The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.
| oval:org.secpod.oval:def:38075 | CVE-2016-5296 | Heap-buffer-overflow vulnerability in Cairo in Mozilla Firefox or Firefox ESR (MAC OS X) |
| oval:org.secpod.oval:def:38082 | CVE-2016-5292 | Denial of service vulnerability in Mozilla Firefox via a crafted URL – CVE-2016-5292 (MAC OS X) |
| oval:org.secpod.oval:def:38093 | CVE-2016-5289 CVE-2016-5290 CVE-2016-5291 CVE-2016-5292 CVE-2016-5296 CVE-2016-5297 CVE-2016-9063 CVE-2016-9064 CVE-2016-9066 CVE-2016-9067 CVE-2016-9068 CVE-2016-9070 CVE-2016-9071 CVE-2016-9073 CVE-2016-9074 CVE-2016-9075 CVE-2016-9076 CVE-2016-9077 MFSA2016-89 |
Multiple vulnerabilities in Mozilla Firefox – MFSA2016-89 (MAC OS X) |
| oval:org.secpod.oval:def:38083 | CVE-2016-9067 | Use-after-free vulnerability in nsINode::ReplaceOrInsertBefore in Mozilla Firefox (MAC OS X) |
| oval:org.secpod.oval:def:38084 | CVE-2016-9068 | Use-after-free vulnerability in nsRefreshDriver in Mozilla Firefox (MAC OS X) |
| oval:org.secpod.oval:def:38085 | CVE-2016-9075 | Elevation of privilege vulnerability in WebExtensions in Mozilla Firefox – CVE-2016-9075 (MAC OS X) |
| oval:org.secpod.oval:def:38086 | CVE-2016-9077 | Unspecified vulnerability in Mozilla Firefox via a crafted URL – CVE-2016-9077 (MAC OS X) |
| oval:org.secpod.oval:def:38087 | CVE-2016-9070 | Cross-origin bypass vulnerability in Mozilla Firefox via a maliciously crafted page (MAC OS X) |
| oval:org.secpod.oval:def:38088 | CVE-2016-9073 | Security bypass vulnerability in Mozilla Firefox – CVE-2016-9073 (MAC OS X) |
| oval:org.secpod.oval:def:38089 | CVE-2016-9076 | URL bar spoofing vulnerability in Mozilla Firefox – CVE-2016-9076 (MAC OS X) |
| oval:org.secpod.oval:def:38090 | CVE-2016-9063 | Integer overflow vulnerability in Expat in Mozilla Firefox – CVE-2016-9063 (MAC OS X) |
| oval:org.secpod.oval:def:38094 | CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 CVE-2016-9074 MFSA2016-90 |
Multiple vulnerabilities in Mozilla Firefox ESR – MFSA2016-90 (MAC OS X) |
| oval:org.secpod.oval:def:38091 | CVE-2016-9071 | Information disclosure vulnerability in Mozilla Firefox via a malicious server – CVE-2016-9071 (MAC OS X) |
| oval:org.secpod.oval:def:38092 | CVE-2016-5289 | Memory corruption vulnerabilities in Mozilla Firefox – CVE-2016-5289 (MAC OS X) |
| oval:org.secpod.oval:def:38076 | CVE-2016-5297 | Integer overflow vulnerability in Mozilla Firefox or Firefox ESR due to an error in argument length checking in JavaScript (MAC OS X) |
| oval:org.secpod.oval:def:38077 | CVE-2016-9064 | Man-in-the-middle attack vulnerability in Add-on updates in Mozilla Firefox or Firefox ESR via a malicious signed add-on (MAC OS X) |
| oval:org.secpod.oval:def:38078 | CVE-2016-9066 | Integer overflow vulnerability in Mozilla Firefox or Firefox ESR due to memory allocation issues (MAC OS X) |
| oval:org.secpod.oval:def:38079 | CVE-2016-5291 | Same-origin policy bypass vulnerability in Mozilla Firefox or Firefox ESR using local HTML file and saved shortcut file (MAC OS X) |
| oval:org.secpod.oval:def:38080 | CVE-2016-9074 | Unspecified vulnerability in Network Security Services (NSS) in Mozilla Firefox or Firefox ESR (MAC OS X) |
| oval:org.secpod.oval:def:38081 | CVE-2016-5290 | Memory corruption vulnerabilities in Mozilla Firefox or Firefox ESR – CVE-2016-5290 (MAC OS X) |
| oval:org.secpod.oval:def:38051 | CVE-2016-5296 | Heap-buffer-overflow vulnerability in Cairo in Mozilla Firefox or Firefox ESR |
| oval:org.secpod.oval:def:38060 | CVE-2016-5292 | Denial of service vulnerability in Mozilla Firefox via a crafted URL – CVE-2016-5292 |
| oval:org.secpod.oval:def:38073 | CVE-2016-5289 CVE-2016-5290 CVE-2016-5291 CVE-2016-5292 CVE-2016-5293 CVE-2016-5294 CVE-2016-5295 CVE-2016-5296 CVE-2016-5297 CVE-2016-9063 CVE-2016-9064 CVE-2016-9066 CVE-2016-9067 CVE-2016-9068 CVE-2016-9070 CVE-2016-9071 CVE-2016-9072 CVE-2016-9073 CVE-2016-9074 CVE-2016-9075 CVE-2016-9076 CVE-2016-9077 MFSA2016-89 |
Multiple vulnerabilities in Mozilla Firefox – MFSA2016-89 |
| oval:org.secpod.oval:def:38061 | CVE-2016-9067 | Use-after-free vulnerability in nsINode::ReplaceOrInsertBefore in Mozilla Firefox |
| oval:org.secpod.oval:def:38062 | CVE-2016-9068 | Use-after-free vulnerability in nsRefreshDriver in Mozilla Firefox |
| oval:org.secpod.oval:def:38063 | CVE-2016-9072 | Unspecified vulnerability in Mozilla Firefox due to NPAPI plugins are not enabled by default |
| oval:org.secpod.oval:def:38064 | CVE-2016-9075 | Elevation of privilege vulnerability in WebExtensions in Mozilla Firefox – CVE-2016-9075 |
| oval:org.secpod.oval:def:38065 | CVE-2016-9077 | Unspecified vulnerability in Mozilla Firefox via a crafted URL – CVE-2016-9077 |
| oval:org.secpod.oval:def:38066 | CVE-2016-5295 | Privilege escalation vulnerability in Mozilla Maintenance Service in Mozilla Firefox via malicious local files |
| oval:org.secpod.oval:def:38067 | CVE-2016-9070 | Cross-origin bypass vulnerability in Mozilla Firefox via a maliciously crafted page |
| oval:org.secpod.oval:def:38068 | CVE-2016-9073 | Security bypass vulnerability in Mozilla Firefox – CVE-2016-9073 |
| oval:org.secpod.oval:def:38069 | CVE-2016-9076 | URL bar spoofing vulnerability in Mozilla Firefox – CVE-2016-9076 |
| oval:org.secpod.oval:def:38052 | CVE-2016-5293 | Arbitrary local file write vulnerability in Mozilla Updater in Mozilla Firefox or Firefox ESR – CVE-2016-5293 |
| oval:org.secpod.oval:def:38070 | CVE-2016-9063 | Integer overflow vulnerability in Expat in Mozilla Firefox – CVE-2016-9063 |
| oval:org.secpod.oval:def:38074 | CVE-2016-5290 CVE-2016-5291 CVE-2016-5293 CVE-2016-5294 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 CVE-2016-9074 MFSA2016-90 |
Multiple vulnerabilities in Mozilla Firefox ESR – MFSA2016-90 |
| oval:org.secpod.oval:def:38071 | CVE-2016-9071 | Information disclosure vulnerability in Mozilla Firefox via a malicious server – CVE-2016-9071 |
| oval:org.secpod.oval:def:38072 | CVE-2016-5289 | Memory corruption vulnerabilities in Mozilla Firefox – CVE-2016-5289 |
| oval:org.secpod.oval:def:38053 | CVE-2016-5294 | Unspecified vulnerability in Mozilla Updater in Mozilla Firefox or Firefox ESR – CVE-2016-5294 |
| oval:org.secpod.oval:def:38054 | CVE-2016-5297 | Integer overflow vulnerability in Mozilla Firefox or Firefox ESR due to an error in argument length checking in JavaScript |
| oval:org.secpod.oval:def:38055 | CVE-2016-9064 | Man-in-the-middle attack vulnerability in Add-on updates in Mozilla Firefox or Firefox ESR via a malicious signed add-on |
| oval:org.secpod.oval:def:38056 | CVE-2016-9066 | Integer overflow vulnerability in Mozilla Firefox or Firefox ESR due to memory allocation issues |
| oval:org.secpod.oval:def:38057 | CVE-2016-5291 | Same-origin policy bypass vulnerability in Mozilla Firefox or Firefox ESR using local HTML file and saved shortcut file |
| oval:org.secpod.oval:def:38058 | CVE-2016-9074 | Unspecified vulnerability in Network Security Services (NSS) in Mozilla Firefox or Firefox ESR |
| oval:org.secpod.oval:def:38059 | CVE-2016-5290 | Memory corruption vulnerabilities in Mozilla Firefox or Firefox ESR – CVE-2016-5290 |
| oval:org.secpod.oval:def:1501665 | CVE-2016-7545 ELSA-2016-2702 |
ELSA-2016-2702 — Oracle policycoreutils |
| oval:org.secpod.oval:def:1501666 | CVE-2016-1583 CVE-2016-2143 ELSA-2016-2766 |
ELSA-2016-2766 — Oracle kernel_python-perf_perf |
| oval:org.secpod.oval:def:1501667 | CVE-2016-7545 ELSA-2016-2702 |
ELSA-2016-2702 — Oracle policycoreutils |
| oval:org.secpod.oval:def:1501668 | CVE-2016-4992 CVE-2016-5405 CVE-2016-5416 ELSA-2016-2765 |
ELSA-2016-2765 — Oracle 389-ds-base |
| oval:org.secpod.oval:def:501933 | CVE-2016-1583 CVE-2016-2143 RHSA-2016:2766-01 |
RHSA-2016:2766-01 — Redhat kernel, perf |
| oval:org.secpod.oval:def:501934 | CVE-2016-7545 RHSA-2016:2702-01 |
RHSA-2016:2702-01 — Redhat policycoreutils |
| oval:org.secpod.oval:def:501935 | CVE-2016-4992 CVE-2016-5405 CVE-2016-5416 RHSA-2016:2765-01 |
RHSA-2016:2765-01 — Redhat 389-ds-base |
| oval:org.secpod.oval:def:111609 | CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 FEDORA-2016-66c70cadb4 |
FEDORA-2016-66c70cadb4 — Fedora 24 memcached-1.4.25-2.fc24 |
| oval:org.secpod.oval:def:111610 | CVE-2015-3796 CVE-2016-8859 FEDORA-2016-cd09eab674 |
FEDORA-2016-cd09eab674 — Fedora 24 tre-0.8.0-18.20140228gitc2f5d13.fc24 |
| oval:org.secpod.oval:def:111612 | CVE-2015-3796 CVE-2016-8859 FEDORA-2016-0ff6c3d84b |
FEDORA-2016-0ff6c3d84b — Fedora 23 tre-0.8.0-18.20140228gitc2f5d13.fc23 |
| oval:org.secpod.oval:def:111613 | CVE-2016-9013 CVE-2016-9014 FEDORA-2016-3eb5a55123 |
FEDORA-2016-3eb5a55123 — Fedora 24 python-django-1.9.11-1.fc24 |
| oval:org.secpod.oval:def:111614 | FEDORA-2016-2b27b075ee | FEDORA-2016-2b27b075ee — Fedora 24 libgit2-0.24.3-1.fc24 |
| oval:org.secpod.oval:def:111615 | CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 FEDORA-2016-4df986a71f |
FEDORA-2016-4df986a71f — Fedora 23 memcached-1.4.17-5.fc23 |
| oval:org.secpod.oval:def:204035 | CESA-2016:2674 CVE-2016-6313 |
CESA-2016:2674 — centos 6 libgcrypt |
| oval:org.secpod.oval:def:204036 | CESA-2016:2675 CVE-2016-7035 |
CESA-2016:2675 — centos 6 pacemaker |
| oval:org.secpod.oval:def:204037 | CESA-2016:2658 CVE-2016-5542 CVE-2016-5554 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 |
CESA-2016:2658 — centos 6 java-1.7.0-openjdk |
| oval:org.secpod.oval:def:602663 | CVE-2016-9189 CVE-2016-9190 DSA-3710-1 |
DSA-3710-1 pillow — pillow |
| oval:org.secpod.oval:def:602664 | DSA-3708-1 | DSA-3708-1 mat — mat |
| oval:org.secpod.oval:def:602665 | CVE-2016-4738 DSA-3709-1 |
DSA-3709-1 libxslt — libxslt |
| oval:org.secpod.oval:def:602666 | CVE-2016-5542 CVE-2016-5554 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 DSA-3707-1 |
DSA-3707-1 openjdk-7 — openjdk-7 |
| oval:org.secpod.oval:def:602667 | CVE-2016-3492 CVE-2016-5584 CVE-2016-5616 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-7440 CVE-2016-8283 DSA-3711-1 |
DSA-3711-1 mariadb-10.0 — mariadb-10.0 |
| oval:org.secpod.oval:def:602668 | CVE-2015-8971 DSA-3712-1 |
DSA-3712-1 terminology — terminology |
| oval:org.secpod.oval:def:111602 | CVE-2016-9085 FEDORA-2016-00d2f5c19f |
FEDORA-2016-00d2f5c19f — Fedora 24 mingw-libwebp-0.5.1-2.fc24 |
| oval:org.secpod.oval:def:111605 | CVE-2016-7076 FEDORA-2016-112b333bdf |
FEDORA-2016-112b333bdf — Fedora 24 sudo-1.8.18p1-1.fc24 |
| oval:org.secpod.oval:def:111606 | CVE-2016-8864 FEDORA-2016-e38196b52a |
FEDORA-2016-e38196b52a — Fedora 24 bind-9.10.4-2.P4.fc24 |
| oval:org.secpod.oval:def:111607 | CVE-2016-0762 CVE-2016-5018 CVE-2016-5388 CVE-2016-5425 CVE-2016-6325 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 FEDORA-2016-c1b01b9278 |
FEDORA-2016-c1b01b9278 — Fedora 24 tomcat-8.0.38-1.fc24 |
| oval:org.secpod.oval:def:111608 | CVE-2016-0762 CVE-2016-5018 CVE-2016-5388 CVE-2016-5425 CVE-2016-6325 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 FEDORA-2016-4094bd4ad6 |
FEDORA-2016-4094bd4ad6 — Fedora 23 tomcat-8.0.38-1.fc23 |