Download
| Alert*
oval:org.secpod.oval:def:45302
The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues with improper error handling. Successful exploitation leads an application to gain elevated privileges ... oval:org.secpod.oval:def:45304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-2. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly handle maliciously crafted vectors. Successful exploitation may lead to UI spoofing or memor ... oval:org.secpod.oval:def:44096 The host is installed with Apple Mac OS X 10.13.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker processing a maliciously crafted string to lead to heap co ... oval:org.secpod.oval:def:44097 The host is missing a security update according to Apple advisory, APPLE-SA-2018-02-19-2. The update is required to fix memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could allow attackers pro ... oval:org.secpod.oval:def:43046 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with ... oval:org.secpod.oval:def:43049 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a multiple memory corruption vulnerabilities. The flaw is present in the application, which fails to properly handle a type confusion issue. Successful exploitation allows attackers to allow an application to rea ... oval:org.secpod.oval:def:43048 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43050 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to allow an application to exe ... oval:org.secpod.oval:def:43053 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43052 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43051 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restricted memory. oval:org.secpod.oval:def:44843 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44857 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44861 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44867 The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:44835 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44836 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:42916 The host is installed with Apple Mac OS X 10.12.6 or before 10.13.1 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issue. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:42919 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle path handling issue. Successful exploitation could allow attackers to modify restricted areas of file syst ... oval:org.secpod.oval:def:43362 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43363 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a security bypass vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue existing in the kernel. Successful exploitation allows a local user to cause unexp ... oval:org.secpod.oval:def:45905 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform arbitrary code execution. oval:org.secpod.oval:def:45914 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform a denial of service attack. oval:org.secpod.oval:def:45916 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45917 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45918 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to gain elevated privileges. oval:org.secpod.oval:def:45923 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent account identifier. oval:org.secpod.oval:def:45925 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45920 The host is installed with Apple Mac OS X 10.13.4 and is prone to a messages injection vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to conduct impersonation attacks. oval:org.secpod.oval:def:45921 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a message validation issue. Successful exploitation allows attackers to lead to denial of service. oval:org.secpod.oval:def:45929 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a text validation issue. Successful exploitation allows attackers to lead to a denial of service. oval:org.secpod.oval:def:1801183 CVE-2018-4246 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4261 Processing maliciously crafted web content may lead to arbitrary code execution ... oval:org.secpod.oval:def:704334 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:45944 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to cause arbitra ... oval:org.secpod.oval:def:45895 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:704127 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:114649 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:704068 webkit2gtk: Web content engine library for GTK+ A security issue was fixed in WebKitGTK+. oval:org.secpod.oval:def:704062 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:114541 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:114411 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:114728 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:45934 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:46304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to spoof address bars or ... oval:org.secpod.oval:def:46307 The host is installed with Apple Safari before 11.1.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a malicious website. Successful exploitation allows attackers to exfiltrate cross-origin the sound fetched through audio elements. oval:org.secpod.oval:def:46311 The host is installed with Apple Safari before 11.1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:46303 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:46302 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:704284 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46294 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted content. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:46290 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a cross-origin data bypass vulnerability. A flaw is present in the application, which fails to properly perform audio taint tracking. Successful exploitation could allow attackers to exfiltrate audio data ... oval:org.secpod.oval:def:45886 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:43633 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43631 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute an arbitrary c ... oval:org.secpod.oval:def:43637 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle a certificate evaluation issue. Successful exploitation makes a certificate to have name constraints applied incor ... oval:org.secpod.oval:def:43635 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an attacker to perform an arbitrary code ... oval:org.secpod.oval:def:113825 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113612 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113854 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:703931 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:43625 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code by processing a ... oval:org.secpod.oval:def:43629 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43630 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a race condition issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:113665 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:42619 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:703886 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:113634 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... |