The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update.
| oval:org.secpod.oval:def:115129 | CVE-2017-1000405 CVE-2017-12193 CVE-2017-15115 CVE-2017-16532 CVE-2017-16538 CVE-2017-16644 CVE-2017-16647 CVE-2017-16649 CVE-2017-16650 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741 CVE-2017-17852 CVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856 CVE-2017-17857 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-18232 CVE-2017-8824 CVE-2018-1000004 CVE-2018-1000026 CVE-2018-10021 CVE-2018-10322 CVE-2018-10323 CVE-2018-1065 CVE-2018-10840 CVE-2018-10853 CVE-2018-1108 CVE-2018-1120 CVE-2018-11506 CVE-2018-12232 CVE-2018-12633 CVE-2018-12714 CVE-2018-12896 CVE-2018-13053 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-13405 CVE-2018-14678 CVE-2018-14734 CVE-2018-15471 CVE-2018-17182 CVE-2018-3620 CVE-2018-3639 CVE-2018-3646 CVE-2018-5332 CVE-2018-5333 CVE-2018-5344 CVE-2018-5391 CVE-2018-5750 CVE-2018-5803 CVE-2018-7757 CVE-2018-7995 CVE-2018-8043 FEDORA-2018-d77cc41f35 |
FEDORA-2018-d77cc41f35 — Fedora 27 kernel-4.18.9-100.fc27 |
| oval:org.secpod.oval:def:115130 | CVE-2016-1549 CVE-2018-12327 CVE-2018-7170 CVE-2018-7182 CVE-2018-7183 CVE-2018-7184 CVE-2018-7185 FEDORA-2018-7051d682fa |
FEDORA-2018-7051d682fa — Fedora 27 ntp-4.2.8p12-1.fc27 |
| oval:org.secpod.oval:def:1502317 | CVE-2018-14634 CVE-2018-3620 CVE-2018-3693 CVE-2018-5390 ELSA-2018-2748 |
ELSA-2018-2748 — Oracle kernel_python-perf_perf |
| oval:org.secpod.oval:def:1502318 | CVE-2018-6560 ELSA-2018-2766 |
ELSA-2018-2766 — Oracle flatpak |
| oval:org.secpod.oval:def:1502319 | CVE-2018-10850 CVE-2018-10935 CVE-2018-14624 CVE-2018-14638 ELSA-2018-2757 |
ELSA-2018-2757 — Oracle 389-ds-base |
| oval:org.secpod.oval:def:1502320 | CVE-2017-13695 CVE-2018-16658 CVE-2018-5873 ELSA-2018-4227 |
ELSA-2018-4227 — Oracle kernel-uek |
| oval:org.secpod.oval:def:1502321 | CVE-2017-13695 CVE-2018-16658 CVE-2018-5873 ELSA-2018-4227 |
ELSA-2018-4227 — Oracle kernel-uek |
| oval:org.secpod.oval:def:1502322 | CVE-2018-12384 ELSA-2018-2768 |
ELSA-2018-2768 — Oracle nss |
| oval:org.secpod.oval:def:1502323 | CVE-2018-0739 ELSA-2018-4228 |
ELSA-2018-4228 — Oracle openssl |
| oval:org.secpod.oval:def:1700079 | ALAS-2018-1080 CVE-2018-10915 |
ALAS2-2018-1080 — postgresql |
| oval:org.secpod.oval:def:1700080 | ALAS-2018-1075 CVE-2018-15473 |
ALAS2-2018-1075 — openssh pam_ssh_agent_auth |
| oval:org.secpod.oval:def:1700081 | ALAS-2018-1082 CVE-2018-5740 |
ALAS2-2018-1082 — bind |
| oval:org.secpod.oval:def:1801158 | 9383 CVE-2018-10194 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 |
[3.8] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911) |
| oval:org.secpod.oval:def:1801159 | 9396 CVE-2018-14618 |
[3.6] curl: NTLM password overflow via integer overflow (CVE-2018-14618) |
| oval:org.secpod.oval:def:1801160 | 9320 CVE-2018-15473 |
[3.6] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473) |
| oval:org.secpod.oval:def:1801161 | 9394 CVE-2018-14618 |
[3.8] curl: NTLM password overflow via integer overflow (CVE-2018-14618) |
| oval:org.secpod.oval:def:1801162 | 9385 CVE-2018-10194 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 |
[3.6] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911) |
| oval:org.secpod.oval:def:1801163 | 9182 CVE-2018-14767 |
[3.8] kamailio: Security vulnerability in Kamailio core related to To header processing (CVE-2018-14767) |
| oval:org.secpod.oval:def:1801165 | 9319 CVE-2018-15473 |
[3.7] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473) |
| oval:org.secpod.oval:def:1801166 | 9379 CVE-2017-15107 |
[3.6] dnsmasq: Improper validation of wildcard synthesized NSEC records (CVE-2017-15107) |
| oval:org.secpod.oval:def:1801168 | 9386 CVE-2018-10194 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 |
[3.5] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911) |
| oval:org.secpod.oval:def:1801169 | 9321 CVE-2018-15473 |
[3.5] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473) |
| oval:org.secpod.oval:def:1801170 | 9184 CVE-2018-14767 |
[3.6] kamailio: Security vulnerability in Kamailio core related to To header processing (CVE-2018-14767) |
| oval:org.secpod.oval:def:1801171 | 9380 CVE-2017-15107 |
[3.5] dnsmasq: Improper validation of wildcard synthesized NSEC records (CVE-2017-15107) |
| oval:org.secpod.oval:def:1801172 | 9378 CVE-2017-15107 |
[3.7] dnsmasq: Improper validation of wildcard synthesized NSEC records (CVE-2017-15107) |
| oval:org.secpod.oval:def:1801173 | 9384 CVE-2018-10194 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 |
[3.7] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911) |
| oval:org.secpod.oval:def:1801174 | 9395 CVE-2018-14618 |
[3.7] curl: NTLM password overflow via integer overflow (CVE-2018-14618) |
| oval:org.secpod.oval:def:1801175 | 9397 CVE-2018-14618 |
[3.5] curl: NTLM password overflow via integer overflow (CVE-2018-14618) |
| oval:org.secpod.oval:def:1801176 | 9318 CVE-2018-15473 |
[3.8] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473) |
| oval:org.secpod.oval:def:47604 | CVE-2018-10811 CVE-2018-16151 CVE-2018-16152 CVE-2018-5388 USN-3771-1 |
USN-3771-1 — strongswan vulnerabilities |
| oval:org.secpod.oval:def:47608 | CVE-2013-1172 | Input validation vulnerability in Cisco AnyConnect secure mobility client – CVE-2013-1172 |
| oval:org.secpod.oval:def:47610 | CVE-2013-1173 | Input validation vulnerability in Cisco AnyConnect secure mobility client – CVE-2013-1173 |
| oval:org.secpod.oval:def:47611 | CVE-2013-5559 | Buffer overflow vulnerability in Cisco AnyConnect secure mobility client – CVE-2013-5559 |
| oval:org.secpod.oval:def:47612 | CVE-2014-8021 | Cross-site scripting (XSS) vulnerability in Cisco AnyConnect secure mobility client – CVE-2014-8021 |
| oval:org.secpod.oval:def:47613 | CVE-2015-0662 | Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0662 |
| oval:org.secpod.oval:def:47614 | CVE-2015-0663 | Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0663 |
| oval:org.secpod.oval:def:47615 | CVE-2015-0664 | Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0664 |
| oval:org.secpod.oval:def:47616 | CVE-2015-0665 | Path traversal vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0665 |
| oval:org.secpod.oval:def:47617 | CVE-2015-6305 | Untrusted search path vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-6305 |
| oval:org.secpod.oval:def:47618 | CVE-2016-6369 | Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2016-6369 |
| oval:org.secpod.oval:def:47619 | CVE-2016-9192 | Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2016-9192 |
| oval:org.secpod.oval:def:47620 | CVE-2017-6638 | Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2017-6638 |
| oval:org.secpod.oval:def:47621 | CVE-2018-0229 | Session Fixation vulnerability in Cisco AnyConnect secure mobility client – CVE-2018-0229 |
| oval:org.secpod.oval:def:47625 | APPLE-SA-2018-9-24-2 CVE-2018-4191 CVE-2018-4197 CVE-2018-4299 CVE-2018-4306 CVE-2018-4309 CVE-2018-4311 CVE-2018-4312 CVE-2018-4314 CVE-2018-4315 CVE-2018-4316 CVE-2018-4317 CVE-2018-4318 CVE-2018-4319 CVE-2018-4323 CVE-2018-4328 CVE-2018-4345 CVE-2018-4358 CVE-2018-4359 CVE-2018-4361 |
Multiple vulnerabilities in Apple iTunes – APPLE-SA-2018-9-24-2 |
| oval:org.secpod.oval:def:47626 | CVE-2018-4191 | Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4191 |
| oval:org.secpod.oval:def:47627 | CVE-2018-4311 | Cross-site scripting vulnerability in Apple iTunes – CVE-2018-4311 |
| oval:org.secpod.oval:def:47628 | CVE-2018-4316 | Arbitrary code execution vulnerability in Apple iTunes – CVE-2018-4316 |
| oval:org.secpod.oval:def:47629 | CVE-2018-4319 | Cross-site scripting vulnerability in Apple iTunes – CVE-2018-4319 |
| oval:org.secpod.oval:def:47630 | CVE-2018-4309 | Cross-site scripting vulnerability in Apple iTunes due to improper validation – CVE-2018-4309 |
| oval:org.secpod.oval:def:47631 | CVE-2018-4345 | Cross-site scripting vulnerability in Apple iTunes due to improper validation – CVE-2018-4345 |
| oval:org.secpod.oval:def:47632 | CVE-2018-4361 | Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4361 |
| oval:org.secpod.oval:def:47633 | CVE-2018-4299 | Memory corruption vulnerability in Apple iTunes due to improper memory handling – CVE-2018-4299 |
| oval:org.secpod.oval:def:47634 | CVE-2018-4323 | Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4323 |
| oval:org.secpod.oval:def:47635 | CVE-2018-4328 | Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4328 |
| oval:org.secpod.oval:def:47636 | CVE-2018-4358 | Memory corruption vulnerability in Apple iTunes due to improper memory handling – CVE-2018-4358 |
| oval:org.secpod.oval:def:47637 | CVE-2018-4359 | Memory corruption vulnerability in Apple iTunes due to improper memory handling – CVE-2018-4359 |
| oval:org.secpod.oval:def:47638 | CVE-2018-4197 | Use after free vulnerability in Apple iTunes – CVE-2018-4197 |
| oval:org.secpod.oval:def:47639 | CVE-2018-4306 | Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4306 |
| oval:org.secpod.oval:def:47640 | CVE-2018-4312 | Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4312 |
| oval:org.secpod.oval:def:47641 | CVE-2018-4314 | Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4314 |
| oval:org.secpod.oval:def:47642 | CVE-2018-4315 | Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4315 |
| oval:org.secpod.oval:def:47643 | CVE-2018-4317 | Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4317 |
| oval:org.secpod.oval:def:47644 | CVE-2018-4318 | Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4318 |