Download
| Alert*
oval:org.secpod.oval:def:42641
The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle additional entitlements. Successful exploitation allows remote attackers to access the FileVault unlock key. oval:org.secpod.oval:def:42652 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a logic error in kext loading. Successful exploitation allows attackers to execute arbitrary code system privilege ... oval:org.secpod.oval:def:42662 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly perform access restrictions. Successful exploitation allows attackers to display results for files not belonging to the user. oval:org.secpod.oval:def:44096 The host is installed with Apple Mac OS X 10.13.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows an attacker processing a maliciously crafted string to lead to heap co ... oval:org.secpod.oval:def:44097 The host is missing a security update according to Apple advisory, APPLE-SA-2018-02-19-2. The update is required to fix memory corruption vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation could allow attackers pro ... oval:org.secpod.oval:def:45302 The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues with improper error handling. Successful exploitation leads an application to gain elevated privileges ... oval:org.secpod.oval:def:45303 The host is installed with Apple Mac OS X 10.13.4 and is prone to a UI-spoofing vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted test message. Successful exploitation leads to UI spoofing. oval:org.secpod.oval:def:45304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-2. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly handle maliciously crafted vectors. Successful exploitation may lead to UI spoofing or memor ... oval:org.secpod.oval:def:42909 The host is installed with Apple Mac OS X 10.13 or 10.13.1 and is prone to an authentication bypass vulnerability. The flaw is present in the application, which fails to properly handle the validation of credentials. Successful exploitation could allow attackers to bypass administrator authenticatio ... oval:org.secpod.oval:def:42908 The host is missing a security update according to APPLE-SA-2017-11-29-1. The update is required to fix an authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle validation of credentials. Successful exploitation could allow attackers to bypass admi ... oval:org.secpod.oval:def:43039 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43043 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43041 The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43040 The host is installed with Apple Mac OS X 10.13.1 and is prone to an out-of-bounds memory read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to cause unexpected system termination or read ke ... oval:org.secpod.oval:def:43046 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with ... oval:org.secpod.oval:def:43045 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to execute arbitrary c ... oval:org.secpod.oval:def:43044 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:43049 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a multiple memory corruption vulnerabilities. The flaw is present in the application, which fails to properly handle a type confusion issue. Successful exploitation allows attackers to allow an application to rea ... oval:org.secpod.oval:def:43048 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43050 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to allow an application to exe ... oval:org.secpod.oval:def:43054 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an inconsistent user interface issue. Successful exploitation gives privileges to attackers so that a S/MIME encrypted e ... oval:org.secpod.oval:def:43053 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43052 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restric ... oval:org.secpod.oval:def:43051 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to allow an application to read restricted memory. oval:org.secpod.oval:def:43055 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle an encryption issue. Successful exploitation allows attackers with a privileged network position may be able to intercep ... oval:org.secpod.oval:def:44845 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with system privileges. oval:org.secpod.oval:def:44846 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle memory corruption issues. Successful exploitation allows an application to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:44841 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an access control vulnerability. A flaw is present in the application, which fails to properly a mounted malicious disk image. Successful exploitation allows an application to launch an application. oval:org.secpod.oval:def:44842 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ... oval:org.secpod.oval:def:44843 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44844 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44850 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with kernel pri ... oval:org.secpod.oval:def:44851 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read issues. Successful exploitation allows an application to execute arbitrary code with system privileges. oval:org.secpod.oval:def:44856 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44857 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44858 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44859 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly input validation issues. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44852 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted applications. Successful exploitation allows an application to bypass code signing en ... oval:org.secpod.oval:def:44853 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle out-of-bounds read. Successful exploitation allows an application execute arbitrary code with system pri ... oval:org.secpod.oval:def:44854 The host is installed with Apple Mac OS X 10.13.3 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle S/MIME-encrypted HTML e-mail. Successful exploitation allows an application to exfiltrate the contents of S/MIME-en ... oval:org.secpod.oval:def:44855 The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle inconsistent user-interface. Successful exploitation allows an application to intercept the contents of S/MIME-encrypted e-m ... oval:org.secpod.oval:def:44860 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44861 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44867 The host is installed with Apple Mac OS 10.13.3 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:44863 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44865 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle bracketed paste mode. Successful exploitation allows an application to execute arbitrary command exe ... oval:org.secpod.oval:def:44866 The host is installed with Apple Mac OS X 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle keystrokes entered by unprivileged applications. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:44834 The host is installed with Apple Mac OS X 10.13.3 and is prone to an arbitrary code injection vulnerability. A flaw is present in the application, which fails to properly handle APFS volume passwords. Successful exploitation leads to an arbitrary code injection through truncation of APFS volume pass ... oval:org.secpod.oval:def:44835 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44836 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44837 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or 10.13.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle improper validation. Successful exploitation allows an application to gain elevated privileges. oval:org.secpod.oval:def:44832 The host is installed with Apple Mac OS X 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle passwords passed to sysadminctl tool. Successful exploitation leads to the exposure of passwords to other local users. oval:org.secpod.oval:def:44833 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted files in symlinks. Successful exploitation allows attackers to disclose user informa ... oval:org.secpod.oval:def:44839 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information access vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted webpages. Successful exploitation allows an application to mount a disk image. oval:org.secpod.oval:def:1600989 do_bid_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printf and file_vprintf. do_core_note in readelf.c in libmagic.a has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360 . do_core_note in readelf.c in libm ... oval:org.secpod.oval:def:42629 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:42633 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font file. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:42632 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows remote attackers to read restricted memory. oval:org.secpod.oval:def:42631 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted QuickTime file. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:42630 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font. Successful exploitation allows remote attackers to disclose process memory. oval:org.secpod.oval:def:42637 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle a quarantined HTML file. Successful exploitation allows remote attackers to execute arbitrary JavaScript cross-origin. oval:org.secpod.oval:def:42636 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:42635 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation allows remote attackers to disclose sensitive information. oval:org.secpod.oval:def:42634 The host is installed with Apple Mac OS 10.8 before 10.13.1 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted content. Successful exploitation allows remote attackers to lead to unspecified impact. oval:org.secpod.oval:def:42639 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted image. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:42638 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:42640 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly process disk image. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:42644 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42643 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation allows local attackers to disclose kernel memory. oval:org.secpod.oval:def:42642 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a permissions issue in kernel packet counters. Successful exploitation allows local attackers to disclose sensitive ... oval:org.secpod.oval:def:42648 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42647 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42646 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42645 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42651 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a malformed mach binary. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:42650 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:42655 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly unpack a maliciously crafted archive. Successful exploitation allows attackers to execute arbitrary code system priv ... oval:org.secpod.oval:def:42654 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly unpack a maliciously crafted archive. Successful exploitation allows attackers to execute arbitrary code system privileges. oval:org.secpod.oval:def:42653 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly unpack a maliciously crafted archive. Successful exploitation allows attackers to execute arbitrary code system privileges. oval:org.secpod.oval:def:42659 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42658 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:42656 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation allows attackers to execute arbitrary code system privileges. oval:org.secpod.oval:def:42661 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:42660 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly perform memory handling. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:48697 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 or before 10.13.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:48694 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an out-of-bounds read vulnerability. The flaw is present in the application, which fails to properly handle an out-of-bounds read issue. Successful exploitation allows attackers to allow an application to read re ... oval:org.secpod.oval:def:48708 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly perform bounds checking. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:54621 The host is installed with Apple Mac OS X 10.12.6 or 10.13.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows an attacker to execute arbitrary code with system privileges. oval:org.secpod.oval:def:1801090 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801091 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801087 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801089 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:43362 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43361 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute arbitrary code with sy ... oval:org.secpod.oval:def:43366 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43365 The host is installed with Apple Mac OS X 10.13.1 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:43364 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle screen sharing sessions. Successful exploitation allows a user with screen sharing access to access any file readable ... oval:org.secpod.oval:def:43363 The host is installed with Apple Mac OS X 10.13.1 or 10.12.6 or 10.11.6 and is prone to a security bypass vulnerability. The flaw is present in the application, which fails to properly handle an input validation issue existing in the kernel. Successful exploitation allows a local user to cause unexp ... oval:org.secpod.oval:def:45930 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with system privile ... oval:org.secpod.oval:def:45902 The host is installed with Apple Mac OS X 10.13.4 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the memory handling issue. Successful exploitation allows attackers with a malicious application to elevate privileges. oval:org.secpod.oval:def:45903 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an object management issue. Successful exploitation allows attackers to determine kernel memory layout. oval:org.secpod.oval:def:45904 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the configuration issue. Successful exploitation allows attackers with root privileges to modify the EFI flash memory region. oval:org.secpod.oval:def:45900 The host is installed with Apple Mac OS X 10.13.4 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle input validation issue. Successful exploitation allows attackers to read kernel memory. oval:org.secpod.oval:def:45909 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to spoof password prompts in iBooks. oval:org.secpod.oval:def:45905 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform arbitrary code execution. oval:org.secpod.oval:def:45906 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the entitlement plists issue. Successful exploitation allows attackers to circumvent sandbox restrictions. oval:org.secpod.oval:def:45907 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:45912 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45913 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory related issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45914 The host is installed with Apple Mac OS X 10.11.6, 10.12.6 or 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to perform a denial of service attack. oval:org.secpod.oval:def:45910 The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an input sanitization issue. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:45911 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45916 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45917 The host is installed with Apple Mac OS X 10.13.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a bounds checking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45918 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows attackers to gain elevated privileges. oval:org.secpod.oval:def:45919 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an encrypted mail issue. Successful exploitation allows attackers to exfiltrate the contents of S/MIME-encrypted e-mail. oval:org.secpod.oval:def:45923 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent account identifier. oval:org.secpod.oval:def:45924 The host is installed with Apple Mac OS X 10.13.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle the S-MIME certificaties issue. Successful exploitation allows attackers to track users by malicious websites using client certificates ... oval:org.secpod.oval:def:45925 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45926 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45920 The host is installed with Apple Mac OS X 10.13.4 and is prone to a messages injection vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows attackers to conduct impersonation attacks. oval:org.secpod.oval:def:45921 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a message validation issue. Successful exploitation allows attackers to lead to denial of service. oval:org.secpod.oval:def:45922 The host is installed with Apple Mac OS X 10.13.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:45927 The host is installed with Apple Mac OS X 10.13.4 and is prone to a security authorization vulnerability. A flaw is present in the application, which fails to properly handle a state management issue. Successful exploitation allows attackers to read a persistent device identifier. oval:org.secpod.oval:def:45928 The host is installed with Apple Mac OS X 10.13.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a microphone access issue. Successful exploitation allows attackers to circumvent sandbox restrictions. oval:org.secpod.oval:def:45929 The host is installed with Apple Mac OS X 10.13.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a text validation issue. Successful exploitation allows attackers to lead to a denial of service. oval:org.secpod.oval:def:45899 The host is installed with Apple Mac OS X 10.13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle memory management issue. Successful exploitation allows attackers to execute arbitrary code with system privileges. oval:org.secpod.oval:def:42649 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input sanitization. Successful exploitation allows attackers to read restricted memory. oval:org.secpod.oval:def:116061 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:116108 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:53567 The host is installed with Apple Mac OS X 10.12.6, 10.13.6 or 10.14.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle an issue in perl. Successful exploitation allows an attacker to cause unspecified impact. oval:org.secpod.oval:def:53350 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:114665 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:114659 Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compresse ... oval:org.secpod.oval:def:603428 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:704204 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:51088 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:1901135 do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. oval:org.secpod.oval:def:53018 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:704827 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:45908 The host is installed with Apple Mac OS X 10.13.4 or 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows attackers to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:48636 The host is installed with Apple Mac OS X 10.12.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a locking issue. Successful exploitation allows an attacker to execute arbitrary code with kernel privileges. oval:org.secpod.oval:def:42620 The host is installed with Apple Mac OS 10.8 before 10.13 and is prone to a protocol security vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to exploit weaknesses in TLS 1.0. oval:org.secpod.oval:def:48176 The host is installed with Apple Mac OS X 10.8 before 10.13 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to handle an issue in DesktopServices component. Successful exploitation could allow local users to bypass intended access restricti ... oval:org.secpod.oval:def:48547 The host is installed with Apple Mac OS X 10.8 before 10.13.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle an issue in "802.1X" component. Successful exploitation could allow attackers to have an unspecified impact by leveraging TLS 1.0 su ... oval:org.secpod.oval:def:43634 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a denial of service vulnerability. The flaw is present in the application, which fails to properly handle a resource exhaustion issue. Successful exploitation allows an application to cause denial of service. oval:org.secpod.oval:def:43633 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43632 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a logic issue. Successful exploitation allows an application to execute an arbitrary code with kernel privile ... oval:org.secpod.oval:def:43631 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an application to execute an arbitrary c ... oval:org.secpod.oval:def:43638 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a validation issue. Successful exploitation allows an attacker to read restricted memory. oval:org.secpod.oval:def:43637 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle a certificate evaluation issue. Successful exploitation makes a certificate to have name constraints applied incor ... oval:org.secpod.oval:def:43636 The host is installed with Apple Mac OS X 10.13.2 and is prone to an unspecified vulnerability. The flaw is present in the application, which fails to properly handle an access issue. Successful exploitation allows a sandboxed process to circumvent sandbox restrictions. oval:org.secpod.oval:def:43635 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows an attacker to perform an arbitrary code ... oval:org.secpod.oval:def:43627 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 or 10.11.6 and is prone to an arbitrary code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code w ... oval:org.secpod.oval:def:43625 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle a memory corruption issue. Successful exploitation allows attackers to execute an arbitrary code by processing a ... oval:org.secpod.oval:def:43629 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:43630 The host is installed with Apple Mac OS X 10.13.2 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to properly handle a race condition issue. Successful exploitation allows an application to read restricted memory. oval:org.secpod.oval:def:114424 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:48698 The host is installed with Apple Mac OS X 10.13.2 or 10.12.6 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly perform state management. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:115029 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:43639 The host is installed with Apple Mac OS 10.13.1 or 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:54501 The host is installed with Apple Mac OS 10.8 through 10.13 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the authentication API. Successful exploitation allows remote attackers to bypass required authentication if the API was used ... oval:org.secpod.oval:def:42910 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:502287 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1700044 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:705016 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ... oval:org.secpod.oval:def:1502207 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204822 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Kernel: KVM: error in exception handling leads to wrong debug stack value * Kernel: error in exception handling leads to DoS * Kernel: ipsec: xfrm: use-after-free leading to potential privilege es ... oval:org.secpod.oval:def:1600892 A weakness was found in the Linux kernel#039;s implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch oper ... oval:org.secpod.oval:def:57782 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-euclid: Linux kernel for Intel Euclid systems - linux-gcp: Linux kernel for Google Cloud Platform syst ... oval:org.secpod.oval:def:54654 The host is missing a security update according to Apple advisory, APPLE-SA-2019-5-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause memory ... oval:org.secpod.oval:def:53540 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memo ... oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:53326 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:115530 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114551 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:115435 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1502222 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502220 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114789 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:204798 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:114727 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114614 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:1502215 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502217 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204852 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defi ... oval:org.secpod.oval:def:48684 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ... oval:org.secpod.oval:def:502332 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Store instructions . It relies on the presence of a precisely-defined in ... oval:org.secpod.oval:def:603398 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ... oval:org.secpod.oval:def:115038 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:502286 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulner ... oval:org.secpod.oval:def:1502206 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1800989 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:53328 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-8897 Andy Lutomirski and Nick Peterson discovered that incorrect handling of debug exceptions could result in privilege escalation. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could res ... oval:org.secpod.oval:def:114497 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:114565 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:45915 The host is installed with Apple Mac OS X 10.11.6 or 10.12.6 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an undocumented instructions issue. Successful exploitation allows attackers to execute arbitrary code with ker ... oval:org.secpod.oval:def:1502203 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502204 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502201 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502202 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502205 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:45388 An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new a ... oval:org.secpod.oval:def:1801000 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:1801001 CVE-2018-8897, XSA-260: x86: mishandling of debug exceptions oval:org.secpod.oval:def:1801004 CVE-2018-10472,XSA-258: Information leak via crafted user-supplied CDROM oval:org.secpod.oval:def:45418 The host is missing an important security update for KB4103731 oval:org.secpod.oval:def:45419 The host is missing an important security update for KB4103730 oval:org.secpod.oval:def:45898 The host is installed with Apple Mac OS 10.13.4, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory or ... oval:org.secpod.oval:def:45416 The host is missing an important security update for KB4134651 oval:org.secpod.oval:def:45421 The host is missing an important security update 4103715 oval:org.secpod.oval:def:45422 The host is missing an important security update for KB4103716 oval:org.secpod.oval:def:45543 The host is missing an important security update 4103718 oval:org.secpod.oval:def:45423 The host is missing an important security update for KB4103721 oval:org.secpod.oval:def:45435 The host is missing an important security update for KB4103723 oval:org.secpod.oval:def:45436 The host is missing an important security update for KB4103725 oval:org.secpod.oval:def:45437 The host is missing an important security update 4103726 oval:org.secpod.oval:def:45438 The host is missing an important security update for KB4103727 oval:org.secpod.oval:def:45440 The host is missing an important security update 4103712 oval:org.secpod.oval:def:603396 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM gue ... oval:org.secpod.oval:def:42214 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |