The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.
| oval:org.secpod.oval:def:37218 | CVE-2016-4256 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4256 |
| oval:org.secpod.oval:def:37219 | CVE-2016-4257 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4257 |
| oval:org.secpod.oval:def:37220 | CVE-2016-4258 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4258 |
| oval:org.secpod.oval:def:37221 | CVE-2016-4259 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4259 |
| oval:org.secpod.oval:def:37222 | CVE-2016-4260 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4260 |
| oval:org.secpod.oval:def:37223 | CVE-2016-4261 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4261 |
| oval:org.secpod.oval:def:37224 | CVE-2016-4262 | Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4262 |
| oval:org.secpod.oval:def:37225 | CVE-2016-4263 | Use-after-free vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4263 |
| oval:org.secpod.oval:def:37226 | APSB16-28 CVE-2016-4256 CVE-2016-4257 CVE-2016-4258 CVE-2016-4259 CVE-2016-4260 CVE-2016-4261 CVE-2016-4262 CVE-2016-4263 |
Multiple vulnerabilities in Adobe Digital Editions via unspecified vectors – APSB16-28 |
| oval:org.secpod.oval:def:37238 | CVE-2016-4728 | Arbitrary code execution vulnerability in the WebKit in Apple iTunes – CVE-2016-4728 |
| oval:org.secpod.oval:def:37229 | CVE-2016-4763 | Privilege escalation vulnerability in the WebKit in Apple iTunes – CVE-2016-4763 |
| oval:org.secpod.oval:def:37228 | CVE-2016-4769 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4769 |
| oval:org.secpod.oval:def:37227 | APPLE-SA-2016-09-20-7 CVE-2016-4728 CVE-2016-4758 CVE-2016-4759 CVE-2016-4760 CVE-2016-4762 CVE-2016-4763 CVE-2016-4765 CVE-2016-4766 CVE-2016-4767 CVE-2016-4768 CVE-2016-4769 |
Multiple vulnerabilities in Apple iTunes – APPLE-SA-2016-09-20-7 |
| oval:org.secpod.oval:def:37237 | CVE-2016-4758 | Information disclosure vulnerability in the WebKit in Apple iTunes – CVE-2016-4758 |
| oval:org.secpod.oval:def:37236 | CVE-2016-4759 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4759 |
| oval:org.secpod.oval:def:37235 | CVE-2016-4762 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4762 |
| oval:org.secpod.oval:def:37234 | CVE-2016-4766 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4766 |
| oval:org.secpod.oval:def:37233 | CVE-2016-4767 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4767 |
| oval:org.secpod.oval:def:37232 | CVE-2016-4768 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4768 |
| oval:org.secpod.oval:def:37231 | CVE-2016-4760 | Privilege escalation vulnerability in the WebKit in Apple iTunes – CVE-2016-4760 |
| oval:org.secpod.oval:def:37230 | CVE-2016-4765 | Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4765 |
| oval:org.secpod.oval:def:37239 | CVE-2016-6662 | Privilege escalation vulnerability in MariaDB by abusing MySQL logging functions |
| oval:org.secpod.oval:def:37271 | CVE-2016-5279 | Information disclosure vulnerability in Mozilla Firefox while using drag and drop |
| oval:org.secpod.oval:def:37272 | CVE-2016-5280 | Use-after-free vulnerability in mozilla::nsTextNodeDirectionalityMap:: RemoveElementFromMap in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37273 | CVE-2016-5281 | Use-after-free vulnerability in DOMSVGLength in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37274 | CVE-2016-5282 | Privilege escalation vulnerability in Mozilla Firefox while requesting favicons from non-whitelisted schemes |
| oval:org.secpod.oval:def:37275 | CVE-2016-5283 | Cross origin data disclosure vulnerability in Mozilla Firefox via fragment timing attack |
| oval:org.secpod.oval:def:37276 | CVE-2016-5284 | Malicious add-on injection vulnerability in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37277 | CVE-2016-5256 | Memory corruption vulnerability in Mozilla Firefox – CVE-2016-5256 |
| oval:org.secpod.oval:def:37280 | CVE-2016-5250 | Information disclosure vulnerability in Resource Timing API in Mozilla Firefox ESR |
| oval:org.secpod.oval:def:37281 | CVE-2016-5261 | Integer overflow vulnerability in WebSocketChannel in Mozilla Firefox ESR |
| oval:org.secpod.oval:def:37279 | CVE-2016-5257 | Memory corruption vulnerability in Mozilla Firefox or Firefox ESR – CVE-2016-5257 |
| oval:org.secpod.oval:def:37282 | CVE-2016-2827 CVE-2016-5256 CVE-2016-5257 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5279 CVE-2016-5280 CVE-2016-5281 CVE-2016-5282 CVE-2016-5283 CVE-2016-5284 MFSA2016-85 |
Multiple vulnerabilities in Mozilla Firefox – MFSA2016-85 |
| oval:org.secpod.oval:def:37283 | CVE-2016-5250 CVE-2016-5257 CVE-2016-5261 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284 MFSA2016-86 |
Multiple vulnerabilities in Mozilla Firefox ESR – MFSA2016-86 |
| oval:org.secpod.oval:def:37278 | CVE-2016-5275 | Global buffer overflow vulnerability in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions in Mozilla Firefox |
| oval:org.secpod.oval:def:37263 | CVE-2016-5270 | Heap based buffer overflow vulnerability in nsCaseTransformTextRunFactory::TransformString in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37264 | CVE-2016-5271 | Out-of-bounds vulnerability in PropertyProvider::GetSpacingInternal in Mozilla Firefox |
| oval:org.secpod.oval:def:37262 | CVE-2016-2827 | Out-of-bounds read vulnerability in mozilla::net::IsValidReferrerPolicy in Mozilla Firefox |
| oval:org.secpod.oval:def:37265 | CVE-2016-5272 | Denial of service vulnerability in Mozilla Firefox and Firefox ESR due to a bad cast in nsImageGeometryMixin |
| oval:org.secpod.oval:def:37266 | CVE-2016-5273 | Denial of service vulnerability in mozilla::a11y::HyperTextAccessible::GetChildOffset in Mozilla Firefox |
| oval:org.secpod.oval:def:37267 | CVE-2016-5276 | Heap-use-after-free vulnerability in mozilla::a11y::DocAccessible::ProcessInvalidationList in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37268 | CVE-2016-5274 | Use-after-free vulnerability in web animations in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37269 | CVE-2016-5277 | Heap-use-after-free vulnerability in nsRefreshDriver::Tick in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:37270 | CVE-2016-5278 | Heap-buffer-overflow vulnerability in nsBMPEncoder::AddImageFrame in Mozilla Firefox and Firefox ESR |
| oval:org.secpod.oval:def:703262 | CVE-2014-3589 CVE-2016-0775 CVE-2016-2533 USN-3080-1 |
USN-3080-1 — python imaging library vulnerabilities |
| oval:org.secpod.oval:def:703263 | CVE-2016-1854 CVE-2016-1856 CVE-2016-1857 CVE-2016-1858 CVE-2016-1859 CVE-2016-4583 CVE-2016-4585 CVE-2016-4586 CVE-2016-4588 CVE-2016-4589 CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4623 CVE-2016-4624 CVE-2016-4651 USN-3079-1 |
USN-3079-1 — webkitgtk+ vulnerabilities |
| oval:org.secpod.oval:def:703264 | CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 CVE-2016-5145 CVE-2016-5146 CVE-2016-5147 CVE-2016-5148 CVE-2016-5150 CVE-2016-5153 CVE-2016-5155 CVE-2016-5156 CVE-2016-5161 CVE-2016-5164 CVE-2016-5165 CVE-2016-5167 USN-3058-1 |
USN-3058-1 — oxide vulnerabilities |
| oval:org.secpod.oval:def:204000 | CESA-2016:1850 CVE-2015-8920 CVE-2015-8921 CVE-2015-8932 CVE-2016-4809 CVE-2016-5418 CVE-2016-5844 CVE-2016-7166 |
CESA-2016:1850 — centos 6 libarchive |
| oval:org.secpod.oval:def:204001 | CESA-2016:1844 CVE-2015-8916 CVE-2015-8917 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8934 CVE-2016-1541 CVE-2016-4300 CVE-2016-4302 CVE-2016-4809 CVE-2016-5418 CVE-2016-5844 CVE-2016-6250 CVE-2016-7166 |
CESA-2016:1844 — centos 7 libarchive |
| oval:org.secpod.oval:def:111311 | CVE-2016-6313 FEDORA-2016-3a0195918f |
FEDORA-2016-3a0195918f — Fedora 23 gnupg-1.4.21-1.fc23 |
| oval:org.secpod.oval:def:111312 | FEDORA-2016-e77b6d963a | FEDORA-2016-e77b6d963a — Fedora 24 thunderbird-45.3.0-1.fc24 |
| oval:org.secpod.oval:def:111313 | FEDORA-2016-e1589894e8 | FEDORA-2016-e1589894e8 — Fedora 24 gnutls-3.4.15-1.fc24 |
| oval:org.secpod.oval:def:111314 | CVE-2016-7167 FEDORA-2016-7a2ed52d41 |
FEDORA-2016-7a2ed52d41 — Fedora 24 curl-7.47.1-8.fc24 |
| oval:org.secpod.oval:def:111315 | FEDORA-2016-0bdf82500f | FEDORA-2016-0bdf82500f — Fedora 24 GraphicsMagick-1.3.25-1.fc24 |
| oval:org.secpod.oval:def:111316 | CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 FEDORA-2016-7d2c67d1f5 |
FEDORA-2016-7d2c67d1f5 — Fedora 24 xen-4.6.3-5.fc24 |
| oval:org.secpod.oval:def:111317 | FEDORA-2016-2edb9adec8 | FEDORA-2016-2edb9adec8 — Fedora 23 gnutls-3.4.15-1.fc23 |
| oval:org.secpod.oval:def:111318 | FEDORA-2016-06e4de8210 | FEDORA-2016-06e4de8210 — Fedora 23 phpMyAdmin-4.6.4-2.fc23 |
| oval:org.secpod.oval:def:111319 | CVE-2016-7163 FEDORA-2016-27d3b7742f |
FEDORA-2016-27d3b7742f — Fedora 24 openjpeg2-2.1.1-3.fc24 |
| oval:org.secpod.oval:def:111320 | CVE-2015-5203 FEDORA-2016-5a7e745a56 |
FEDORA-2016-5a7e745a56 — Fedora 24 jasper-1.900.1-34.fc24 |
| oval:org.secpod.oval:def:111321 | CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5173 CVE-2016-5174 CVE-2016-5175 FEDORA-2016-b15185b72a |
FEDORA-2016-b15185b72a — Fedora 24 chromium-53.0.2785.113-1.fc24 |
| oval:org.secpod.oval:def:111322 | FEDORA-2016-b3f93ead5b | FEDORA-2016-b3f93ead5b — Fedora 24 moin-1.9.8-1.fc24 |
| oval:org.secpod.oval:def:111324 | CVE-2016-4855 FEDORA-2016-7d6ca385a4 |
FEDORA-2016-7d6ca385a4 — Fedora 23 php-adodb-5.15-10.fc23 |
| oval:org.secpod.oval:def:111326 | CVE-2016-7163 FEDORA-2016-231f53426b |
FEDORA-2016-231f53426b — Fedora 23 openjpeg2-2.1.1-3.fc23 |
| oval:org.secpod.oval:def:111327 | CVE-2016-6299 FEDORA-2016-145afea99e |
FEDORA-2016-145afea99e — Fedora 24 mock-1.2.21-1.fc24 |
| oval:org.secpod.oval:def:111329 | FEDORA-2016-390ec4a8f3 | FEDORA-2016-390ec4a8f3 — Fedora 23 GraphicsMagick-1.3.25-1.fc23 |
| oval:org.secpod.oval:def:111330 | CVE-2016-6299 FEDORA-2016-145afea99e |
FEDORA-2016-145afea99e — Fedora 24 distribution-gpg-keys-1.7-1.fc24 |
| oval:org.secpod.oval:def:111332 | CVE-2016-7163 FEDORA-2016-adb346980c |
FEDORA-2016-adb346980c — Fedora 23 mingw-openjpeg2-2.1.1-3.fc23 |
| oval:org.secpod.oval:def:111333 | CVE-2016-4855 FEDORA-2016-fed6f8c57d |
FEDORA-2016-fed6f8c57d — Fedora 24 php-adodb-5.15-10.fc24 |
| oval:org.secpod.oval:def:111334 | CVE-2016-7163 FEDORA-2016-2eac99579c |
FEDORA-2016-2eac99579c — Fedora 24 mingw-openjpeg2-2.1.1-3.fc24 |
| oval:org.secpod.oval:def:1600447 | ALAS-2016-744 CVE-2016-6313 |
ALAS-2016-744 —- libgcrypt gnupg |
| oval:org.secpod.oval:def:1600448 | ALAS-2016-747 CVE-2016-5423 CVE-2016-5424 |
ALAS-2016-747 —- postgresql92 postgresql93 postgresql94 |
| oval:org.secpod.oval:def:1600449 | ALAS-2016-748 CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3606 |
ALAS-2016-748 —- java-1.6.0-openjdk |
| oval:org.secpod.oval:def:1600450 | ALAS-2016-745 CVE-2016-2775 |
ALAS-2016-745 —- bind |
| oval:org.secpod.oval:def:1600451 | ALAS-2016-746 CVE-2016-1000212 |
ALAS-2016-746 —- lighttpd |
| oval:org.secpod.oval:def:602607 | CVE-2016-7143 DSA-3661-1 |
DSA-3661-1 charybdis — charybdis |
| oval:org.secpod.oval:def:602608 | CVE-2016-7092 CVE-2016-7094 CVE-2016-7154 DSA-3663-1 |
DSA-3663-1 xen — xen |
| oval:org.secpod.oval:def:602609 | CVE-2016-5426 CVE-2016-5427 CVE-2016-6172 DSA-3664-1 |
DSA-3664-1 pdns — pdns |
| oval:org.secpod.oval:def:602610 | CVE-2016-7142 DSA-3662-1 |
DSA-3662-1 inspircd — inspircd |
| oval:org.secpod.oval:def:602611 | CVE-2015-6581 CVE-2015-8871 CVE-2016-1924 CVE-2016-7163 DSA-3665-1 |
DSA-3665-1 openjpeg2 — openjpeg2 |
| oval:org.secpod.oval:def:602612 | CVE-2016-1240 DSA-3669-1 |
DSA-3669-1 tomcat7 — tomcat7 |
| oval:org.secpod.oval:def:602614 | CVE-2016-1240 DSA-3670-1 |
DSA-3670-1 tomcat8 — tomcat8 |
| oval:org.secpod.oval:def:602615 | CVE-2016-6893 DSA-3668-1 |
DSA-3668-1 mailman — mailman |
| oval:org.secpod.oval:def:602616 | CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5173 CVE-2016-5174 CVE-2016-5175 CVE-2016-7395 DSA-3667-1 |
DSA-3667-1 chromium-browser — chromium-browser |
| oval:org.secpod.oval:def:37240 | CVE-2016-4618 | Universal cross site scripting vulnerability in Apple Safari due to maliciously crafted webpage |
| oval:org.secpod.oval:def:37249 | CVE-2016-4735 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4735 |
| oval:org.secpod.oval:def:37250 | CVE-2016-4737 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4737 |
| oval:org.secpod.oval:def:37251 | CVE-2016-4759 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4759 |
| oval:org.secpod.oval:def:37252 | CVE-2016-4762 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4762 |
| oval:org.secpod.oval:def:37253 | CVE-2016-4766 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4766 |
| oval:org.secpod.oval:def:37254 | CVE-2016-4767 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4767 |
| oval:org.secpod.oval:def:37255 | CVE-2016-4768 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4768 |
| oval:org.secpod.oval:def:37256 | CVE-2016-4769 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4769 |
| oval:org.secpod.oval:def:37257 | CVE-2016-4760 | Cross-protocol exploitation vulnerability in Apple Safari due to maliciously crafted webpage |
| oval:org.secpod.oval:def:37258 | CVE-2016-4733 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4733 |
| oval:org.secpod.oval:def:37241 | CVE-2016-4751 | Address bar spoofing vulnerability in Apple Safari due to maliciously crafted webpage |
| oval:org.secpod.oval:def:37259 | CVE-2016-4765 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4765 |
| oval:org.secpod.oval:def:37260 | CVE-2016-4763 | Unspecified vulnerability in Apple Safari due to WKWebView with HTTPS |
| oval:org.secpod.oval:def:37242 | CVE-2016-4728 | Arbitrary code execution vulnerability in Apple Safari due to maliciously crafted webpage |
| oval:org.secpod.oval:def:37261 | APPLE-SA-2016-09-20-2 CVE-2016-4611 CVE-2016-4618 CVE-2016-4728 CVE-2016-4729 CVE-2016-4730 CVE-2016-4731 CVE-2016-4733 CVE-2016-4734 CVE-2016-4735 CVE-2016-4737 CVE-2016-4751 CVE-2016-4758 CVE-2016-4759 CVE-2016-4760 CVE-2016-4762 CVE-2016-4763 CVE-2016-4765 CVE-2016-4766 CVE-2016-4767 CVE-2016-4768 CVE-2016-4769 |
Multiple vulnerabilities in Apple Safari – APPLE-SA-2016-09-20-2 |
| oval:org.secpod.oval:def:37243 | CVE-2016-4758 | Information disclosure vulnerability in Apple Safari due to maliciously crafted webpage |
| oval:org.secpod.oval:def:37244 | CVE-2016-4611 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4611 |
| oval:org.secpod.oval:def:37245 | CVE-2016-4729 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4729 |
| oval:org.secpod.oval:def:37246 | CVE-2016-4730 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4730 |
| oval:org.secpod.oval:def:37247 | CVE-2016-4731 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4731 |
| oval:org.secpod.oval:def:37248 | CVE-2016-4734 | Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4734 |