:1501079
Moderate: Oracle Linux 6 autofs security and bug fix update.

oval:org.secpod.oval:def:1500288
Updated gc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500131
Updated boost packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500302
Updated busybox packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, i ...

oval:org.secpod.oval:def:1500766
Updated cups packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ...

oval:org.secpod.oval:def:1500130
Updated qt packages that fix one security issue are now available forRed Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from th ...

oval:org.secpod.oval:def:1500872
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.

oval:org.secpod.oval:def:1500818
Oracle Linux has issued an update for docker. This fixes two security issues, which can be exploited by malicious people to manipulat certain data and bypass certain security restrictions.

oval:org.secpod.oval:def:1500606
Updated dovecot packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1500681
Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500215
Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avail ...

oval:org.secpod.oval:def:1500218
Updated 389-ds-base packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ra ...

oval:org.secpod.oval:def:1500062
Updated 389-ds-base packages that fix one security issue, numerous bugs,and add various enhancements are now available for Red Hat EnterpriseLinux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which giv ...

oval:org.secpod.oval:def:1500117
Updated 389-ds-base packages that fix one security issue and multiple bugsare now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rat ...

oval:org.secpod.oval:def:1500313
Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avail ...

oval:org.secpod.oval:def:1500148
Updated 389-ds-base packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ratin ...

oval:org.secpod.oval:def:1500399
Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avail ...

oval:org.secpod.oval:def:1500262
An updated libtar package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500373
Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500400
Updated udisks packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1501104
Moderate: Oracle Linux 6 freeradius security, bug fix, and enhancement update.

oval:org.secpod.oval:def:1500061
Updated gdb packages that fix one security issue and three bugs are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is ava ...

oval:org.secpod.oval:def:1500689
Updated glibc packages that fix two security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available fo ...

oval:org.secpod.oval:def:1500188
Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1500301
Updated evolution packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives ...

oval:org.secpod.oval:def:1500367
Updated librsvg2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500382
Updated librsvg2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500105
An updated automake package that fixes one security issue is now availablefor Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500562
Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1500237
Updated curl packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500559
Updated curl packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1500155
Updated curl packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:34299
Apple Mac OS X Server 10.10 (Yosemite) is installed

oval:org.secpod.oval:def:34297
Apple Mac OS X 10.11 (el capitan) is installed

oval:org.secpod.oval:def:34298
Apple Mac OS X Server 10.11 (el capitan) is installed

oval:org.secpod.oval:def:1500686
Updated qemu-kvm packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500214
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500092
Updated qemu-kvm packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500595
Updated qemu-kvm packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ...

oval:org.secpod.oval:def:1500242
An updated rtkit package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500294
An updated libgcrypt package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ...

oval:org.secpod.oval:def:1500978
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. The following security issues are fixed with this release: A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 ...

oval:org.secpod.oval:def:1500191
Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500128
Updated krb5 packages that fix two security issues are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available for each ...

oval:org.secpod.oval:def:1500149
Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500598
An updated mod_wsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500396
An updated mutt package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500411
Updated net-snmp packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, ...

oval:org.secpod.oval:def:1501097
SNMP is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a ...

oval:org.secpod.oval:def:1500343
Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Network Security Services is a set of libraries designed to support the cross-platform development of ...

oval:org.secpod.oval:def:1500241
Updated nss, nss-util, nss-softokn, and nspr packages that fix two security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System b ...

oval:org.secpod.oval:def:1500038
Updated nss, nss-util, and nspr packages that fix one security issue,various bugs, and add enhancements are now available for Red HatEnterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Network Security Services is a set of libraries design ...

oval:org.secpod.oval:def:1500329
Updated nss, nspr, and nss-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500609
Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500078
Updated openchange packages that fix one security issue, several bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which give ...

oval:org.secpod.oval:def:1500307
Updated rdma, libibverbs, libmlx4, librdmacm, qperf, perftest, openmpi, compat-openmpi, infinipath-psm, mpitests, and rds-tools packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has r ...

oval:org.secpod.oval:def:1500173
Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500751
Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed seve ...

oval:org.secpod.oval:def:1500587
Updated java-1.6.0-openjdk packages that fix various security issues and one bug are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed ...

oval:org.secpod.oval:def:1500781
Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500904
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

oval:org.secpod.oval:def:1501034
The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

oval:org.secpod.oval:def:1500808
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system.

oval:org.secpod.oval:def:1500114
Updated pam packages that fix two security issues, several bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detail ...

oval:org.secpod.oval:def:1500344
Updated pixman packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1500135
Updated pixman packages that fix one security issue are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500243
Updated polkit packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500201
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity rat ...

oval:org.secpod.oval:def:1500220
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500031
Updated kernel packages that fix three security issues and several bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1500275
Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ...

oval:org.secpod.oval:def:1500091
Updated kernel packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500928
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ...

oval:org.secpod.oval:def:1500331
Updated kernel packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which gi ...

oval:org.secpod.oval:def:1500176
Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ava ...

oval:org.secpod.oval:def:1500194
Updated kernel packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give d ...

oval:org.secpod.oval:def:1500126
Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, ar ...

oval:org.secpod.oval:def:1500371
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500158
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500605
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500822
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500099
Updated abrt and libreport packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, are ava ...

oval:org.secpod.oval:def:1500255
Updated spice-gtk packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500857
Updated rpm packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from th ...

oval:org.secpod.oval:def:1500784
Updated rsyslog5 and rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500780
Updated rsyslog7 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the ...

oval:org.secpod.oval:def:1500231
Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500089
Updated ruby packages that fix two security issues are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available for each ...

oval:org.secpod.oval:def:1500310
Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500813
Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulne ...

oval:org.secpod.oval:def:1500268
An updated rubygems package that fixes three security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500439
Updated samba4 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500012
Updated samba4 packages that fix one security issue, multiple bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a ...

oval:org.secpod.oval:def:1500339
Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1501339
The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker c ...

oval:org.secpod.oval:def:1500055
Updated squid packages that fix one security issue and several bugs are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is ...

oval:org.secpod.oval:def:1500557
Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500040
Updated sssd packages that fix two security issues, multiple bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give detailed ...

oval:org.secpod.oval:def:1500129
Updated sssd packages that fix one security issue and two bugs are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1500017
Updated dnsmasq packages that fix one security issue, one bug, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a deta ...

oval:org.secpod.oval:def:1500267
Updated vino packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500965
Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.

oval:org.secpod.oval:def:1500202
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ...

oval:org.secpod.oval:def:1500203
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ...

oval:org.secpod.oval:def:1500210
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500212
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ...

oval:org.secpod.oval:def:1500898
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

oval:org.secpod.oval:def:1500672
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

oval:org.secpod.oval:def:1500675
For a TCP-style socket, while processing the COOKIE_ECHO chunk in sctp_sf_do_5_1D_ce(), after it has passed a series of sanity check, a new association would be created in sctp_unpack_cookie(), but afterwards, some processing maybe failed, and sctp_association_free() will be called to free the previ ...

oval:org.secpod.oval:def:1500674
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

oval:org.secpod.oval:def:1500048
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500295
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500258
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500264
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500270
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500905
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.

oval:org.secpod.oval:def:1500716
Linux kernel built with the system-call auditing support(CONFIG_AUDITSYSCALL) is vulnerable to a kernel crash or information disclosure flaw caused by out of bounds memory access. It could occur when system call audit rules are configured on a system. Administrative privileges are required to add su ...

oval:org.secpod.oval:def:1500715
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.

oval:org.secpod.oval:def:1500996
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ...

oval:org.secpod.oval:def:1500318
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500561
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500563
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500569
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500572
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500574
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500577
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500583
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500342
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500350
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500591
The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call.

oval:org.secpod.oval:def:1500352
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500785
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ...

oval:org.secpod.oval:def:1500788
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ...

oval:org.secpod.oval:def:1500309
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500312
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500796
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) ...

oval:org.secpod.oval:def:1500555
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500161
An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. The kernel-uek is main component of an operating system. This security update re-a ...

oval:org.secpod.oval:def:1500168
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ...

oval:org.secpod.oval:def:1501026
The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

oval:org.secpod.oval:def:1500179
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1501029
The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

oval:org.secpod.oval:def:1500122
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500124
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500370
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500372
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500376
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500384
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 5. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500144
An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500157
An updated kernel-uek package that fixes one security issue and multiple bugs isnow available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500600
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

oval:org.secpod.oval:def:1500602
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

oval:org.secpod.oval:def:1500854
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled malformed Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system.

oval:org.secpod.oval:def:1500804
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system.

oval:org.secpod.oval:def:1500206
Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500696
An updated thunderbird package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availab ...

oval:org.secpod.oval:def:1500698
Updated firefox packages that fix two security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1501569
The monlist feature in ntp_request.c in ntpd in NTP allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

oval:org.secpod.oval:def:1500404
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500407
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500409
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500655
Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500420
Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ...

oval:org.secpod.oval:def:1501751
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.7.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1500437
Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500436
Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1500054
Updated ipa packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from th ...

oval:org.secpod.oval:def:1500063
Updated pki-core packages that fix multiple security issues, two bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which give ...

oval:org.secpod.oval:def:1500065
Updated java-1.7.0-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1500001
Oracle Linux 6 is installed

oval:org.secpod.oval:def:1500004
Updated util-linux-ng packages that fix one security issue, several bugs,and add various enhancements are now available for Red Hat EnterpriseLinux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a ...

oval:org.secpod.oval:def:1500006
Updated gnutls packages that fix one security issue are now available forRed Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500248
Updated hplip packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available f ...

oval:org.secpod.oval:def:1500249
Updated libvirt packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500011
Updated kdelibs packages that fix two security issues are now available forRed Hat Enterprise Linux 6 FasTrack.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500018
Updated openssh packages that fix one security issue, multiple bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives ...

oval:org.secpod.oval:def:1500263
Updated xorg-x11-server packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating ...

oval:org.secpod.oval:def:1500024
Updated dhcp packages that fix one security issue and two bugs are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500036
Updated pcsc-lite packages that fix one security issue and three bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, ...

oval:org.secpod.oval:def:1500090
Updated ipa packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives ...

oval:org.secpod.oval:def:1500095
Updated hplip packages that fix several security issues, multiple bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give deta ...

oval:org.secpod.oval:def:1501188
During Docker pulls validation and extraction of the manifest object from its JSON representation are done in separate steps. The digest that represents the manifest corresponds to a hash of the payload portion of the JSON blob returned by the remote registry. Even though the validity of the payload ...

oval:org.secpod.oval:def:1500964
PostgreSQL is an advanced object-relational database management system . An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by ...

oval:org.secpod.oval:def:1500749
Updated java-1.7.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ...

oval:org.secpod.oval:def:1500319
An updated mod_nss package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is a ...

oval:org.secpod.oval:def:1500323
Updated coreutils packages that fix three security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System base scores, which give det ...

oval:org.secpod.oval:def:1500324
Updated python packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a d ...

oval:org.secpod.oval:def:1500327
Updated php53 and php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed sever ...

oval:org.secpod.oval:def:1500573
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ...

oval:org.secpod.oval:def:1500576
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500575
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500335
Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed sev ...

oval:org.secpod.oval:def:1501671
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1500580
An updated firefox package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ar ...

oval:org.secpod.oval:def:1500349
An updated ca-certificates package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. This package contains the set of CA certificates chosen by the Mozilla Foundation for use wit ...

oval:org.secpod.oval:def:1500592
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1501686
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.0 Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute ar ...

oval:org.secpod.oval:def:1500355
Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1501689
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.1 ESR. Security Fix: * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1500758
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500760
An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ...

oval:org.secpod.oval:def:1500778
Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1500308
Updated xorg-x11-server packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ...

oval:org.secpod.oval:def:1500553
Updated libvirt packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating ...

oval:org.secpod.oval:def:1500316
Updated gimp packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500799
An updated mod_auth_mellon package that fixes two security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500163
Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1501262
It was found that the jakarta commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections libr ...

oval:org.secpod.oval:def:1500175
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500182
Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500185
Updated libtirpc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500186
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1501289
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500363
Updated libvirt packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1501692
A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

oval:org.secpod.oval:def:1500368
Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, ...

oval:org.secpod.oval:def:1500377
An updated wget package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Low security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ava ...

oval:org.secpod.oval:def:1500383
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500385
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500142
An updated stunnel package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500389
Updated postgresql84 and postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which gi ...

oval:org.secpod.oval:def:1500397
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500841
Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500604
Updated python-jinja2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1500603
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500847
An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ar ...

oval:org.secpod.oval:def:1500607
Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ...

oval:org.secpod.oval:def:1501702
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.6.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501717
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.6.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ...

oval:org.secpod.oval:def:1500801
Updated xorg-x11-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500805
An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could u ...

oval:org.secpod.oval:def:1500826
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500827
Updated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1500829
Updated mailx packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for eac ...

oval:org.secpod.oval:def:1500833
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500216
An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500279
An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is a ...

oval:org.secpod.oval:def:1501761
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501754
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500571
Updated tomcat6 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500608
Updated tomcat6 packages that fix three security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ...

oval:org.secpod.oval:def:1500789
An updated wget package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1501786
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501792
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.8.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501799
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501816
The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this ...

oval:org.secpod.oval:def:1501812
curl : treat Negotiate authentication as connection-oriented

oval:org.secpod.oval:def:1500347
Updated openjpeg packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500742
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity rati ...

oval:org.secpod.oval:def:1500333
Updated libjpeg-turbo packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1501828
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501838
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501847
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501848
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:36265
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to cause a sys ...

oval:org.secpod.oval:def:1501851
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500192
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main comp ...

oval:org.secpod.oval:def:1501896
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501904
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500351
Updated xorg-x11-server packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating ...

oval:org.secpod.oval:def:1500787
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1500755
Updated glibc packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed sever ...

oval:org.secpod.oval:def:1500392
Updated libtiff packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500265
An updated xinetd package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500666
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed sev ...

oval:org.secpod.oval:def:1500767
Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ...

oval:org.secpod.oval:def:1500910
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposi ...

oval:org.secpod.oval:def:1501085
Moderate: Oracle Linux 6 hivex security and bug fix update.

oval:org.secpod.oval:def:1500948
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.

oval:org.secpod.oval:def:1501460
The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Security Fix: * Multiple flaws wer ...

oval:org.secpod.oval:def:1500946
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

oval:org.secpod.oval:def:1501091
Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0282 GnuTLS does not verify the RSA PKCS #1 signature algorithm to match the signature algorithm in ...

oval:org.secpod.oval:def:1501106
Important: Oracle Linux 6 lxc security update.

oval:org.secpod.oval:def:1501301
It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.

oval:org.secpod.oval:def:1501205
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

oval:org.secpod.oval:def:1501208
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

oval:org.secpod.oval:def:1501210
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets.

oval:org.secpod.oval:def:1501196
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU"s NE2000 NIC emulation implementation handled certain packets received ...

oval:org.secpod.oval:def:1501257
Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

oval:org.secpod.oval:def:1501136
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol , including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which us ...

oval:org.secpod.oval:def:1501288
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.

oval:org.secpod.oval:def:1501476
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501480
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501451
net/sctp/sm_sideeffect.c in the Linux kernel before does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

oval:org.secpod.oval:def:1501500
The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

oval:org.secpod.oval:def:1501501
The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

oval:org.secpod.oval:def:1501511
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel"s Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when ...

oval:org.secpod.oval:def:1501496
The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

oval:org.secpod.oval:def:36260
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36259
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:1501753
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501776
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1501830
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501721
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was found that the ghostscript functions getenv, filenameforall and .libfile did not h ...

oval:org.secpod.oval:def:1501699
Linux Kernel : sctp: validate chunk len before actually using it

oval:org.secpod.oval:def:1501740
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501845
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501862
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500657
The BPF_S_ANC_NLATTR and BPF_S_ANC_NLATTR_NEST extensions fail to check for a minimal message length before testing the supplied offset to be within the bounds of the message. This allows the subtraction of the nla header to underflow and therefore -- as the data type is unsigned -- allowing far to ...

oval:org.secpod.oval:def:1500659
The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer und ...

oval:org.secpod.oval:def:1500661
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c.

oval:org.secpod.oval:def:1500900
Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1501892
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501890
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501923
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501922
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501920
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501925
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501735
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501733
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501698
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. The sctp_sf_ootb function i ...

oval:org.secpod.oval:def:1501696
The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. The sctp_sf_ootb function i ...

oval:org.secpod.oval:def:1501730
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501826
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501928
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501900
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501916
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501683
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fix: * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached bin ...

oval:org.secpod.oval:def:1501179
OpenLDAP is an open source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap package contains configuration files, libraries, and docum ...

oval:org.secpod.oval:def:1501409
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user co ...

oval:org.secpod.oval:def:36258
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an user interface spoofing vulnerability. A flaw is present in the application, which improperly validates security origins. Successful exploitation could allow attackers to us ...

oval:org.secpod.oval:def:36267
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a cross-protocol cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attack ...

oval:org.secpod.oval:def:1501886
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501712
Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running ...

oval:org.secpod.oval:def:1500560
Updated openssl097a and openssl098e packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a ...

oval:org.secpod.oval:def:1500558
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500803
Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. ...

oval:org.secpod.oval:def:1500000
An updated ccid package that fixes one security issue and one bug are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is availa ...

oval:org.secpod.oval:def:1501858
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500039
Updated dovecot packages that fix three security issues and one bug are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are availa ...

oval:org.secpod.oval:def:1500015
Updated core client packages for the X Window System that fix one securityissue, several bugs, and add various enhancements are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System ba ...

oval:org.secpod.oval:def:1500066
Updated evolution packages that fix one security issue and three bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500083
Updated freetype packages that fix one security issue are now available forRed Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availa ...

oval:org.secpod.oval:def:1500762
Updated trousers packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System base score, which gives a detailed ...

oval:org.secpod.oval:def:1500067
Updated php packages that fix three security issues, several bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give deta ...

oval:org.secpod.oval:def:1500005
An updated xinetd package that fixes one security issue and two bugs is nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is avai ...

oval:org.secpod.oval:def:1500057
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500111
Updated kernel packages that fix multiple security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red Hat Enterprise Linux version 6.This is the fourth regular update.The Red Hat Security Response Team has rated t ...

oval:org.secpod.oval:def:1501084
Moderate: Oracle Linux 6 pki-core security and bug fix update.

oval:org.secpod.oval:def:1500072
An updated vino package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1500305
Updated dracut packages that fix one security issue, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a ...

oval:org.secpod.oval:def:1500082
Updated RDMA packages that fix multiple security issues, various bugs, andadd an enhancement are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give detailed se ...

oval:org.secpod.oval:def:1500041
An updated elinks package that fixes one security issue is now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is availa ...

oval:org.secpod.oval:def:1500068
Updated libxml2 packages that fix one security issue are now available forRed Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500027
Updated cups packages that fix one security issue are now available forRed Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available f ...

oval:org.secpod.oval:def:1500052
Updated jakarta-commons-httpclient packages that fix one security issue arenow available for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity ...

oval:org.secpod.oval:def:1500070
Updated axis packages that fix one security issue are now available for RedHat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from th ...

oval:org.secpod.oval:def:1500287
An updated gnupg2 package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500028
Updated libvirt packages that fix one security issue, multiple bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives ...

oval:org.secpod.oval:def:1500081
Updated libvirt packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500291
Updated postgresql and postgresql84 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severit ...

oval:org.secpod.oval:def:1500029
An updated xorg-x11-drv-qxl package that fixes one security issue is nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500093
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity ...

oval:org.secpod.oval:def:1500306
Updated glibc packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which giv ...

oval:org.secpod.oval:def:1500195
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500044
Updated dbus-glib packages that fix one security issue are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is avail ...

oval:org.secpod.oval:def:1500035
Updated nss-pam-ldapd packages that fix one security issue are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availab ...

oval:org.secpod.oval:def:1500098
Updated git packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from the ...

oval:org.secpod.oval:def:1500651
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1500650
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500654
Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, ...

oval:org.secpod.oval:def:1500178
Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, ...

oval:org.secpod.oval:def:1500150
Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availab ...

oval:org.secpod.oval:def:1500304
Updated qemu-kvm packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which g ...

oval:org.secpod.oval:def:1500189
Updated qemu-kvm packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, ...

oval:org.secpod.oval:def:1500315
Updated libguestfs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which ...

oval:org.secpod.oval:def:1500311
An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System base scores, which give detail ...

oval:org.secpod.oval:def:1500739
Updated xerces-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500695
An updated squid package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1500317
Updated samba4 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500303
Updated samba packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give det ...

oval:org.secpod.oval:def:1500354
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ...

oval:org.secpod.oval:def:1500365
Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500356
Updated libXfont packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500565
Updated qemu-kvm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500566
Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1500774
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500387
Updated mysql packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1500740
Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500412
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500416
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500421
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1500748
Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed ...

oval:org.secpod.oval:def:1500582
Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratin ...

oval:org.secpod.oval:def:1500688
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500771
Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System ba ...

oval:org.secpod.oval:def:1500668
Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ...

oval:org.secpod.oval:def:1500717
Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from t ...

oval:org.secpod.oval:def:1500710
Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity r ...

oval:org.secpod.oval:def:1500753
include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface.

oval:org.secpod.oval:def:1500712
Updated procmail packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availabl ...

oval:org.secpod.oval:def:1500764
sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acces ...

oval:org.secpod.oval:def:1500779
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update. Red Hat Product Security has rated this upd ...

oval:org.secpod.oval:def:1500815
A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system.

oval:org.secpod.oval:def:1500646
Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give det ...

oval:org.secpod.oval:def:1500614
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500754
Updated krb5 packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ...

oval:org.secpod.oval:def:1500834
An integer overflow flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.

oval:org.secpod.oval:def:1500844
Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid repo ...

oval:org.secpod.oval:def:1500817
An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space.

oval:org.secpod.oval:def:1500682
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

oval:org.secpod.oval:def:1500636
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available f ...

oval:org.secpod.oval:def:1500662
Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which giv ...

oval:org.secpod.oval:def:1500706
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500611
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fa ...

oval:org.secpod.oval:def:1500613
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

oval:org.secpod.oval:def:1500617
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.

oval:org.secpod.oval:def:1500705
Linux kernel built with the support for Stream Control Transmission Protocol is vulnerable to a NULL pointer dereference flaw. It could occur when simultaneous new connections are initiated between the same pair of hosts. A remote user/program could use this flaw to crash the system kernel resulting ...

oval:org.secpod.oval:def:1500773
A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.

oval:org.secpod.oval:def:1500957
The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. It was found that setroubleshoot did not sanitize file names supplied ...

oval:org.secpod.oval:def:36264
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to discl ...

oval:org.secpod.oval:def:1501775
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1501773
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501779
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1501782
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsocko ...

oval:org.secpod.oval:def:1500556
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Oracle Enterprise Linux 6. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel-uek is main com ...

oval:org.secpod.oval:def:1501422
Kernel update : x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) and fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (Mike Kravetz)

oval:org.secpod.oval:def:1501824
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501885
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501877
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501879
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501880
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501093
Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Two cross-site scripting flaws were found in jQuery, which impacted the Identity Management web administrative interface, and cou ...

oval:org.secpod.oval:def:1500381
Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ava ...

oval:org.secpod.oval:def:1500435
Updated xalan-j2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500849
It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ...

oval:org.secpod.oval:def:1500859
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500802
It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system.

oval:org.secpod.oval:def:1500821
It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash t ...

oval:org.secpod.oval:def:1500840
Updated libvncserver packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500832
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and m ...

oval:org.secpod.oval:def:1501098
Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to v ...

oval:org.secpod.oval:def:1500941
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveragin ...

oval:org.secpod.oval:def:1500877
Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500950
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.

oval:org.secpod.oval:def:1501001
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outsi ...

oval:org.secpod.oval:def:1500879
An updated thunderbird package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500878
Updated firefox packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ...

oval:org.secpod.oval:def:1500943
The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.

oval:org.secpod.oval:def:1500896
Updated libyaml packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:1500994
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ...

oval:org.secpod.oval:def:1500995
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root bina ...

oval:org.secpod.oval:def:1501174
jakarta-taglibs-standard is the Java Standard Tag Library . This library is used in conjunction with Tomcat and Java Server Pages . It was found that the Java Standard Tag Library allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on ...

oval:org.secpod.oval:def:1501121
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which htt ...

oval:org.secpod.oval:def:1501032
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU"s AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A pr ...

oval:org.secpod.oval:def:26787
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the kernel"s implementation of the Berkeley Packet Filter . A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly ...

oval:org.secpod.oval:def:1501129
Pluggable Authentication Modules provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. It was discovered that the _unix_run_helper_binary function of PAM"s unix_pam module could write to a blocking pipe, possibly ca ...

oval:org.secpod.oval:def:1501461
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A m ...

oval:org.secpod.oval:def:1501132
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet.

oval:org.secpod.oval:def:1501133
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet.

oval:org.secpod.oval:def:1501138
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet.

oval:org.secpod.oval:def:1501150
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet.

oval:org.secpod.oval:def:1501061
Updated abrt and libreport packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1501080
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote ...

oval:org.secpod.oval:def:1501408
OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access ...

oval:org.secpod.oval:def:1501140
The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

oval:org.secpod.oval:def:1501126
The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

oval:org.secpod.oval:def:1501124
The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

oval:org.secpod.oval:def:1501850
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501836
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500321
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fifth regular update. The Red Hat Security Response Team has rate ...

oval:org.secpod.oval:def:1500300
Updated openssh packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System base score, which gives a ...

oval:org.secpod.oval:def:1500076
Updated mingw32-libxml2 packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 6. This advisory also containsinformation about future updates for the mingw32 packages, as well as thedeprecation of the packages with the release of Red HatEnterprise Linux 6.4.The Red H ...

oval:org.secpod.oval:def:1500110
Updated httpd packages that fix two security issues, several bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having lowsecurity impact. Common Vulnerability Scoring System base scores,which give detailed ...

oval:org.secpod.oval:def:1500169
Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ...

oval:org.secpod.oval:def:1500064
Updated bind packages that fix one security issue and add one enhancementare now available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rati ...

oval:org.secpod.oval:def:1500116
Updated tomcat6 packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, are available ...

oval:org.secpod.oval:def:1500046
Updated java-1.7.0-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500084
Updated java-1.6.0-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500102
Updated openssl packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500125
Updated pidgin packages that fix three security issues are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1500086
Updated mysql packages that fix several security issues are now availablefor Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1500060
An updated thunderbird package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, ar ...

oval:org.secpod.oval:def:1500010
Updated firefox packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500332
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500338
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500077
An updated thunderbird package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, ar ...

oval:org.secpod.oval:def:1500013
Updated xulrunner packages that fix one security issue are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is availa ...

oval:org.secpod.oval:def:1500019
Updated firefox packages that fix several security issues are now availablefor Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avail ...

oval:org.secpod.oval:def:1500118
An updated thunderbird package that fixes one security issue is nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ...

oval:org.secpod.oval:def:1500139
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500141
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500056
Updated java-1.7.0-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500025
Updated java-1.6.0-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500037
Updated java-1.7.0-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500113
Updated java-1.6.0-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having criticalsecurity impact. Common Vulnerability Scoring System base scores,which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500133
Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ...

oval:org.secpod.oval:def:1500172
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500223
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500235
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500232
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500238
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500252
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500254
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500145
Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ...

oval:org.secpod.oval:def:1500234
Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is availa ...

oval:org.secpod.oval:def:1500393
Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ...

oval:org.secpod.oval:def:1500137
Updated bind packages that fix one security issue and one bug are nowavailable for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is av ...

oval:org.secpod.oval:def:1500229
Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500299
Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ...

oval:org.secpod.oval:def:1500284
Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1500271
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ...

oval:org.secpod.oval:def:1500228
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fr ...

oval:org.secpod.oval:def:1500361
Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500285
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity rating ...

oval:org.secpod.oval:def:1500292
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ...

oval:org.secpod.oval:def:1500432
Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are avai ...

oval:org.secpod.oval:def:1500678
Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulnera ...

oval:org.secpod.oval:def:1501009
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make T ...

oval:org.secpod.oval:def:1500860
Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ...

oval:org.secpod.oval:def:1501100
Sudo allows a system administrator to give certain users the ability to run some commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per-hos ...

oval:org.secpod.oval:def:1501039
CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operation ...

oval:org.secpod.oval:def:1501907
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500153
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, ...

oval:org.secpod.oval:def:1500159
Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ra ...

oval:org.secpod.oval:def:1501902
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500894
Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from t ...

oval:org.secpod.oval:def:1501111
Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update.

oval:org.secpod.oval:def:1501115
Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update.

oval:org.secpod.oval:def:1500914
Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ...

oval:org.secpod.oval:def:1500915
Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon. A malicious Samba client could send specia ...

oval:org.secpod.oval:def:1501096
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501151
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion reposit ...

oval:org.secpod.oval:def:1500982
X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A buffer over-read flaw was found in the way the X.Org server handled XkbGetGeometry requests. A malicious, authorized client co ...

oval:org.secpod.oval:def:1501060
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ...

oval:org.secpod.oval:def:1501390
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. It was discovered that the SSL ...

oval:org.secpod.oval:def:1500953
An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application.

oval:org.secpod.oval:def:1500984
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the ...

oval:org.secpod.oval:def:1500986
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the ...

oval:org.secpod.oval:def:1500991
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the ...

oval:org.secpod.oval:def:1501092
Multiple vulnerabilities were discovered in the dissectors/parsers for WCP, pcapng and TNEF, which could result in denial of service.

oval:org.secpod.oval:def:1500967
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

oval:org.secpod.oval:def:1500973
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ...

oval:org.secpod.oval:def:1501011
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1500961
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the pr ...

oval:org.secpod.oval:def:1500916
Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ...

oval:org.secpod.oval:def:1500920
Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ...

oval:org.secpod.oval:def:1501192
Use-after-free vulnerability in libwmf allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.

oval:org.secpod.oval:def:1501190
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.

oval:org.secpod.oval:def:1500927
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor manage ...

oval:org.secpod.oval:def:1501078
Low: Oracle Linux 6 grep security, bug fix, and enhancement update.

oval:org.secpod.oval:def:1501540
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an ...

oval:org.secpod.oval:def:1501089
LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ...

oval:org.secpod.oval:def:1500992
The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc ...

oval:org.secpod.oval:def:1501037
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could ...

oval:org.secpod.oval:def:26785
The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format fonts. A malicious, local user could use this flaw to crash the X ...

oval:org.secpod.oval:def:1501031
The kernel package contains the Linux kernel , the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

oval:org.secpod.oval:def:1501217
The get_bitmap_file function in drivers/md/md.c in the Linux kernel does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

oval:org.secpod.oval:def:1501070
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ...

oval:org.secpod.oval:def:1501101
The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when process ...

oval:org.secpod.oval:def:1500971
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper h ...

oval:org.secpod.oval:def:1500974
The InfiniBand (IB) implementation in the Linux kernel package does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by lev ...

oval:org.secpod.oval:def:1501010
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ...

oval:org.secpod.oval:def:1501017
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A buffer overflow flaw was found in the way the Linux kernel"s Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use ...

oval:org.secpod.oval:def:1501019
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A ...

oval:org.secpod.oval:def:1501162
Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ...

oval:org.secpod.oval:def:1501058
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1501067
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. It ...

oval:org.secpod.oval:def:1501083
A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file ...

oval:org.secpod.oval:def:1501110
Important: Oracle Linux 6 java-1.6.0-openjdk security update.

oval:org.secpod.oval:def:1501064
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java ...

oval:org.secpod.oval:def:1501074
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certa ...

oval:org.secpod.oval:def:1501044
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ...

oval:org.secpod.oval:def:1501045
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ...

oval:org.secpod.oval:def:1501052
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate ...

oval:org.secpod.oval:def:1501065
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ...

oval:org.secpod.oval:def:1501073
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ...

oval:org.secpod.oval:def:1501072
The kernel packages contain the Linux kernel, the core of any Linux operating system. * A NULL pointer dereference flaw was found in the way the Linux kernel"s virtual console implementation handled reference counting when accessing pseudo-terminal device files . A local, unprivileged attacker could ...

oval:org.secpod.oval:def:1501103
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+passwo ...

oval:org.secpod.oval:def:1501054
PostgreSQL is an advanced object-relational database management system . A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is tri ...

oval:org.secpod.oval:def:1501274
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked cou ...

oval:org.secpod.oval:def:1501302
Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information.

oval:org.secpod.oval:def:1501296
A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb (for example the AD LDAP server in Samba), would cause that application to consume an excessive amount of m ...

oval:org.secpod.oval:def:1501099
The libuser library implements a standardized interface for manipulating and administering user and group accounts. Sample applications that are modeled after applications from the shadow password suite are included in these packages. Two flaws were found in the way the libuser library handled the / ...

oval:org.secpod.oval:def:26786
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors.

oval:org.secpod.oval:def:1501086
Multiple vulnerabilities were discovered in ntp, an implementation of the Network Time Protocol: CVE-2015-1798 When configured to use a symmetric key with an NTP peer, ntpd would accept packets without MAC as if they had a valid MAC. This could allow a remote attacker to bypass the packet authentica ...

oval:org.secpod.oval:def:1501147
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database w ...

oval:org.secpod.oval:def:1501015
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds memory access flaw was found in the way QEMU"s virtual Floppy Disk Controller handled FIFO buffer access wh ...

oval:org.secpod.oval:def:1501021
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

oval:org.secpod.oval:def:1501813
The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: * Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a ...

oval:org.secpod.oval:def:1501022
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS protocol composes the Diffie-Hellman key exchange. A man-in-the-middle attacker could use thi ...

oval:org.secpod.oval:def:1501047
Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman key exchange. A man-in-the-middle attacker could use this flaw to force the us ...

oval:org.secpod.oval:def:1501081
Low: Oracle Linux 6 wpa_supplicant security and enhancement update.

oval:org.secpod.oval:def:1501141
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1501125
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. N ...

oval:org.secpod.oval:def:1501127
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:26784
gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bit ...

oval:org.secpod.oval:def:1501170
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privil ...

oval:org.secpod.oval:def:1501177
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ...

oval:org.secpod.oval:def:1501278
It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim.

oval:org.secpod.oval:def:1501095
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIN ...

oval:org.secpod.oval:def:1501321
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to cra ...

oval:org.secpod.oval:def:1501198
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to c ...

oval:org.secpod.oval:def:1501199
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to c ...

oval:org.secpod.oval:def:1501229
The remote host is missing a patch containing a security fix, which affects the following package(s): java-1.6.0-openjdk

oval:org.secpod.oval:def:1501344
The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel"s keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges o ...

oval:org.secpod.oval:def:1501178
KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU"s RTL8139 emulation implementation processed network packets under RTL8139 ...

oval:org.secpod.oval:def:1501443
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially , escalate their p ...

oval:org.secpod.oval:def:1501470
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss. CVE-2013-4312 Tetsuo Handa discovered that users can use pipes queued on local sockets to allocate an unfair share of kernel memory, leading to ...

oval:org.secpod.oval:def:1501464
he IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now also contains PolicyEditor - a ...

oval:org.secpod.oval:def:1501185
The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ...

oval:org.secpod.oval:def:1501218
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blo ...

oval:org.secpod.oval:def:1501220
The remote host is missing a patch containing a security fix, which affects the following package(s): postgresql

oval:org.secpod.oval:def:1501194
The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that ...

oval:org.secpod.oval:def:1501236
The remote host is missing a patch containing a security fix, which affects the following package(s): libreport

oval:org.secpod.oval:def:1501305
A man-in-the-middle vulnerability was found in the way "connection signing" was implemented by Samba. A remote attacker could use this flaw to downgrade an existing Samba client connection and force the use of plain text.

oval:org.secpod.oval:def:1501430
Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba . Ref ...

oval:org.secpod.oval:def:1501432
Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba . Ref ...

oval:org.secpod.oval:def:1501166
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remot ...

oval:org.secpod.oval:def:1501183
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. T ...

oval:org.secpod.oval:def:1501216
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

oval:org.secpod.oval:def:1501213
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

oval:org.secpod.oval:def:1501255
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

oval:org.secpod.oval:def:1501285
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1501304
A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service (denial of service) by performing a series of UDP and TCP calls.

oval:org.secpod.oval:def:1501349
The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way th ...

oval:org.secpod.oval:def:1501396
The SMB1 implementation in smbd in Samba allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

oval:org.secpod.oval:def:1501397
The SMB1 implementation in smbd in Samba allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

oval:org.secpod.oval:def:1501309
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to imp ...

oval:org.secpod.oval:def:1501310
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to imp ...

oval:org.secpod.oval:def:1501292
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to imp ...

oval:org.secpod.oval:def:1501585
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND constructed a response ...

oval:org.secpod.oval:def:1501282
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server t ...

oval:org.secpod.oval:def:1501307
Race condition in the IPC object implementation in the Linux kernel allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

oval:org.secpod.oval:def:1501272
The KVM subsystem in the Linux kernel allow guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

oval:org.secpod.oval:def:1501279
The flaws were found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their p ...

oval:org.secpod.oval:def:1501293
The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

oval:org.secpod.oval:def:1501330
It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to ...

oval:org.secpod.oval:def:1501269
The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ...

oval:org.secpod.oval:def:1501465
The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that w ...

oval:org.secpod.oval:def:1501810
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running t ...

oval:org.secpod.oval:def:1501265
libxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-termin ...

oval:org.secpod.oval:def:1501411
Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. It was discovered that the unhtmlify function of f ...

oval:org.secpod.oval:def:1501410
Kerberos is a networked authentication system which allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos KDC. A memory leak flaw was found in the krb5_unparse_name function of the MIT Kerberos kadmind service. An authenticated attacker could r ...

oval:org.secpod.oval:def:1501331
apl_42.c in ISC BIND allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

oval:org.secpod.oval:def:1501806
The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * A stack overflow vulnerability was ...

oval:org.secpod.oval:def:1501805
OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers , an interactive top level system, parsing tools , a replay debugger, a documentation generator, and a comprehensive library. Se ...

oval:org.secpod.oval:def:1501815
The libguestfs packages contain a library, which is used for accessing and modifying virtual machine disk images. Security Fix: * An integer conversion flaw was found in the way OCaml"s String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or res ...

oval:org.secpod.oval:def:1501323
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to cra ...

oval:org.secpod.oval:def:1501334
An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restr ...

oval:org.secpod.oval:def:1501437
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to comp ...

oval:org.secpod.oval:def:1501436
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to comp ...

oval:org.secpod.oval:def:1501455
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to comp ...

oval:org.secpod.oval:def:1501684
Expat is a C library for parsing XML documents. Security Fix: * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, pos ...

oval:org.secpod.oval:def:1501311
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

oval:org.secpod.oval:def:1501319
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.

oval:org.secpod.oval:def:1501490
The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtu ...

oval:org.secpod.oval:def:1501469
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way the Linux kernel"s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 ce ...

oval:org.secpod.oval:def:1501477
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501392
A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters.

oval:org.secpod.oval:def:1501381
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to dec ...

oval:org.secpod.oval:def:1501463
OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create ...

oval:org.secpod.oval:def:1501584
Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Security Fix: * It was discovered that python-twisted-web used the value of the Proxy header from ...

oval:org.secpod.oval:def:1501747
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a spec ...

oval:org.secpod.oval:def:1501811
Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. The tigervn ...

oval:org.secpod.oval:def:1501399
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND parsed signature records for DNAME reco ...

oval:org.secpod.oval:def:1501352
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbi ...

oval:org.secpod.oval:def:1501666
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a re ...

oval:org.secpod.oval:def:1501675
Several vulnerabilities have been discovered in Linux Kernel

oval:org.secpod.oval:def:1501681
Several vulnerabilities have been discovered in Linux Kernel and dtrace-modules

oval:org.secpod.oval:def:1501623
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

oval:org.secpod.oval:def:1501626
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

oval:org.secpod.oval:def:1501473
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ...

oval:org.secpod.oval:def:1501504
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an appl ...

oval:org.secpod.oval:def:1501324
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

oval:org.secpod.oval:def:1501347
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Re ...

oval:org.secpod.oval:def:1501389
A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an applicatio ...

oval:org.secpod.oval:def:1501393
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website.

oval:org.secpod.oval:def:1501404
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Mu ...

oval:org.secpod.oval:def:1501535
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501519
Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: * A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle ...

oval:org.secpod.oval:def:1501802
Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * It was found that Samba always requested forwardable tickets when us ...

oval:org.secpod.oval:def:1501814
Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: * It was found that Samba always requested forwardable tickets when using Kerberos authentica ...

oval:org.secpod.oval:def:1501486
he Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * It was found that when NTP was configured ...

oval:org.secpod.oval:def:1501861
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501466
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 38.8.0. Security Fix: * Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitr ...

oval:org.secpod.oval:def:1501442
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.1.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ...

oval:org.secpod.oval:def:1501513
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.2.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ...

oval:org.secpod.oval:def:1501491
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.2.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the p ...

oval:org.secpod.oval:def:1501565
Multiple unspecified vulnerabilities in Mozilla thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.

oval:org.secpod.oval:def:1501670
It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

oval:org.secpod.oval:def:1501610
A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet

oval:org.secpod.oval:def:1501778
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potent ...

oval:org.secpod.oval:def:1501561
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix: * An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw t ...

oval:org.secpod.oval:def:1501517
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to complete ...

oval:org.secpod.oval:def:1501521
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to complete ...

oval:org.secpod.oval:def:1501678
Several vulnerabilities have been discovered in Linux Kernel and dtrace-modules

oval:org.secpod.oval:def:1501474
It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container.

oval:org.secpod.oval:def:1501807
Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU ...

oval:org.secpod.oval:def:1501459
ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ...

oval:org.secpod.oval:def:1501803
The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector. Security Fix: * A stack-based buffer ...

oval:org.secpod.oval:def:1501488
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacke ...

oval:org.secpod.oval:def:1501487
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacke ...

oval:org.secpod.oval:def:34301
The host is installed with Adobe Flash Player before 18.0.0.352 or 19.x through 21.x before 21.0.0.242 or Adobe AIR before 21.0.0.215 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow at ...

oval:org.secpod.oval:def:34300
The host is installed with Adobe Flash Player before 18.0.0.352 or 19.x through 21.x before 21.0.0.242 or Adobe AIR before 21.0.0.215 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow atta ...

oval:org.secpod.oval:def:1501534
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501539
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501542
Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501760
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501764
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501766
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:36269
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a cross-protocol cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attack ...

oval:org.secpod.oval:def:36268
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36266
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to compr ...

oval:org.secpod.oval:def:36257
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly processes of SVG. Successful exploitation could allow attackers to disclose imag ...

oval:org.secpod.oval:def:36263
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36262
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36261
The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ...

oval:org.secpod.oval:def:36270
The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attackers to crash the service, disclose th ...

oval:org.secpod.oval:def:1501502
The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. The setroubleshoot-plugins package provides a set of analysis plugins ...

oval:org.secpod.oval:def:1501576
Oracle Linux : Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501578
Oracle Linux : Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501498
ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ...

oval:org.secpod.oval:def:1501798
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501608
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ...

oval:org.secpod.oval:def:1501609
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ...

oval:org.secpod.oval:def:1501614
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on th ...

oval:org.secpod.oval:def:1501617
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on t ...

oval:org.secpod.oval:def:1501537
Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code, cross-site scriping, information disclosure and bypass of the same-origin policy.

oval:org.secpod.oval:def:1501590
Multiple unspecified vulnerabilities in thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

oval:org.secpod.oval:def:1501573
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially,execute arbitrary code with the privileges of the user running Firefox

oval:org.secpod.oval:def:1501548
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to ...

oval:org.secpod.oval:def:1501515
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly ...

oval:org.secpod.oval:def:1501599
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application dep ...

oval:org.secpod.oval:def:1501544
QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ...

oval:org.secpod.oval:def:1501563
An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack.

oval:org.secpod.oval:def:1501668
389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: * It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI cou ...

oval:org.secpod.oval:def:1501538
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line function. A remote attacker cou ...

oval:org.secpod.oval:def:1501571
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. ...

oval:org.secpod.oval:def:1501734
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine"s memory and completely bypass Java sandbox restrictions. * It was discov ...

oval:org.secpod.oval:def:1501606
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Jav ...

oval:org.secpod.oval:def:1501642
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. It was discov ...

oval:org.secpod.oval:def:1501745
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote atta ...

oval:org.secpod.oval:def:1501767
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501555
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ...

oval:org.secpod.oval:def:1501557
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection b ...

oval:org.secpod.oval:def:1501579
Oracle Linux : Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:36754
The host is installed with Linux kernel and is prone to a TCP session hijack vulnerability. A flaw is present in the application, which fails to handle a blind in-window attack. Successful exploitation allows man-in-the-middle attackers to hijack TCP sessions.

oval:org.secpod.oval:def:1501594
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501595
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501592
A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. (CVE-2016-4470, Important). A heap-based buffer overflow vulnerabili ...

oval:org.secpod.oval:def:1501598
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501562
Security vulnerabilities are present in kernel-uek and dtrace-modules

oval:org.secpod.oval:def:1501581
Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and ...

oval:org.secpod.oval:def:1501644
A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.

oval:org.secpod.oval:def:1501746
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Security Fix: * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a databa ...

oval:org.secpod.oval:def:37213
The host is installed with MySQL 5.1.73 and earlier on OEL 6, mariadb 5.5.50 and earlier on OEL 7 or MySQL 5.0.95 and earlier on OEL 5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle MySQL logging functions. Successful exploi ...

oval:org.secpod.oval:def:1501797
CVE-2016-6816 : The code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the a ...

oval:org.secpod.oval:def:1501602
linux: Linux kernel Several security issues were fixed in the kernel.

oval:org.secpod.oval:def:1501694
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was discovered that the sudo noexec restricti ...

oval:org.secpod.oval:def:1501726
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ...

oval:org.secpod.oval:def:1501707
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ...

oval:org.secpod.oval:def:1501710
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ...

oval:org.secpod.oval:def:1501716
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes ...

oval:org.secpod.oval:def:1501762
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501804
The bash packages provide Bash , which is the default shell for Red Hat Enterprise Linux. Security Fix: * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines ...

oval:org.secpod.oval:def:1501667
The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fix: * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use thi ...

oval:org.secpod.oval:def:1501808
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type ...

oval:org.secpod.oval:def:1501817
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501822
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501821
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501863
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501853
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501929
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501624
The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * A denial of service flaw was found in the way BIND handled responses conta ...

oval:org.secpod.oval:def:1501743
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501711
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer"s VMware ...

oval:org.secpod.oval:def:1501718
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fix: * Multiple flaws were discovered in GStreamer"s FLC/FLI/FLX m ...

oval:org.secpod.oval:def:1501897
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501930
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501932
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501931
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502012
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501846
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501856
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501771
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501809
The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls . Security Fix: * A denial of service flaw was found in the way the ...

oval:org.secpod.oval:def:1501841
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501873
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501872
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501884
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501854
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501870
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501871
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1500320
Updated php packages that fix three security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detai ...

oval:org.secpod.oval:def:1500726
Updated bash packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ...

oval:org.secpod.oval:def:1500730
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ...

oval:org.secpod.oval:def:1500743
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the Fo ...

oval:org.secpod.oval:def:1502031
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502030
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1502032
The advisory is missing the security advisory description. For more information please visit the reference link

*CPE
cpe:/o:oracle:linux:6

© 2013 SecPod Technologies