The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update.
| oval:org.secpod.oval:def:1800000 | 7428 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 |
[3.5] graphite2: Multiple vulnerabilities (CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778) |
| oval:org.secpod.oval:def:1800009 | 5745 | [3.5] drupal7: Multiple Vulnerabilities (no CVE) |
| oval:org.secpod.oval:def:1800011 | 7714 CVE-2017-12982 |
[3.5] openjpeg: memory allocation failure in opj_aligned_alloc_n (opj_malloc.c) (CVE-2017-12982) |
| oval:org.secpod.oval:def:1800013 | 8528 CVE-2018-6003 |
[3.6] libtasn1: Stack exhaustion due to indefinite recursion during BER decoding (CVE-2018-6003) |
| oval:org.secpod.oval:def:1800016 | 5746 | [3.4] drupal7: Multiple Vulnerabilities (no CVE) |
| oval:org.secpod.oval:def:1800017 | 6343 CVE-2016-7568 |
[3.4] gd: Integer overflow in function gdImageWebpCtx of gd_webp.c (CVE-2016-7568) |
| oval:org.secpod.oval:def:1800019 | 7058 CVE-2017-5029 |
[3.4] libxslt: integer overflow in xsltAddTextString (CVE-2017-5029) |
| oval:org.secpod.oval:def:1800021 | 7822 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 |
[3.4] xen: Multiple vulnerabilities (CVE-2017-14316, CVE-2017-14317, CVE-2017-14318, CVE-2017-14319) |
| oval:org.secpod.oval:def:1800023 | 7565 CVE-2017-10684 CVE-2017-10685 |
[3.5] ncurses: buffer overflow in the fmt_entry function(CVE-2017-10684, CVE-2017-10685) |
| oval:org.secpod.oval:def:1800025 | 5527 CVE-2016-2167 CVE-2016-2168 |
[3.4] subversion: Security issues (CVE-2016-2167, CVE-2016-2168) |
| oval:org.secpod.oval:def:1800026 | 6365 CVE-2016-8605 CVE-2016-8606 |
[3.4] guile: multiple issues (CVE-2016-8605, CVE-2016-8606) |
| oval:org.secpod.oval:def:1800028 | 6340 CVE-2016-7099 |
[3.4] nodejs-lts: Wildcard certificates not properly validated (CVE-2016-7099) |
| oval:org.secpod.oval:def:1800030 | 7382 CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 |
[3.6] postgresql: Multiple vulnerabilities (CVE-2017-7484, CVE-2017-7485, CVE-2017-7486) |
| oval:org.secpod.oval:def:1800036 | 6554 CVE-2016-9888 |
[3.5] libgsf: Null pointer dereference in tar_directory_for_file() (CVE-2016-9888) |
| oval:org.secpod.oval:def:1800038 | 6836 CVE-2017-5930 |
[3.4] postfixadmin: allows to delete protected aliases (CVE-2017-5930) |
| oval:org.secpod.oval:def:1800042 | 7627 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 |
[3.6] lame: Multiple vulnerabilities (CVE-2015-9099, CVE-2015-9100, CVE-2017-9410, CVE-2017-9411, CVE-2017-9412, CVE-2017-11720) |
| oval:org.secpod.oval:def:1800045 | 5166 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 |
[3.4] nettle: Miscomputations of elliptic curve scalar multiplications (CVE-2015-8803, CVE-2015-8804, CVE-2015-8805) |
| oval:org.secpod.oval:def:1800047 | 6719 CVE-2016-6664 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318 |
[3.4] mariadb: Multiple vulnerabilities (CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3312, CVE-2017-3317, CVE-2017-3318) |
| oval:org.secpod.oval:def:1800049 | 6752 CVE-2016-10164 |
[3.4] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164) |
| oval:org.secpod.oval:def:1800051 | 7670 CVE-2017-9800 |
[3.4] subversion: Arbitrary code execution on clients through malicious svn+ssh URLs (CVE-2017-9800) |
| oval:org.secpod.oval:def:1800052 | 7461 CVE-2017-1000369 |
[3.6] exim: Privilege escalation via multiple memory leaks (CVE-2017-1000369) |
| oval:org.secpod.oval:def:1800054 | 6434 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 |
[3.4] curl: Multiple issues (CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621 CVE-2016-8622, CVE-2016-8623, CVE-2016-8624) |
| oval:org.secpod.oval:def:1800056 | 7141 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 |
[3.6] bind: Multiple vulnerabilities (CVE-2017-3136, CVE-2017-3137, CVE-2017-3138) |
| oval:org.secpod.oval:def:1800058 | 7238 CVE-2017-5846 CVE-2017-5847 |
[3.6] gst-plugins-ugly1: Multiple issues (CVE-2017-5846, CVE-2017-5847) |
| oval:org.secpod.oval:def:1800060 | 7403 CVE-2017-9334 |
[3.6] chicken: Unsafe pointer dereference due to incorrect pair? check in Scheme & |
| oval:org.secpod.oval:def:1800062 | 7290 CVE-2017-8903 CVE-2017-8904 CVE-2017-8905 |
[3.4] xen: Multiple issues (CVE-2017-8903, CVE-2017-8904, CVE-2017-8905) |
| oval:org.secpod.oval:def:1800063 | 6271 CVE-2016-7953 |
[3.5] libxvmc: Insufficient validation of server responses results in buffer underflow (CVE-2016-7953) |
| oval:org.secpod.oval:def:1800065 | 5912 CVE-2016-6186 |
[3.5] py-django: XSS in admin& |
| oval:org.secpod.oval:def:1800067 | 7057 CVE-2017-5029 |
[3.5] libxslt: integer overflow in xsltAddTextString (CVE-2017-5029) |
| oval:org.secpod.oval:def:1800070 | 8225 CVE-2017-16611 |
[3.5] libxfont: Open files with O_NOFOLLOW (CVE-2017-16611) |
| oval:org.secpod.oval:def:1800074 | 5918 CVE-2016-4979 |
[3.5] apache2: X509 Client certificate based authentication can be bypassed when HTTP/2 is used (CVE-2016-4979) |
| oval:org.secpod.oval:def:1800076 | 5440 CVE-2015-8241 CVE-2015-8317 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4483 |
[3.4] libxml2: out-of-bounds read in htmlParseNameComplex() (CVE-2016-2073) |
| oval:org.secpod.oval:def:1800078 | 6446 CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 |
[3.4] memcached: Multiple issues (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706) |
| oval:org.secpod.oval:def:1800082 | 5811 CVE-2016-5360 |
[3.5] haproxy: denial of service via reqdeny (CVE-2016-5360) |
| oval:org.secpod.oval:def:1800084 | 6917 CVE-2017-2615 CVE-2017-2620 |
[3.4] xen: Multiple issues (XSA-207, CVE-2017-2615, CVE-2017-2620) |
| oval:org.secpod.oval:def:1800085 | 6145 CVE-2016-6293 |
[3.5] icu: Out-of-bounds access in uloc_acceptLanguageFromHTTP (CVE-2016-6293) |
| oval:org.secpod.oval:def:1800087 | 7898 CVE-2016-1238 CVE-2017-12837 CVE-2017-12883 |
[3.6] perl: Multiple vulnerabilities (CVE-2017-12837, CVE-2017-12883) |
| oval:org.secpod.oval:def:1800089 | 7422 CVE-2016-9642 CVE-2016-9643 CVE-2017-2364 CVE-2017-2367 CVE-2017-2376 CVE-2017-2377 CVE-2017-2386 CVE-2017-2392 CVE-2017-2394 CVE-2017-2395 CVE-2017-2396 CVE-2017-2405 CVE-2017-2415 CVE-2017-2419 CVE-2017-2433 CVE-2017-2442 CVE-2017-2445 CVE-2017-2446 CVE-2017-2447 CVE-2017-2454 CVE-2017-2455 CVE-2017-2457 CVE-2017-2459 CVE-2017-2460 CVE-2017-2464 CVE-2017-2465 CVE-2017-2466 CVE-2017-2468 CVE-2017-2469 CVE-2017-2470 CVE-2017-2471 CVE-2017-2475 CVE-2017-2476 CVE-2017-2481 CVE-2017-2496 CVE-2017-2504 CVE-2017-2505 CVE-2017-2506 CVE-2017-2508 CVE-2017-2510 CVE-2017-2514 CVE-2017-2515 CVE-2017-2521 CVE-2017-2525 CVE-2017-2526 CVE-2017-2528 CVE-2017-2530 CVE-2017-2531 CVE-2017-2536 CVE-2017-2539 CVE-2017-2544 CVE-2017-2547 CVE-2017-2549 CVE-2017-6980 CVE-2017-6984 |
[3.6] webkit2gtk: Several vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800091 | 6762 CVE-2016-10099 CVE-2016-10100 |
[3.5] borgbackup: multiple vulnerabilities (CVE-2016-10099, CVE-2016-10100) |
| oval:org.secpod.oval:def:1800093 | 6177 CVE-2016-2179 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6303 |
[3.4] openssl: Multiple issues (CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE-2016-6303) |
| oval:org.secpod.oval:def:1800095 | 7503 CVE-2017-10911 CVE-2017-10912 CVE-2017-10913 CVE-2017-10914 CVE-2017-10915 CVE-2017-10916 CVE-2017-10917 CVE-2017-10918 CVE-2017-10919 CVE-2017-10920 CVE-2017-10921 CVE-2017-10922 CVE-2017-10923 |
[3.6] xen: Multiple vulnerabilities (CVE-2017-10911, CVE-2017-10912, CVE-2017-10913, CVE-2017-10914, CVE-2017-10915, CVE-2017-10916, CVE-2017-10917, CVE-2017-10918, CVE-2017-10919, CVE-2017-10920, CVE-2017-10921, CVE-2017-10922, CVE-2017-10923) |
| oval:org.secpod.oval:def:1800096 | 5945 CVE-2016-2119 |
[3.4] samba: Client side SMB2/3 required signing can be downgraded (CVE-2016-2119) |
| oval:org.secpod.oval:def:1800098 | 7994 CVE-2017-11714 CVE-2017-9611 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9835 |
[3.5] ghostscript: Multiple vulnerabilities (CVE-2017-9611, CVE-2017-9612, CVE-2017-9726, CVE-2017-9727, CVE-2017-9739, CVE-2017-9835, CVE-2017-11714) |
| oval:org.secpod.oval:def:1800102 | 7706 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 |
[3.5] mariadb: Multiple vulnerabilities (CVE-2017-3308, CVE-2017-3309, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653) |
| oval:org.secpod.oval:def:1800103 | 7677 CVE-2017-2885 |
[3.6] libsoup: Stack based buffer overflow with HTTP Chunked Encoding (CVE-2017-2885) |
| oval:org.secpod.oval:def:1800105 | 7752 CVE-2017-12791 |
[3.6] salt: Directory traversal vulnerability on salt-master via crafted minion IDs (CVE-2017-12791) |
| oval:org.secpod.oval:def:1800107 | 6750 CVE-2016-10164 |
[3.6] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164) |
| oval:org.secpod.oval:def:1800108 | 7425 CVE-2017-5470 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7764 CVE-2017-7778 |
[3.6] firefox-esr: Multiple vulnerabilities (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764, CVE-2017-7778) |
| oval:org.secpod.oval:def:1800110 | 6900 CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 |
[3.5] libplist: Multiple issues (CVE-2017-5209, CVE-2017-5545, CVE-2017-5834, CVE-2017-5835, CVE-2017-5836) |
| oval:org.secpod.oval:def:1800112 | 5040 CVE-2015-2535 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-7540 CVE-2015-8467 |
[3.4] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467) |
| oval:org.secpod.oval:def:1800114 | 8293 CVE-2017-17439 |
[3.6] heimdal: NULL pointer dereference via crafted UDP packets (CVE-2017-17439) |
| oval:org.secpod.oval:def:1800116 | 7164 CVE-2017-7697 |
[3.4] libsamplerate: Buffer overflow in calc_output_single (CVE-2017-7697) |
| oval:org.secpod.oval:def:1800118 | 7095 CVE-2017-7233 CVE-2017-7234 |
[3.6] py-django: security issues (CVE-2017-7233, CVE-2017-7234) |
| oval:org.secpod.oval:def:1800119 | 6481 CVE-2016-7957 CVE-2016-7958 CVE-2016-9372 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 |
[3.4] wireshark: Multiple issues (CVE-2016-9374, CVE-2016-9376, CVE-2016-9373, CVE-2016-9375) |
| oval:org.secpod.oval:def:1800121 | 8354 CVE-2017-16671 CVE-2017-16672 CVE-2017-17090 CVE-2017-17664 CVE-2017-17850 |
[3.6] asterisk: Multiple vulnerabilities (CVE-2017-16671, CVE-2017-16672, CVE-2017-17090, CVE-2017-17664, CVE-2017-17850) |
| oval:org.secpod.oval:def:1800122 | 6665 CVE-2014-8127 CVE-2015-7554 CVE-2015-8665 CVE-2015-8668 CVE-2015-8781 CVE-2015-8784 CVE-2016-3186 CVE-2016-3621 CVE-2016-3622 CVE-2016-3623 CVE-2016-3624 CVE-2016-3625 CVE-2016-3632 CVE-2016-3658 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5314 CVE-2016-5315 CVE-2016-5316 CVE-2016-5317 CVE-2016-5318 CVE-2016-5320 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5875 CVE-2016-9273 CVE-2016-9297 CVE-2016-9448 CVE-2016-9453 |
[3.4] tiff: Multiple vulnerabilities (CVE-2016-9273, CVE-2016-9297, CVE-2016-9448, CVE-2016-9453) |
| oval:org.secpod.oval:def:1800123 | 5686 CVE-2016-1667 CVE-2016-1668 CVE-2016-1669 CVE-2016-1670 CVE-2016-1671 CVE-2016-1672 CVE-2016-1673 CVE-2016-1674 CVE-2016-1675 CVE-2016-1676 CVE-2016-1677 CVE-2016-1678 CVE-2016-1679 CVE-2016-1680 CVE-2016-1681 CVE-2016-1682 CVE-2016-1683 CVE-2016-1684 CVE-2016-1685 CVE-2016-1686 CVE-2016-1687 CVE-2016-1688 CVE-2016-1689 CVE-2016-1690 CVE-2016-1691 CVE-2016-1692 CVE-2016-1693 CVE-2016-1694 CVE-2016-1695 |
[3.5] chromium: Multiple vulnerabilities (CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1694, CVE-2016-1695) |
| oval:org.secpod.oval:def:1800125 | 5850 CVE-2016-4324 |
[3.4] libreoffice: Dereference of invalid STL iterator on processing RTF file (CVE-2016-4324) |
| oval:org.secpod.oval:def:1800127 | 7566 CVE-2017-10684 CVE-2017-10685 |
[3.4] ncurses: buffer overflow in the fmt_entry function(CVE-2017-10684, CVE-2017-10685) |
| oval:org.secpod.oval:def:1800128 | 7604 CVE-2017-10790 |
[3.4] libtasn1: NULL pointer dereference in the _asn1_check_identifier function (CVE-2017-10790) |
| oval:org.secpod.oval:def:1800129 | 7809 CVE-2017-1000249 |
[3.6] file: stack based buffer overflow (CVE-2017-1000249) |
| oval:org.secpod.oval:def:1800131 | 6638 CVE-2016-9941 CVE-2016-9942 |
[3.5] libvncserver: heap buffer overflows (CVE-2016-9941, CVE-2016-9942) |
| oval:org.secpod.oval:def:1800133 | 7804 CVE-2017-14166 |
[3.6] libarchive: heap-based buffer overflow in xml_data (CVE-2017-14166) |
| oval:org.secpod.oval:def:1800134 | 7720 CVE-2017-7555 |
[3.6] augeas: Improper handling of escaped strings leading to memory corruption (CVE-2017-7555) |
| oval:org.secpod.oval:def:1800137 | 5014 CVE-2016-0777 CVE-2016-0778 |
[3.4] OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778 |
| oval:org.secpod.oval:def:1800138 | 7379 CVE-2017-9343 CVE-2017-9344 CVE-2017-9345 CVE-2017-9346 CVE-2017-9347 CVE-2017-9348 CVE-2017-9349 CVE-2017-9350 CVE-2017-9351 CVE-2017-9352 CVE-2017-9353 CVE-2017-9354 |
[3.4] wireshark: Multiple vulnerabilities (CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9347, CVE-2017-9348, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9354) |
| oval:org.secpod.oval:def:1800139 | 7174 CVE-2016-5419 CVE-2017-7407 CVE-2017-7468 |
[3.5] curl: TLS session resumption client cert bypass (CVE-2017-7468) |
| oval:org.secpod.oval:def:1800140 | 6051 CVE-2016-6505 CVE-2016-6506 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 |
[3.4] wireshark: multiple issues (CVE-2016-6505, CVE-2016-6506, CVE-2016-6508, CVE-2016-6509, CVE-2016-6510, CVE-2016-6511) |
| oval:org.secpod.oval:def:1800141 | 7413 CVE-2017-7478 CVE-2017-7479 |
[3.5] openvpn: Multiple vulnerabilities (CVE-2017-7478, CVE-2017-7479) |
| oval:org.secpod.oval:def:1800143 | 7505 CVE-2017-10911 CVE-2017-10912 CVE-2017-10913 CVE-2017-10914 CVE-2017-10915 CVE-2017-10916 CVE-2017-10917 CVE-2017-10918 CVE-2017-10919 CVE-2017-10920 CVE-2017-10921 CVE-2017-10922 CVE-2017-10923 |
[3.4] xen: Multiple vulnerabilities (CVE-2017-10911, CVE-2017-10912, CVE-2017-10913, CVE-2017-10914, CVE-2017-10915, CVE-2017-10916, CVE-2017-10917, CVE-2017-10918, CVE-2017-10920, CVE-2017-10921, CVE-2017-10922) |
| oval:org.secpod.oval:def:1800144 | 7878 CVE-2017-12904 CVE-2017-14500 |
[3.5] newsbeuter: remote code execution (CVE-2017-14500) |
| oval:org.secpod.oval:def:1800146 | 6834 CVE-2017-5930 |
[3.6] postfixadmin: allows to delete protected aliases (CVE-2017-5930) |
| oval:org.secpod.oval:def:1800148 | 8230 CVE-2017-16612 |
[3.4] libxcursor: heap overflows when parsing malicious files (CVE-2017-16612) |
| oval:org.secpod.oval:def:1800150 | 6146 CVE-2016-6293 |
[3.4] icu: Out-of-bounds access in uloc_acceptLanguageFromHTTP (CVE-2016-6293) |
| oval:org.secpod.oval:def:1800151 | 7707 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 |
[3.4] mariadb: Multiple vulnerabilities (CVE-2017-3308, CVE-2017-3309, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653) |
| oval:org.secpod.oval:def:1800152 | 6492 CVE-2016-9449 CVE-2016-9450 CVE-2016-9451 CVE-2016-9452 |
[3.5] drupal7: Multiple vulnerabilities (CVE-2016-9449, CVE-2016-9450, CVE-2016-9451, CVE-2016-9452) |
| oval:org.secpod.oval:def:1800153 | 5959 CVE-2016-5399 |
[3.4] php5: out-of-bounds write in bzread() (CVE-2016-5399) |
| oval:org.secpod.oval:def:1800155 | 7792 CVE-2017-14098 CVE-2017-14099 CVE-2017-14100 |
[3.6] asterisk: Multiple vulnerabilities (CVE-2017-14098, CVE-2017-14099, CVE-2017-14100) |
| oval:org.secpod.oval:def:1800156 | 6813 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 |
[3.4] tcpdump: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800158 | 6899 CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 |
[3.6] libplist: Multiple issues (CVE-2017-5209, CVE-2017-5545, CVE-2017-5834, CVE-2017-5835, CVE-2017-5836) |
| oval:org.secpod.oval:def:1800159 | 5988 CVE-2016-6254 |
[3.5] collectd: heap overflow in the network plugin (CVE-2016-6254) |
| oval:org.secpod.oval:def:1800161 | 8442 CVE-2018-1000005 CVE-2018-1000007 |
[3.4] curl: Multiple vulnerabilities (CVE-2018-1000005, CVE-2018-1000007) |
| oval:org.secpod.oval:def:1800162 | 8319 CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 |
[3.6] rsync: Several vulnerabilities (CVE-2017-16548, CVE-2017-17433, CVE-2017-17434) |
| oval:org.secpod.oval:def:1800164 | 7929 CVE-2017-14727 |
[3.6] weechat: crash in logger plugin when converting date/time specifiers in file mask (CVE-2017-14727) |
| oval:org.secpod.oval:def:1800166 | 8541 CVE-2017-1000158 |
[3.6] python: PyString_DecodeEscape integer overflow (CVE-2017-1000158) |
| oval:org.secpod.oval:def:1800168 | 7820 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 |
[3.6] xen: Multiple vulnerabilities (CVE-2017-14316, CVE-2017-14317, CVE-2017-14318, CVE-2017-14319) |
| oval:org.secpod.oval:def:1800169 | 7298 CVE-2017-9078 CVE-2017-9079 |
[3.6] dropbear: Multiple vulnerabilities (CVE-2017-9078, CVE-2017-9079) |
| oval:org.secpod.oval:def:1800171 | 7476 CVE-2017-7526 |
[3.6] Libgcrypt 1.7.8 released to fix CVE-2017-7526 |
| oval:org.secpod.oval:def:1800173 | 7643 CVE-2016-8705 CVE-2017-9951 |
[3.4] memcached: Heap-based buffer over-read in try_read_command function (CVE-2017-9951) |
| oval:org.secpod.oval:def:1800174 | 6283 CVE-2016-7951 CVE-2016-7952 |
[3.5] libxtst: Out of boundary access and endless loop (CVE-2016-7951, CVE-2016-7952) |
| oval:org.secpod.oval:def:1800176 | 6786 CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009 CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013 CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-5017 CVE-2017-5018 CVE-2017-5019 CVE-2017-5020 CVE-2017-5021 CVE-2017-5022 CVE-2017-5023 CVE-2017-5024 CVE-2017-5025 CVE-2017-5026 |
[3.6] chromium: Multiple vulnerabilities (CVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE-2017-5019, CVE-2017-5020, CVE-2017-5021, CVE-2017-5022, CVE-2017-5023, CVE-2017-5024, CVE-2017-5025, CVE-2017-5026) |
| oval:org.secpod.oval:def:1800177 | 6056 CVE-2016-6512 CVE-2016-6513 |
[3.5] wireshark: Security issues (CVE-2016-6512, CVE-2016-6513) |
| oval:org.secpod.oval:def:1800178 | 8039 CVE-2017-1000257 |
[3.6] curl: IMAP FETCH response out of bounds read (CVE-2017-1000257) |
| oval:org.secpod.oval:def:1800179 | 7728 CVE-2017-12904 |
[3.5] newsbeuter: Remote code execution (CVE-2017-12904) |
| oval:org.secpod.oval:def:1800180 | 7669 CVE-2017-9800 |
[3.5] subversion: Arbitrary code execution on clients through malicious svn+ssh URLs (CVE-2017-9800) |
| oval:org.secpod.oval:def:1800181 | 6740 CVE-2016-10128 CVE-2016-10129 CVE-2016-10130 |
[3.5] libgit2: Multiple vulnerabilities (CVE-2016-10128, CVE-2016-10129, CVE-2016-10130) |
| oval:org.secpod.oval:def:1800183 | 7362 CVE-2017-9287 |
[3.6] openldap: Double free vulnerability in servers/slapd/back-mdb/search.c (CVE-2017-9287) |
| oval:org.secpod.oval:def:1800184 | 8146 CVE-2017-16231 CVE-2017-16232 |
[3.6] tiff: memory-based DoS in tiff2bw (CVE-2017-16232) |
| oval:org.secpod.oval:def:1800185 | 5895 CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368 CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372 CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376 CVE-2016-2377 CVE-2016-2378 CVE-2016-2379 CVE-2016-2380 CVE-2016-4323 |
[3.4] pidgin: Multiple vulnerabilities (CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE…, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2380, CVE-2016-4323) |
| oval:org.secpod.oval:def:1800187 | 6871 CVE-2016-10190 CVE-2016-10191 CVE-2016-10192 CVE-2016-5199 CVE-2016-6164 CVE-2016-6881 CVE-2016-7122 CVE-2016-7450 CVE-2016-7502 CVE-2016-7555 CVE-2016-7562 CVE-2016-7785 CVE-2016-7905 CVE-2017-5024 CVE-2017-5025 |
[3.4] ffmpeg: heap overflows (CVE-2017-5024, CVE-2017-5025 ++) |
| oval:org.secpod.oval:def:1800189 | 7535 CVE-2017-11103 |
[3.4] samba: Orpheus& |
| oval:org.secpod.oval:def:1800190 | 5775 CVE-2014-3672 CVE-2016-3710 CVE-2016-3712 CVE-2016-4480 CVE-2016-4962 CVE-2016-4963 |
[3.4] xen: Multiple issues (CVE-2014-3672, CVE-2016-3710 CVE-2016-3712, CVE-2016-4963, CVE-2016-4480, CVE-2016-4962) |
| oval:org.secpod.oval:def:1800191 | 6864 CVE-2017-5953 |
[3.4] vim: Tree length values not validated properly when handling a spell file (CVE-2017-5953) |
| oval:org.secpod.oval:def:1800193 | 7844 CVE-2017-1000250 |
[3.6] bluez: Out-of-bounds heap read in service_search_attr_req function (CVE-2017-1000250) |
| oval:org.secpod.oval:def:1800195 | 7969 CVE-2017-11112 CVE-2017-11113 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-13734 |
[3.4] ncurses: Multiple vulnerabilities (CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734) |
| oval:org.secpod.oval:def:1800196 | 7713 CVE-2017-12982 |
[3.6] openjpeg: memory allocation failure in opj_aligned_alloc_n (opj_malloc.c) (CVE-2017-12982) |
| oval:org.secpod.oval:def:1800197 | 6409 CVE-2016-7543 |
[3.5] bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution (CVE-2016-7543) |
| oval:org.secpod.oval:def:1800199 | 7088 CVE-2017-6508 |
[3.5] wget: CRLF injection in the url_parse function in url.c (CVE-2017-6508) |
| oval:org.secpod.oval:def:1800203 | 8502 CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208 CVE-2018-7050 CVE-2018-7051 CVE-2018-7052 CVE-2018-7053 CVE-2018-7054 |
[3.6] irssi: Multiple vulnerabilities (CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018-7053, CVE-2018-7054) |
| oval:org.secpod.oval:def:1800205 | 7839 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 |
[3.6] tcpdump: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800206 | 5824 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 |
[3.4] tiff: Several vulnerabilities (CVE-2015-8665, CVE-2015-8683, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2015-8784) |
| oval:org.secpod.oval:def:1800207 | 5835 CVE-2016-5701 CVE-2016-5702 CVE-2016-5703 CVE-2016-5704 CVE-2016-5705 CVE-2016-5706 CVE-2016-5730 CVE-2016-5731 CVE-2016-5732 CVE-2016-5733 CVE-2016-5734 CVE-2016-5739 |
[3.4] phpmyadmin: Multiple issues (CVE-2016-5701, CVE-2016-5703, CVE-2016-5705, CVE-2016-5706, CVE-2016-5730, CVE-2016-5731, CVE-2016-5733, CVE-2016-5734, CVE-2016-5739) |
| oval:org.secpod.oval:def:1800208 | 8214 CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 |
[3.5] curl: Multiple vulnerabilities (CVE-2017-8816, CVE-2017-8817, CVE-2017-8818) |
| oval:org.secpod.oval:def:1800209 | 6158 CVE-2016-3120 |
[3.4] krb5: S4U2Self KDC crash when anon is restricted (CVE-2016-3120) |
| oval:org.secpod.oval:def:1800211 | 7742 CVE-2017-6886 CVE-2017-6887 |
[3.5] libraw: Multiple vulnerabilities (CVE-2017-6886, CVE-2017-6887) |
| oval:org.secpod.oval:def:1800213 | 7663 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 |
[3.4] postgresql: Multiple vulnerabilities (CVE-2017-7546, CVE-2017-7547, CVE-2017-7548) |
| oval:org.secpod.oval:def:1800214 | 6241 CVE-2016-7052 |
[3.4] openssl: Missing CRL sanity check (CVE-2016-7052) |
| oval:org.secpod.oval:def:1800215 | 6493 CVE-2016-9449 CVE-2016-9450 CVE-2016-9451 CVE-2016-9452 |
[3.4] drupal7: Multiple vulnerabilities (CVE-2016-9449, CVE-2016-9450, CVE-2016-9451, CVE-2016-9452) |
| oval:org.secpod.oval:def:1800216 | 6746 CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5383 CVE-2017-5386 CVE-2017-5390 CVE-2017-5396 |
[3.6] firefox-esr: Security vulnerabilities (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396) |
| oval:org.secpod.oval:def:1800217 | 5561 CVE-2016-1541 |
[3.4] libarchive: heap-based buffer overflow due to improper input validation (CVE-2016-1541) |
| oval:org.secpod.oval:def:1800218 | 7758 CVE-2017-11423 CVE-2017-6419 |
[3.5] libmspack: Multiple vulnerabilities (CVE-2017-6419, CVE-2017-11423) |
| oval:org.secpod.oval:def:1800220 | 7035 CVE-2017-5884 CVE-2017-5885 |
[3.5] gtk-vnc: two input validation flaws (CVE-2017-5884, CVE-2017-5885) |
| oval:org.secpod.oval:def:1800222 | 5812 CVE-2016-5360 |
[3.4] haproxy: denial of service via reqdeny (CVE-2016-5360) |
| oval:org.secpod.oval:def:1800224 | 7205 CVE-2016-10198 CVE-2016-10199 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2017-5840 CVE-2017-5841 CVE-2017-5845 |
[3.5] gst-plugins-good1: Multiple vulnerabilities (CVE-2016-10198, CVE-2016-10199, CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808, CVE-2017-5840, CVE-2017-5841, CVE-2017-5845) |
| oval:org.secpod.oval:def:1800226 | 6777 CVE-2016-10165 |
[3.6] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165) |
| oval:org.secpod.oval:def:1800228 | 6024 CVE-2016-5384 |
[3.4] fontconfig: Possible double free due to insufficiently validated cache files (CVE-2016-5384) |
| oval:org.secpod.oval:def:1800230 | 7938 CVE-2017-14160 |
[3.6] libvorbis: out-of-bounds access and application crash (CVE-2017-14160) |
| oval:org.secpod.oval:def:1800232 | 7715 CVE-2017-12982 |
[3.4] openjpeg: memory allocation failure in opj_aligned_alloc_n (opj_malloc.c) (CVE-2017-12982) |
| oval:org.secpod.oval:def:1800234 | 7649 CVE-2017-12562 |
[3.4] libsndfile: Heap-based Buffer Overflow (CVE-2017-12562) |
| oval:org.secpod.oval:def:1800236 | 8521 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 |
[3.6] xen: Multiple vulnerabilities (CVE-2017-17563, CVE-2017-17564, CVE-2017-17565, CVE-2017-17566, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) |
| oval:org.secpod.oval:def:1800237 | 6440 CVE-2016-5584 CVE-2016-7440 |
[3.5] mariadb: Multiple security vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800239 | 5799 CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 |
[3.5] python: security vulnerabilities (CVE-2016-0772 , CVE-2016-5636 , CVE-2016-5699) |
| oval:org.secpod.oval:def:1800241 | 6783 CVE-2016-9587 |
[3.5] ansible: host to controller command execution vulnerability (CVE-2016-9587) |
| oval:org.secpod.oval:def:1800243 | 6739 CVE-2016-10128 CVE-2016-10129 CVE-2016-10130 |
[3.6] libgit2: Multiple vulnerabilities (CVE-2016-10128, CVE-2016-10129, CVE-2016-10130) |
| oval:org.secpod.oval:def:1800244 | 7668 CVE-2017-9800 |
[3.6] subversion: Arbitrary code execution on clients through malicious svn+ssh URLs (CVE-2017-9800) |
| oval:org.secpod.oval:def:1800245 | 7944 CVE-2017-11403 CVE-2017-13065 CVE-2017-13648 CVE-2017-14042 CVE-2017-14103 CVE-2017-14165 CVE-2017-14314 CVE-2017-14504 CVE-2017-14649 CVE-2017-14733 |
[3.6] graphicsmagick: Multiple vulnerabilities (CVE-2017-13065, CVE-2017-13648, CVE-2017-14042, CVE-2017-14103, CVE-2017-14165, CVE-2017-14649) |
| oval:org.secpod.oval:def:1800248 | 7989 CVE-2017-0380 |
[3.6] tor: Stack disclosure in hidden services logs when SafeLogging disabled (CVE-2017-0380) |
| oval:org.secpod.oval:def:1800249 | 5095 CVE-2016-1899 CVE-2016-1900 CVE-2016-1901 |
[3.4] cgit: Multiple vulnerabilities(CVE-2016-1899, CVE-2016-1900, CVE-2016-1901) |
| oval:org.secpod.oval:def:1800251 | 8221 CVE-2017-17044 CVE-2017-17045 |
[3.5] xen: Multiple vulnerabilities (CVE-2017-17044, CVE-2017-17045) |
| oval:org.secpod.oval:def:1800252 | 7320 CVE-2017-7494 |
[3.6] samba: Remote code execution from a writable share (CVE-2017-7494) |
| oval:org.secpod.oval:def:1800254 | 7904 CVE-2017-11185 |
[3.5] strongswan: Insufficient Input Validation in gmp Plugin (CVE-2017-11185) |
| oval:org.secpod.oval:def:1800256 | 7962 CVE-2017-1000254 |
[3.6] curl: FTP PWD response parser out of bounds read (CVE-2017-1000254) |
| oval:org.secpod.oval:def:1800257 | 7305 CVE-2017-5461 |
[3.5] nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (CVE-2017-5461) |
| oval:org.secpod.oval:def:1800259 | 8033 CVE-2017-15650 |
[3.4] CVE-2017-15650 musl |
| oval:org.secpod.oval:def:1800261 | 6514 CVE-2016-9243 |
[3.5] py-cryptography: HKDF might return an empty byte-string (CVE-2016-9243) |
| oval:org.secpod.oval:def:1800264 | 6045 CVE-2016-5423 CVE-2016-5424 |
[3.4] postgresql: Security Issues (CVE-2016-5423, CVE-2016-5424) |
| oval:org.secpod.oval:def:1800265 | 7239 CVE-2017-5846 CVE-2017-5847 |
[3.5] gst-plugins-ugly1: Multiple issues (CVE-2017-5846, CVE-2017-5847) |
| oval:org.secpod.oval:def:1800267 | 8031 CVE-2017-15650 |
[3.6] CVE-2017-15650 musl |
| oval:org.secpod.oval:def:1800268 | 5489 CVE-2016-3157 CVE-2016-3158 CVE-2016-3159 CVE-2016-3960 CVE-2016-3961 |
[3.4] xen: Security issues (CVE-2016-3157, CVE-2016-3158, CVE-2016-3159, CVE-2016-3960, CVE-2016-3961) |
| oval:org.secpod.oval:def:1800269 | 7200 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 |
[3.5] gd: Multiple vulnerabilities (CVE-2016-6906, CVE-2016-9317, CVE-2016-6912, CVE-2016-10166, CVE-2016-10167, CVE-2016-10168) |
| oval:org.secpod.oval:def:1800270 | 8522 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 |
[3.5] xen: Multiple vulnerabilities (CVE-2017-17563, CVE-2017-17564, CVE-2017-17565, CVE-2017-17566, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) |
| oval:org.secpod.oval:def:1800273 | 7561 CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11409 |
[3.4] wireshark: Multiple vulnerabilities (CVE-2017-11406, CVE-2017-11407, CVE-2017-11408, CVE-2017-11409) |
| oval:org.secpod.oval:def:1800275 | 7595 CVE-2017-11126 CVE-2017-9545 CVE-2017-9870 |
[3.6] mpg123: global buffer overflow in III_i_stereo (layer3.c) (CVE-2017-11126) |
| oval:org.secpod.oval:def:1800277 | 7641 CVE-2016-8705 CVE-2017-9951 |
[3.6] memcached: Heap-based buffer over-read in try_read_command function (CVE-2017-9951) |
| oval:org.secpod.oval:def:1800279 | 5840 CVE-2016-5701 CVE-2016-5702 CVE-2016-5703 CVE-2016-5704 CVE-2016-5705 CVE-2016-5706 CVE-2016-5732 |
[3.5] phpmyadmin: Multiple issues (CVE-2016-5702, CVE-2016-5704, CVE-2016-5732) |
| oval:org.secpod.oval:def:1800280 | 5925 CVE-2016-5387 CVE-2016-6210 |
[3.5] openssh: User enumeration via covert timing channel (CVE-2016-6210) |
| oval:org.secpod.oval:def:1800281 | 5874 CVE-2016-5008 |
[3.5] libvirt: Setting empty VNC password allows access to unauthorized users (CVE-2016-5008) |
| oval:org.secpod.oval:def:1800283 | 7656 CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 |
[3.4] curl: Multiple vulnerabilities (CVE-2017-1000100, CVE-2017-1000101) |
| oval:org.secpod.oval:def:1800284 | 7967 CVE-2017-11112 CVE-2017-11113 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-13734 |
[3.6] ncurses: Multiple vulnerabilities (CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734) |
| oval:org.secpod.oval:def:1800285 | 6170 CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 CVE-2016-6662 |
[3.4] mariadb: Multiple security vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800286 | 8153 CVE-2017-12172 CVE-2017-15098 CVE-2017-15099 |
[3.6] postgresql: Multiple vulnerabilities (CVE-2017-12172, CVE-2017-15098, CVE-2017-15099) |
| oval:org.secpod.oval:def:1800287 | 7097 CVE-2017-7233 CVE-2017-7234 |
[3.4] py-django: security issues (CVE-2017-7233, CVE-2017-7234) |
| oval:org.secpod.oval:def:1800288 | 7539 CVE-2017-11103 |
[3.6] heimdal: Orpheus& |
| oval:org.secpod.oval:def:1800289 | 8554 CVE-2018-1000024 CVE-2018-1000027 |
[3.4] squid: Multiple vulnerabilities (CVE-2018-1000024, CVE-2018-1000027) |
| oval:org.secpod.oval:def:1800291 | 7120 CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 |
[3.4] tiff: Multiple vulnerabilities (CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599, CVE-2017-7600, CVE-2017-7601, CVE-2017-7602) |
| oval:org.secpod.oval:def:1800292 | 8115 CVE-2017-3735 CVE-2017-3736 |
[3.5] openssl: Multiple vulnerabilities (CVE-2017-3735, CVE-2017-3736) |
| oval:org.secpod.oval:def:1800293 | 6717 CVE-2016-6664 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318 |
[3.6] mariadb: Multiple vulnerabilities (CVE-2016-6664, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3312, CVE-2017-3317, CVE-2017-3318) |
| oval:org.secpod.oval:def:1800294 | 8518 CVE-2017-14632 CVE-2017-14633 |
[3.4] libvorbis: Multiple vulnerabilities (CVE-2017-14632, CVE-2017-14633) |
| oval:org.secpod.oval:def:1800295 | 6421 CVE-2016-8864 |
[3.4] bind: A problem handling responses containing a DNAME answer can lead to an assertion failure (CVE-2016-8864) |
| oval:org.secpod.oval:def:1800296 | 7661 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 |
[3.6] postgresql: Multiple vulnerabilities (CVE-2017-7546, CVE-2017-7547, CVE-2017-7548) |
| oval:org.secpod.oval:def:1800297 | 7790 CVE-2017-13775 CVE-2017-13776 CVE-2017-13777 |
[3.6] graphicsmagick: Multiple vulnerabilities (CVE-2017-13775, CVE-2017-13776, CVE-2017-13777) |
| oval:org.secpod.oval:def:1800300 | 5935 CVE-2016-5387 |
[3.5] apache2: sets environmental variable based on user supplied Proxy request header (CVE-2016-5387) |
| oval:org.secpod.oval:def:1800301 | 7143 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 |
[3.4] bind: Multiple vulnerabilities (CVE-2017-3136, CVE-2017-3137, CVE-2017-3138) |
| oval:org.secpod.oval:def:1800302 | 7900 CVE-2016-1238 CVE-2017-12837 CVE-2017-12883 |
[3.4] perl: Multiple vulnerabilities (CVE-2016-1238, CVE-2017-12837, CVE-2017-12883) |
| oval:org.secpod.oval:def:1800303 | 7893 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 |
[3.5] samba: Multiple vulnerabilities (CVE-2017-12150, CVE-2017-12151, CVE-2017-12163) |
| oval:org.secpod.oval:def:1800304 | 7240 CVE-2017-5846 CVE-2017-5847 |
[3.4] gst-plugins-ugly1: Multiple issues (CVE-2017-5846, CVE-2017-5847) |
| oval:org.secpod.oval:def:1800305 | 6116 CVE-2016-2180 |
[3.4] openssl: OOB read in TS_OBJ_print_bio() (CVE-2016-2180) |
| oval:org.secpod.oval:def:1800306 | 6496 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 |
[3.4] xen: Multiple issues (CVE-2016-9386, CVE-2016-9382, CVE-2016-9385, CVE-2016-9383, CVE-2016-9377, CVE-2016-9378, CVE-2016-9381, CVE-2016-9379, CVE-2016-9380) |
| oval:org.secpod.oval:def:1800307 | 7183 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 |
[3.5] wireshark: Multiple issues (CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7704, CVE-2017-7705) |
| oval:org.secpod.oval:def:1800308 | 8275 CVE-2017-3737 CVE-2017-3738 |
[3.6] openssl: Multiple vulnerabilities (CVE-2017-3737, CVE-2017-3738) |
| oval:org.secpod.oval:def:1800309 | 6862 CVE-2017-5953 |
[3.6] vim: Tree length values not validated properly when handling a spell file (CVE-2017-5953) |
| oval:org.secpod.oval:def:1800310 | 7396 CVE-2017-9468 CVE-2017-9469 |
[3.5] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469) |
| oval:org.secpod.oval:def:1800311 | 8188 CVE-2017-15873 CVE-2017-15874 CVE-2017-16544 |
[3.6] busybox: Multiple vulnerabilities (CVE-2017-15873, CVE-2017-16544) |
| oval:org.secpod.oval:def:1800313 | 8373 CVE-2017-1000501 |
[3.6] awstats: Path traversal flaws (CVE-2017-1000501) |
| oval:org.secpod.oval:def:1800315 | 8435 CVE-2017-17997 CVE-2018-5334 CVE-2018-5335 CVE-2018-5336 |
[3.5] wireshark: Multiple vulnerabilities (CVE-2017-17997, CVE-2018-5334, CVE-2018-5335, CVE-2018-5336) |
| oval:org.secpod.oval:def:1800316 | 8441 CVE-2018-1000005 CVE-2018-1000007 |
[3.5] curl: Multiple vulnerabilities (CVE-2018-1000005, CVE-2018-1000007) |
| oval:org.secpod.oval:def:1800317 | 6289 CVE-2016-7949 CVE-2016-7950 |
[3.5] libxrender: insufficient validation of data from the X server can cause out of boundary memory writes (CVE-2016-7949, CVE-2016-7950) |
| oval:org.secpod.oval:def:1800319 | 6549 CVE-2016-7415 |
[3.4] icu: Stack based buffer overflow in locid.cpp (CVE-2016-7415) |
| oval:org.secpod.oval:def:1800320 | 7570 CVE-2017-9765 |
[3.6] gsoap: Stack-based buffer overflow when receiving XML message with size larger than 2GB (CVE-2017-9765) |
| oval:org.secpod.oval:def:1800322 | 7142 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 |
[3.5] bind: Multiple vulnerabilities (CVE-2017-3136, CVE-2017-3137, CVE-2017-3138) |
| oval:org.secpod.oval:def:1800323 | 7559 CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11409 |
[3.6] wireshark: Multiple vulnerabilities (CVE-2017-11406, CVE-2017-11407, CVE-2017-11408) |
| oval:org.secpod.oval:def:1800325 | 7552 CVE-2017-9831 CVE-2017-9832 |
[3.5] libmtp: various flaws (CVE-2017-9831, CVE-2017-9832) |
| oval:org.secpod.oval:def:1800327 | 7596 CVE-2017-11126 CVE-2017-9545 CVE-2017-9870 |
[3.5] mpg123: global buffer overflow in III_i_stereo (layer3.c) (CVE-2017-11126) |
| oval:org.secpod.oval:def:1800328 | 7288 CVE-2017-8903 CVE-2017-8904 CVE-2017-8905 |
[3.6] xen: Multiple issues (CVE-2017-8903, CVE-2017-8904) |
| oval:org.secpod.oval:def:1800329 | 7034 CVE-2017-5884 CVE-2017-5885 |
[3.6] gtk-vnc: two input validation flaws (CVE-2017-5884, CVE-2017-5885) |
| oval:org.secpod.oval:def:1800331 | 7733 CVE-2017-12134 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 |
[3.6] xen: Multiple vulnerabilities (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855) |
| oval:org.secpod.oval:def:1800332 | 5932 CVE-2016-5386 |
[3.4] Go: sets environmental variable based on user supplied Proxy request header (CVE-2016-5386) |
| oval:org.secpod.oval:def:1800334 | 6262 CVE-2016-7445 |
[3.4] openjpeg: Null pointer dereference in convert.c (CVE-2016-7445) |
| oval:org.secpod.oval:def:1800335 | 6278 CVE-2016-5407 |
[3.4] libxv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407) |
| oval:org.secpod.oval:def:1800337 | 7050 CVE-2017-2619 |
[3.6] samba: Symlink race allows access outside share definition (CVE-2017-2619) |
| oval:org.secpod.oval:def:1800338 | 7628 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 |
[3.5] lame: Multiple vulnerabilities (CVE-2015-9099, CVE-2015-9100, CVE-2017-9410, CVE-2017-9411, CVE-2017-9412, CVE-2017-11720) |
| oval:org.secpod.oval:def:1800339 | 6009 CVE-2015-7554 CVE-2015-8668 CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5320 |
[3.5] tiff: Several vulnerabilities (CVE-2015-7554, CVE-2015-8668, CVE-2016-3945, CVE-2016-3632, CVE-2016-3990, CVE-2016-3991) |
| oval:org.secpod.oval:def:1800340 | 7184 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 |
[3.4] wireshark: Multiple issues (CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7705) |
| oval:org.secpod.oval:def:1800341 | 6548 CVE-2016-7415 |
[3.5] icu: Stack based buffer overflow in locid.cpp (CVE-2016-7415) |
| oval:org.secpod.oval:def:1800342 | 7096 CVE-2017-7233 CVE-2017-7234 |
[3.5] py-django: security issues (CVE-2017-7233, CVE-2017-7234) |
| oval:org.secpod.oval:def:1800343 | 7358 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 |
[3.4] zlib: Multiple vulnerabilities (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843) |
| oval:org.secpod.oval:def:1800345 | 5859 CVE-2016-4994 |
[3.4] gimp: Use-after-free vulnerabilities in the channel and layer properties parsing proces (CVE-2016-4994) |
| oval:org.secpod.oval:def:1800347 | 7201 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 |
[3.4] gd: Multiple vulnerabilities (CVE-2016-6906, CVE-2016-9317, CVE-2016-6912, CVE-2016-10166, CVE-2016-10167, CVE-2016-10168) |
| oval:org.secpod.oval:def:1800348 | 6791 CVE-2017-5601 |
[3.5] libarchive: Out of bounds read in lha_read_file_header_1() function (CVE-2017-5601) |
| oval:org.secpod.oval:def:1800349 | 8126 CVE-2017-12166 |
[3.6] openvpn: remote buffer overflow (CVE-2017-12166) |
| oval:org.secpod.oval:def:1800350 | 6183 CVE-2016-7167 |
[3.4] curl: escape and unescape integer overflows (CVE-2016-7167) |
| oval:org.secpod.oval:def:1800351 | 6040 CVE-2016-6515 |
[3.4] openssh: Denial of service via very long passwords (CVE-2016-6515) |
| oval:org.secpod.oval:def:1800352 | 6954 CVE-2017-6311 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314 |
[3.6] gdk-pixbuf: Multiple vulnerabilities (CVE-2017-6311, CVE-2017-6312, CVE-2017-6313, CVE-2017-6314) |
| oval:org.secpod.oval:def:1800354 | 8320 CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 |
[3.5] rsync: Several vulnerabilities (CVE-2017-16548, CVE-2017-17433, CVE-2017-17434) |
| oval:org.secpod.oval:def:1800355 | 7395 CVE-2017-9468 CVE-2017-9469 |
[3.6] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469) |
| oval:org.secpod.oval:def:1800357 | 6595 CVE-2016-9847 CVE-2016-9848 CVE-2016-9849 CVE-2016-9850 CVE-2016-9851 CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855 CVE-2016-9856 CVE-2016-9857 CVE-2016-9858 CVE-2016-9859 CVE-2016-9860 CVE-2016-9861 CVE-2016-9862 CVE-2016-9863 CVE-2016-9864 CVE-2016-9865 CVE-2016-9866 |
[3.5] phpmyadmin: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800358 | 7592 CVE-2017-7506 |
[3.4] spice: Possible buffer overflow via invalid monitor configurations (CVE-2017-7506) |
| oval:org.secpod.oval:def:1800360 | 6939 CVE-2016-0736 CVE-2016-2161 CVE-2016-8740 CVE-2016-8743 |
[3.5] apache2: Multiple vulnerabilities (CVE-2016-0736, CVE-2016-2161, CVE-2016-8740, CVE-2016-8743) |
| oval:org.secpod.oval:def:1800361 | 6800 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 |
[3.4] libevent: Multiple issues (CVE-2016-10195, CVE-2016-10196, CVE-2016-10197) |
| oval:org.secpod.oval:def:1800365 | 7527 CVE-2017-1000381 |
[3.5] c-ares: NAPTR parser out of bounds access (CVE-2017-1000381) |
| oval:org.secpod.oval:def:1800367 | 7990 CVE-2017-8798 |
[3.6] miniupnpc: Integer signedness error (CVE-2017-8798) |
| oval:org.secpod.oval:def:1800369 | 8085 CVE-2017-16227 |
[3.4] quagga: remote denial of service via BGP UPDATE messages (CVE-2017-16227) |
| oval:org.secpod.oval:def:1800371 | 6751 CVE-2016-10164 |
[3.5] libxpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164) |
| oval:org.secpod.oval:def:1800372 | 6888 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 |
[3.5] webkit2gtk: Several vulnerabilities (CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373) |
| oval:org.secpod.oval:def:1800373 | 6284 CVE-2016-7951 CVE-2016-7952 |
[3.4] libxtst: Out of boundary access and endless loop (CVE-2016-7951, CVE-2016-7952) |
| oval:org.secpod.oval:def:1800374 | 6140 CVE-2016-7143 |
[3.4] charybdis: certificate fingerprint spoofing through crafted SASL messages (CVE-2016-7143) |
| oval:org.secpod.oval:def:1800376 | 6570 CVE-2016-10013 CVE-2016-10024 CVE-2016-10025 |
[3.5] xen: Multiple issues (CVE-2016-10024, CVE-2016-10025, CVE-2016-10013) |
| oval:org.secpod.oval:def:1800377 | 7812 CVE-2017-9224 CVE-2017-9225 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 |
[3.6] oniguruma: Multiple vulnerabilities (CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228) |
| oval:org.secpod.oval:def:1800379 | 7119 CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 |
[3.5] tiff: Multiple vulnerabilities (CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599, CVE-2017-7600, CVE-2017-7601, CVE-2017-7602) |
| oval:org.secpod.oval:def:1800380 | 5936 CVE-2016-5387 |
[3.4] apache2: sets environmental variable based on user supplied Proxy request header (CVE-2016-5387) |
| oval:org.secpod.oval:def:1800381 | 7429 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 |
[3.4] graphite2: Multiple vulnerabilities (CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778) |
| oval:org.secpod.oval:def:1800382 | 6532 CVE-2016-9893 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9899 CVE-2016-9900 CVE-2016-9901 CVE-2016-9902 CVE-2016-9904 CVE-2016-9905 |
[3.4] firefox-esr: various vulnerabilities (CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905) |
| oval:org.secpod.oval:def:1800383 | 5159 CVE-2015-5307 CVE-2015-7504 CVE-2015-8104 CVE-2015-8339 CVE-2015-8340 CVE-2015-8341 CVE-2015-8550 CVE-2015-8551 CVE-2015-8552 CVE-2015-8554 CVE-2015-8555 CVE-2015-8615 CVE-2016-1570 CVE-2016-1571 CVE-2016-2270 CVE-2016-2271 |
[3.4] xen: Multiple security issues (xsa-154 – xsa-170) |
| oval:org.secpod.oval:def:1800384 | 7528 CVE-2017-1000381 |
[3.4] c-ares: NAPTR parser out of bounds access (CVE-2017-1000381) |
| oval:org.secpod.oval:def:1800385 | 7133 CVE-2017-7407 |
[3.6] curl: write-out out of buffer read (CVE-2017-7407) |
| oval:org.secpod.oval:def:1800386 | 6480 CVE-2016-7957 CVE-2016-7958 CVE-2016-9372 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 |
[3.5] wireshark: Multiple issues (CVE-2016-7957, CVE-2016-7958, CVE-2016-9372, CVE-2016-9374, CVE-2016-9376, CVE-2016-9373, CVE-2016-9375) |
| oval:org.secpod.oval:def:1800388 | 7575 CVE-2017-1000050 |
[3.4] jasper: NULL pointer exception in the function jp2_encode (CVE-2017-1000050) |
| oval:org.secpod.oval:def:1800390 | 7729 CVE-2017-12904 |
[3.4] newsbeuter: Remote code execution (CVE-2017-12904) |
| oval:org.secpod.oval:def:1800392 | 5952 CVE-2016-2775 |
[3.4] bind: A query name which is too long can cause a segmentation fault in lwresd (CVE-2016-2775) |
| oval:org.secpod.oval:def:1800393 | 5715 CVE-2016-5108 |
[3.4] vlc: crash and potential code execution when processing QuickTime IMA files (CVE-2016-5108) |
| oval:org.secpod.oval:def:1800395 | 7216 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-5843 CVE-2017-5848 |
[3.5] gst-plugins-bad1: Multiple issues (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843, CVE-2017-5848) |
| oval:org.secpod.oval:def:1800397 | 6441 CVE-2016-5584 CVE-2016-7440 |
[3.4] mariadb: Multiple security vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800398 | 7735 CVE-2017-12134 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 |
[3.4] xen: Multiple vulnerabilities (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855) |
| oval:org.secpod.oval:def:1800399 | 8552 CVE-2018-1000024 CVE-2018-1000027 |
[3.6] squid: Multiple vulnerabilities (CVE-2018-1000024, CVE-2018-1000027) |
| oval:org.secpod.oval:def:1800400 | 5371 CVE-2016-3659 |
[3.4] cacti: SQL injection vulnerability in graph_view.php (CVE-2016-3659) |
| oval:org.secpod.oval:def:1800402 | 6223 CVE-2016-2776 |
[3.5] bind: Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request (CVE-2016-2776) |
| oval:org.secpod.oval:def:1800403 | 7560 CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11409 |
[3.5] wireshark: Multiple vulnerabilities (CVE-2017-11406, CVE-2017-11407, CVE-2017-11408) |
| oval:org.secpod.oval:def:1800404 | 7522 CVE-2017-7529 |
[3.4] nginx: Integer overflow in nginx range filter module leading to memory disclosure (CVE-2017-7529) |
| oval:org.secpod.oval:def:1800405 | 8084 CVE-2017-16227 |
[3.5] quagga: remote denial of service via BGP UPDATE messages (CVE-2017-16227) |
| oval:org.secpod.oval:def:1800406 | 7678 CVE-2017-2885 |
[3.5] libsoup: Stack based buffer overflow with HTTP Chunked Encoding (CVE-2017-2885) |
| oval:org.secpod.oval:def:1800407 | 7688 CVE-2017-11610 |
[3.4] supervisor: Command injection via malicious XML-RPC request (CVE-2017-11610) |
| oval:org.secpod.oval:def:1800409 | 6870 CVE-2017-5024 CVE-2017-5025 |
[3.5] ffmpeg: heap overflows (CVE-2017-5024, CVE-2017-5025) |
| oval:org.secpod.oval:def:1800410 | 6672 CVE-2016-9962 |
[3.5] docker: insecure opening of file-descriptor allows privilege escalation (CVE-2016-9962) |
| oval:org.secpod.oval:def:1800412 | 6566 CVE-2016-9580 CVE-2016-9581 |
[3.4] openjpeg: Multiple issues (CVE-2016-9580, CVE-2016-9581) |
| oval:org.secpod.oval:def:1800414 | 6445 CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 |
[3.5] memcached: Multiple issues (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706) |
| oval:org.secpod.oval:def:1800415 | 7438 CVE-2017-3140 |
[3.6] bind: An error processing RPZ rules can cause named to loop endlessly after handling a query (CVE-2017-3140) |
| oval:org.secpod.oval:def:1800416 | 6676 CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 |
[3.5] bind: Multiple security issues (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444) |
| oval:org.secpod.oval:def:1800417 | 6757 CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 |
[3.4] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055) |
| oval:org.secpod.oval:def:1800418 | 5272 CVE-2015-7560 CVE-2016-0771 |
[3.4] samba: security issues (CVE-2015-7560, CVE-2016-0771) |
| oval:org.secpod.oval:def:1800419 | 6951 CVE-2017-6188 |
[3.6] munin: Local file write vulnerability with CGI graphs enabled (CVE-2017-6188) |
| oval:org.secpod.oval:def:1800422 | 6648 CVE-2016-8734 |
[3.4] subversion: unrestricted XML entity expansion in mod_dontdothat and Subversion clients using http(s):// (CVE-2016-8734) |
| oval:org.secpod.oval:def:1800423 | 7526 CVE-2017-1000381 |
[3.6] c-ares: NAPTR parser out of bounds access (CVE-2017-1000381) |
| oval:org.secpod.oval:def:1800424 | 7511 CVE-2017-11107 |
[3.6] phpldapadmin: XSS in htdocs/entry_chooser.php (CVE-2017-11107) |
| oval:org.secpod.oval:def:1800425 | 8032 CVE-2017-15650 |
[3.5] CVE-2017-15650 musl |
| oval:org.secpod.oval:def:1800426 | 7311 CVE-2016-10217 CVE-2016-10218 CVE-2016-10219 CVE-2016-10220 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 |
[3.4] ghostscript: Multiple vulnerabilities (CVE-2016-10217, CVE-2016-10218, CVE-2016-10219, CVE-2016-10220, CVE-2017-5951, CVE-2017-7207, CVE-2017-8291) |
| oval:org.secpod.oval:def:1800427 | 7642 CVE-2016-8705 CVE-2017-9951 |
[3.5] memcached: Heap-based buffer over-read in try_read_command function (CVE-2017-9951) |
| oval:org.secpod.oval:def:1800428 | 6637 CVE-2016-9941 CVE-2016-9942 |
[3.6] libvncserver: heap buffer overflows (CVE-2016-9941, CVE-2016-9942) |
| oval:org.secpod.oval:def:1800429 | 5341 CVE-2016-2342 |
[3.4] quagga: stack-based buffer overflow vulnerability (CVE-2016-2342) |
| oval:org.secpod.oval:def:1800431 | 7705 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 |
[3.6] mariadb: Multiple vulnerabilities (CVE-2017-3308, CVE-2017-3309, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653) |
| oval:org.secpod.oval:def:1800432 | 8165 CVE-2017-8807 |
[3.6] varnish: Data leak – " |
| oval:org.secpod.oval:def:1800434 | 7679 CVE-2017-2885 |
[3.4] libsoup: Stack based buffer overflow with HTTP Chunked Encoding (CVE-2017-2885) |
| oval:org.secpod.oval:def:1800435 | 7299 CVE-2017-9078 CVE-2017-9079 |
[3.5] dropbear: Multiple vulnerabilities (CVE-2017-9078, CVE-2017-9079) |
| oval:org.secpod.oval:def:1800437 | 6559 CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 |
[3.4] samba: Several vulnerabilities (CVE-2016-2123, CVE-2016-2125, CVE-2016-2126) |
| oval:org.secpod.oval:def:1800438 | 6803 CVE-2017-5192 CVE-2017-5200 |
[3.5] salt: multiple issues (CVE-2017-5192, CVE-2017-5200) |
| oval:org.secpod.oval:def:1800440 | 8529 CVE-2018-6003 |
[3.5] libtasn1: Stack exhaustion due to indefinite recursion during BER decoding (CVE-2018-6003) |
| oval:org.secpod.oval:def:1800441 | 8270 CVE-2017-17083 CVE-2017-17084 CVE-2017-17085 |
[3.5] wireshark: Multiple vulnerabilities (CVE-2017-17083, CVE-2017-17084, CVE-2017-17085) |
| oval:org.secpod.oval:def:1800442 | 6790 CVE-2017-5601 |
[3.6] libarchive: Out of bounds read in lha_read_file_header_1() function (CVE-2017-5601) |
| oval:org.secpod.oval:def:1800443 | 8127 CVE-2017-12166 |
[3.5] openvpn: remote buffer overflow (CVE-2017-12166) |
| oval:org.secpod.oval:def:1800444 | 8523 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 |
[3.4] xen: Multiple vulnerabilities (CVE-2017-17563, CVE-2017-17564, CVE-2017-17565, CVE-2017-17566, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) |
| oval:org.secpod.oval:def:1800445 | 6230 CVE-2016-7444 |
[3.4] gnutls: Incorrect certificate validation when using OCSP responses (CVE-2016-7444) |
| oval:org.secpod.oval:def:1800447 | 6296 CVE-2016-7947 CVE-2016-7948 |
[3.4] libxrandr: Integer overflows and various data mishandlings (CVE-2016-7947, CVE-2016-7948) |
| oval:org.secpod.oval:def:1800449 | 6869 CVE-2017-5024 CVE-2017-5025 |
[3.6] ffmpeg: heap overflows (CVE-2017-5024, CVE-2017-5025) |
| oval:org.secpod.oval:def:1800450 | 7549 CVE-2017-11403 |
[3.6] graphicsmagick: Use-after-free in CloseBlob (CVE-2017-11403) |
| oval:org.secpod.oval:def:1800451 | 6943 CVE-2016-6252 CVE-2017-2616 |
[3.5] shadow: Several vulnerabilities (CVE-2016-6252, CVE-2017-2616) |
| oval:org.secpod.oval:def:1800453 | 7045 CVE-2016-7068 CVE-2016-7073 CVE-2016-7074 |
[3.5] pdns-recursor: Multiple vulnerabilities (CVE-2016-7068, CVE-2016-7073, CVE-2016-7074) |
| oval:org.secpod.oval:def:1800455 | 7306 CVE-2017-5461 CVE-2017-5462 |
[3.4] nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (CVE-2017-5461) |
| oval:org.secpod.oval:def:1800456 | 6295 CVE-2016-7947 CVE-2016-7948 |
[3.5] libxrandr: Integer overflows and various data mishandlings (CVE-2016-7947, CVE-2016-7948) |
| oval:org.secpod.oval:def:1800457 | 7903 CVE-2017-11185 |
[3.6] strongswan: Insufficient Input Validation in gmp Plugin (CVE-2017-11185) |
| oval:org.secpod.oval:def:1800458 | 8224 CVE-2017-16611 |
[3.6] libxfont: Open files with O_NOFOLLOW (CVE-2017-16611) |
| oval:org.secpod.oval:def:1800459 | 8220 CVE-2017-17044 CVE-2017-17045 |
[3.6] xen: Multiple vulnerabilities (CVE-2017-17044, CVE-2017-17045) |
| oval:org.secpod.oval:def:1800460 | 8183 CVE-2017-14746 CVE-2017-15275 |
[3.5] samba: Multiple vulnerabilities (CVE-2017-14746, CVE-2017-15275) |
| oval:org.secpod.oval:def:1800461 | 7995 CVE-2017-11714 CVE-2017-9611 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9835 |
[3.4] ghostscript: Multiple vulnerabilities (CVE-2017-9611, CVE-2017-9612, CVE-2017-9726, CVE-2017-9727, CVE-2017-9739, CVE-2017-9835, CVE-2017-11714) |
| oval:org.secpod.oval:def:1800462 | 6302 CVE-2016-7945 CVE-2016-7946 |
[3.4] libxi: various flaws (CVE-2016-7945, CVE-2016-7946) |
| oval:org.secpod.oval:def:1800464 | 5989 CVE-2016-6254 |
[3.4] collectd: heap overflow in the network plugin (CVE-2016-6254) |
| oval:org.secpod.oval:def:1800465 | 8228 CVE-2017-16612 |
[3.6] libxcursor: heap overflows when parsing malicious files (CVE-2017-16612) |
| oval:org.secpod.oval:def:1800466 | 8182 CVE-2017-14746 CVE-2017-15275 |
[3.6] samba: Multiple vulnerabilities (CVE-2017-14746, CVE-2017-15275) |
| oval:org.secpod.oval:def:1800467 | 8585 CVE-2017-18190 |
[3.5] cups: A localhost.localdomain whitelist entry in valid_host() (CVE-2017-18190) |
| oval:org.secpod.oval:def:1800469 | 7879 CVE-2017-12904 CVE-2017-14500 |
[3.4] newsbeuter: remote code execution (CVE-2017-14500) |
| oval:org.secpod.oval:def:1800470 | 5919 CVE-2016-4979 |
[3.4] apache2: X509 Client certificate based authentication can be bypassed when HTTP/2 is used (CVE-2016-4979) |
| oval:org.secpod.oval:def:1800471 | 7899 CVE-2016-1238 CVE-2017-12837 CVE-2017-12883 |
[3.5] perl: Multiple vulnerabilities (CVE-2017-12837, CVE-2017-12883) |
| oval:org.secpod.oval:def:1800472 | 6023 CVE-2016-5384 |
[3.5] fontconfig: Possible double free due to insufficiently validated cache files (CVE-2016-5384) |
| oval:org.secpod.oval:def:1800473 | 5853 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 |
[3.4] wireshark: multiple issues (CVE-2016-5350, CVE-2016-5351, CVE-2016-5352, CVE-2016-5353, CVE-2016-5354, CVE-2016-5355, CVE-2016-5356, CVE-2016-5357, CVE-2016-5358) |
| oval:org.secpod.oval:def:1800475 | 8170 CVE-2017-16820 CVE-2017-7401 |
[3.6] collectd: Multiple vulnerabilities (CVE-2017-7401, CVE-2017-16820) |
| oval:org.secpod.oval:def:1800477 | 6541 CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818 CVE-2016-9932 |
[3.4] xen: x86 CMPXCHG8B emulation fails to ignore operand size override (CVE-2016-9932) |
| oval:org.secpod.oval:def:1800478 | 5645 CVE-2016-4476 |
[3.4] hostapd: denial of service via crafted WPA/WPA2 passphrase parameter (CVE-2016-4476) |
| oval:org.secpod.oval:def:1800480 | 7573 CVE-2017-1000050 |
[3.6] jasper: NULL pointer exception in the function jp2_encode (CVE-2017-1000050) |
| oval:org.secpod.oval:def:1800481 | 7383 CVE-2017-7484 CVE-2017-7485 CVE-2017-7486 |
[3.5] postgresql: Multiple vulnerabilities (CVE-2017-7484, CVE-2017-7485, CVE-2017-7486) |
| oval:org.secpod.oval:def:1800482 | 8189 CVE-2017-15873 CVE-2017-15874 CVE-2017-16544 |
[3.5] busybox: Multiple vulnerabilities (CVE-2017-15873, CVE-2017-16544) |
| oval:org.secpod.oval:def:1800484 | 7228 CVE-2016-9811 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 |
[3.4] gst-plugins-base1: Multiple vulnerabilities (CVE-2016-9811, CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844) |
| oval:org.secpod.oval:def:1800486 | 7175 CVE-2016-5419 CVE-2017-2629 CVE-2017-7407 CVE-2017-7468 |
[3.4] curl: TLS session resumption client cert bypass (CVE-2017-7468) |
| oval:org.secpod.oval:def:1800487 | 7135 CVE-2017-2629 CVE-2017-7407 CVE-2017-7468 |
[3.4] curl: write-out out of buffer read (CVE-2017-7407) |
| oval:org.secpod.oval:def:1800488 | 8329 CVE-2017-6362 CVE-2017-7890 |
[3.6] gd: Multiple vulnerabilities (CVE-2017-6362, CVE-2017-7890) |
| oval:org.secpod.oval:def:1800489 | 7832 CVE-2017-0378 CVE-2017-0379 |
[3.6] libgcrypt: Missing input validation for X25519 curve (CVE-2017-0379) |
| oval:org.secpod.oval:def:1800490 | 7693 CVE-2017-1000115 CVE-2017-1000116 CVE-2017-9462 |
[3.5] mercurial: Multiples vulnerabilities (CVE-2017-9462, CVE-2017-1000115, CVE-2017-1000116) |
| oval:org.secpod.oval:def:1800492 | 5632 CVE-2015-8863 |
[3.4] jq: heap-buffer-overflow in tokenadd() function (CVE-2015-8863) |
| oval:org.secpod.oval:def:1800494 | 7743 CVE-2017-6886 CVE-2017-6887 |
[3.4] libraw: Multiple vulnerabilities (CVE-2017-6886, CVE-2017-6887) |
| oval:org.secpod.oval:def:1800495 | 7964 CVE-2017-1000254 |
[3.4] curl: FTP PWD response parser out of bounds read (CVE-2017-1000254) |
| oval:org.secpod.oval:def:1800496 | 5875 CVE-2016-5008 |
[3.4] libvirt: Setting empty VNC password allows access to unauthorized users (CVE-2016-5008) |
| oval:org.secpod.oval:def:1800497 | 7465 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 |
[3.5] apache2: Several vulnerabilities (CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679) |
| oval:org.secpod.oval:def:1800498 | 8340 CVE-2017-16910 |
[3.6] libraw: Invalid read memory access in the LibRaw::xtrans_interpolate() function (CVE-2017-16910) |
| oval:org.secpod.oval:def:1800499 | 6799 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 |
[3.5] libevent: Multiple issues (CVE-2016-10195, CVE-2016-10196, CVE-2016-10197) |
| oval:org.secpod.oval:def:1800500 | 8166 CVE-2017-8807 |
[3.5] varnish: Data leak – " |
| oval:org.secpod.oval:def:1800502 | 6655 CVE-2016-9401 |
[3.5] bash:popd controlled free (CVE-2016-9401) |
| oval:org.secpod.oval:def:1800503 | 7348 CVE-2017-9022 CVE-2017-9023 |
[3.5] strongswan: Multiple vulnerabilities (CVE-2017-9022, CVE-2017-9023) |
| oval:org.secpod.oval:def:1800504 | 6050 CVE-2016-6505 CVE-2016-6506 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 |
[3.5] wireshark: multiple issues (CVE-2016-6505, CVE-2016-6506, CVE-2016-6508, CVE-2016-6509, CVE-2016-6510, CVE-2016-6511) |
| oval:org.secpod.oval:def:1800505 | 6004 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 |
[3.4] curl: Several vulnerabilities (CVE-2016-5419, CVE-2016-5420, CVE-2016-5421) |
| oval:org.secpod.oval:def:1800506 | 6463 CVE-2016-9013 CVE-2016-9014 |
[3.4] py-django: security issues (CVE-2016-9013, CVE-2016-9014) |
| oval:org.secpod.oval:def:1800507 | 7541 CVE-2017-11103 |
[3.4] heimdal: Orpheus& |
| oval:org.secpod.oval:def:1800508 | 7867 CVE-2017-2862 |
[3.5] gdk-pixbuf: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function (CVE-2017-2862) |
| oval:org.secpod.oval:def:1800509 | 6675 CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 |
[3.6] bind: Multiple security issues (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444) |
| oval:org.secpod.oval:def:1800510 | 6817 CVE-2016-10169 CVE-2016-1017 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172 |
[3.6] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172) |
| oval:org.secpod.oval:def:1800512 | 7520 CVE-2017-7529 |
[3.6] nginx: Integer overflow in nginx range filter module leading to memory disclosure (CVE-2017-7529) |
| oval:org.secpod.oval:def:1800513 | 7543 CVE-2017-2538 CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064 |
[3.6] webkit2gtk: Memory corruption issues (CVE-2017-2538) |
| oval:org.secpod.oval:def:1800514 | 7014 CVE-2017-3302 CVE-2017-3313 |
[3.6] mariadb: Multiple vulnerabilities (CVE-2017-3313, CVE-2017-3302) |
| oval:org.secpod.oval:def:1800515 | 7056 CVE-2017-5029 |
[3.6] libxslt: integer overflow in xsltAddTextString (CVE-2017-5029) |
| oval:org.secpod.oval:def:1800516 | 5931 CVE-2016-5386 |
[3.5] Go: sets environmental variable based on user supplied Proxy request header (CVE-2016-5386) |
| oval:org.secpod.oval:def:1800517 | 7483 CVE-2017-10688 CVE-2017-9147 CVE-2017-9403 CVE-2017-9404 CVE-2017-9936 |
[3.5] tiff: Multiple vulnerabilities (CVE-2017-9147, CVE-2017-9403, CVE-2017-9404, CVE-2017-9936, CVE-2017-10688) |
| oval:org.secpod.oval:def:1800518 | 6139 CVE-2016-7143 |
[3.5] charybdis: certificate fingerprint spoofing through crafted SASL messages (CVE-2016-7143) |
| oval:org.secpod.oval:def:1800519 | 6151 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7154 |
[3.5] xen: Multiple issues (CVE-2016-7092, CVE-2016-7093, CVE-2016-7094) |
| oval:org.secpod.oval:def:1800520 | 6075 CVE-2015-8874 CVE-2016-5766 CVE-2016-5767 CVE-2016-6128 CVE-2016-6132 CVE-2016-6207 CVE-2016-6214 |
[3.4] gd: multiple issues (CVE-2015-8874, CVE-2016-5766, CVE-2016-5767, CVE-2016-6128, CVE-2016-6132, CVE-2016-6207, CVE-2016-6214) |
| oval:org.secpod.oval:def:1800521 | 8016 CVE-2017-13765 CVE-2017-13766 CVE-2017-13767 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 |
[3.4] wireshark: Multiple vulnerabilities (CVE-2017-15191) |
| oval:org.secpod.oval:def:1800522 | 7634 CVE-2017-11108 |
[3.6] tcpdump: heap-based buffer over-read and application crash (CVE-2017-11108) |
| oval:org.secpod.oval:def:1800523 | 6828 CVE-2017-3135 |
[3.6] bind: Combination of DNS64 and RPZ Can Lead to Crash (CVE-2017-3135) |
| oval:org.secpod.oval:def:1800524 | 7470 CVE-2017-6922 |
[3.6] drupal7: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users (CVE-2017-6922) |
| oval:org.secpod.oval:def:1800525 | 7217 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-5843 CVE-2017-5848 |
[3.4] gst-plugins-bad1: Multiple issues (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843, CVE-2017-5848) |
| oval:org.secpod.oval:def:1800527 | 7841 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 |
[3.4] tcpdump: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800528 | 8394 CVE-2017-16879 |
[3.5] ncurses:Stack based buffer overflow (CVE-2017-16879) |
| oval:org.secpod.oval:def:1800529 | 6631 CVE-2016-10109 |
[3.4] pcsc-lite: Use-after-free of cardsList due to SCardReleaseContext invocations (CVE-2016-10109) |
| oval:org.secpod.oval:def:1800531 | 7534 CVE-2017-11103 |
[3.5] samba: Orpheus& |
| oval:org.secpod.oval:def:1800532 | 6596 CVE-2016-9847 CVE-2016-9848 CVE-2016-9849 CVE-2016-9850 CVE-2016-9851 CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855 CVE-2016-9856 CVE-2016-9857 CVE-2016-9858 CVE-2016-9859 CVE-2016-9860 CVE-2016-9861 CVE-2016-9862 CVE-2016-9863 CVE-2016-9864 CVE-2016-9865 CVE-2016-9866 |
[3.4] phpmyadmin: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800533 | 7087 CVE-2017-6508 |
[3.6] wget: CRLF injection in the url_parse function in url.c (CVE-2017-6508) |
| oval:org.secpod.oval:def:1800534 | 7814 CVE-2017-12858 CVE-2017-14107 |
[3.6] libzip: Multiple vulnerabilities (CVE-2017-14107, CVE-2017-12858) |
| oval:org.secpod.oval:def:1800536 | 6190 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 |
[3.4] php5: Multiple issues (CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418) |
| oval:org.secpod.oval:def:1800537 | 8058 CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 |
[3.6] firefox-esr: Multiple vulnerabilities (CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7805, CVE-2017-7814, CVE-2017-7825, CVE-2017-7823, CVE-2017-7810) |
| oval:org.secpod.oval:def:1800539 | 7833 CVE-2017-0378 CVE-2017-0379 |
[3.5] libgcrypt: Missing input validation for X25519 curve (CVE-2017-0379) |
| oval:org.secpod.oval:def:1800540 | 8171 CVE-2017-16820 CVE-2017-7401 |
[3.5] collectd: Multiple vulnerabilities (CVE-2017-7401, CVE-2017-16820) |
| oval:org.secpod.oval:def:1800541 | 7674 CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7807 CVE-2017-7809 |
[3.6] firefox-esr: Multiple vulnerabilities (CVE-2017-7753, CVE-2017-7779, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7791, CVE-2017-7792, , CVE-2017-7802, CVE-2017-7803, CVE-2017-7807, CVE-2017-7809) |
| oval:org.secpod.oval:def:1800542 | 7434 CVE-2017-7526 CVE-2017-9526 |
[3.4] libgcrypt: Possible timing attack on EdDSA session key (CVE-2017-9526) |
| oval:org.secpod.oval:def:1800543 | 6656 CVE-2016-9401 |
[3.4] bash: popd controlled free (CVE-2016-9401) |
| oval:org.secpod.oval:def:1800544 | 6207 CVE-2016-2183 CVE-2016-6304 CVE-2016-6306 |
[3.4] openssl: Security issues (CVE-2016-2183, CVE-2016-6304, CVE-2016-6306) |
| oval:org.secpod.oval:def:1800545 | 7001 CVE-2017-2640 |
[3.5] pidgin: Out-of-bounds write when stripping xml (CVE-2017-2640) |
| oval:org.secpod.oval:def:1800548 | 6093 CVE-2016-2090 |
[3.4] libbsd: Heap buffer overflow in fgetwln function (CVE-2016-2090) |
| oval:org.secpod.oval:def:1800550 | 7328 CVE-2017-6891 |
[3.6] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891) |
| oval:org.secpod.oval:def:1800551 | 6617 CVE-2016-6301 |
[3.4] busybox: NTP server denial of service flaw (CVE-2016-6301) |
| oval:org.secpod.oval:def:1800552 | 7441 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 |
[3.6] libsndfile: Multiple vulnerabilities (CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365) |
| oval:org.secpod.oval:def:1800553 | 7648 CVE-2017-12562 |
[3.5] libsndfile: Heap-based Buffer Overflow (CVE-2017-12562) |
| oval:org.secpod.oval:def:1800554 | 8116 CVE-2017-3735 CVE-2017-3736 |
[3.4] openssl: Multiple vulnerabilities (CVE-2017-3735, CVE-2017-3736) |
| oval:org.secpod.oval:def:1800555 | 6692 CVE-2017-5193 CVE-2017-5194 CVE-2017-5195 CVE-2017-5196 CVE-2017-5356 |
[3.4] irssi: Multiple vulnerabilities (CVE-2017-5193, CVE-2017-5194, CVE-2017-5356, CVE-2017-5195, CVE-2017-5196) |
| oval:org.secpod.oval:def:1800556 | 7968 CVE-2017-11112 CVE-2017-11113 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13733 CVE-2017-13734 |
[3.5] ncurses: Multiple vulnerabilities (CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734) |
| oval:org.secpod.oval:def:1800558 | 7189 CVE-2017-7867 CVE-2017-7868 |
[3.6] icu: multiple issues (CVE-2017-7867, CVE-2017-7868) |
| oval:org.secpod.oval:def:1800559 | 8285 CVE-2017-15906 |
[3.4] openssh: Improper write operations in readonly mode allow for zero-length file creation (CVE-2017-15906) |
| oval:org.secpod.oval:def:1800560 | 6088 CVE-2016-6354 |
[3.4] flex: buffer overflow in generated code (yy_get_next_buffer) (CVE-2016-6354) |
| oval:org.secpod.oval:def:1800562 | 7433 CVE-2017-7526 CVE-2017-9526 |
[3.5] libgcrypt: Possible timing attack on EdDSA session key (CVE-2017-9526) |
| oval:org.secpod.oval:def:1800563 | 6823 CVE-2017-5596 CVE-2017-5597 |
[3.5] wireshark: Multiple issues (CVE-2017-5596, CVE-2017-5597) |
| oval:org.secpod.oval:def:1800565 | 7364 CVE-2017-9287 |
[3.4] openldap: Double free vulnerability in servers/slapd/back-mdb/search.c (CVE-2017-9287) |
| oval:org.secpod.oval:def:1800566 | 8167 CVE-2017-8807 |
[3.4] varnish: Data leak – " |
| oval:org.secpod.oval:def:1800568 | 7330 CVE-2017-6891 |
[3.4] libtasn1: asn1_find_node() based stack overflow (CVE-2017-6891) |
| oval:org.secpod.oval:def:1800569 | 8395 CVE-2017-16879 |
[3.4] ncurses:Stack based buffer overflow (CVE-2017-16879) |
| oval:org.secpod.oval:def:1800570 | 8464 CVE-2017-18013 |
[3.4] Tiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() (CVE-2017-18013) |
| oval:org.secpod.oval:def:1800572 | 5638 CVE-2016-4476 CVE-2016-4477 |
[3.4] wpa_supplicant: security vulnerabilities (CVE-2016-4476, CVE-2016-4477) |
| oval:org.secpod.oval:def:1800574 | 6580 CVE-2016-10002 CVE-2016-10003 |
[3.4] squid: Multiple issues (CVE-2016-10002, CVE-2016-10003) |
| oval:org.secpod.oval:def:1800575 | 7722 CVE-2017-7555 |
[3.4] augeas: Improper handling of escaped strings leading to memory corruption (CVE-2017-7555) |
| oval:org.secpod.oval:def:1800576 | 6536 CVE-2016-7969 CVE-2016-7970 CVE-2016-7971 CVE-2016-7972 |
[3.4] libass: Multiple issues (CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972) |
| oval:org.secpod.oval:def:1800578 | 5951 CVE-2016-2775 |
[3.5] bind: A query name which is too long can cause a segmentation fault in lwresd (CVE-2016-2775) |
| oval:org.secpod.oval:def:1800580 | 6342 CVE-2016-7568 |
[3.5] gd: Integer overflow in function gdImageWebpCtx of gd_webp.c (CVE-2016-7568) |
| oval:org.secpod.oval:def:1800581 | 8184 CVE-2017-14746 CVE-2017-15275 |
[3.4] samba: Multiple vulnerabilities (CVE-2017-14746, CVE-2017-15275) |
| oval:org.secpod.oval:def:1800582 | 8399 CVE-2017-16931 |
[3.4] libxml2: Mishandling parameter-entity references (CVE-2017-16931) |
| oval:org.secpod.oval:def:1800583 | 7840 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 |
[3.5] tcpdump: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800586 | 5858 CVE-2016-4994 |
[3.5] gimp: Use-after-free vulnerabilities in the channel and layer properties parsing proces (CVE-2016-4994) |
| oval:org.secpod.oval:def:1800587 | 7079 CVE-2017-2629 CVE-2017-7407 CVE-2017-7468 |
[3.4] curl: SSL_VERIFYSTATUS ignored (CVE-2017-2629 ) |
| oval:org.secpod.oval:def:1800588 | 6854 CVE-2017-5969 |
[3.4] libxml2: null pointer dereference when parsing a xml file using recover mode (CVE-2017-5969) |
| oval:org.secpod.oval:def:1800590 | 7516 CVE-2017-10965 CVE-2017-10966 |
[3.4] irssi: Multiple issues (CVE-2017-10965, CVE-2017-10966) |
| oval:org.secpod.oval:def:1800591 | 6196 CVE-2016-6606 CVE-2016-6607 CVE-2016-6608 CVE-2016-6609 CVE-2016-6610 CVE-2016-6611 CVE-2016-6612 CVE-2016-6613 CVE-2016-6614 CVE-2016-6615 CVE-2016-6616 CVE-2016-6617 CVE-2016-6618 CVE-2016-6619 CVE-2016-6620 CVE-2016-6622 CVE-2016-6623 CVE-2016-6624 CVE-2016-6625 CVE-2016-6626 CVE-2016-6627 CVE-2016-6628 CVE-2016-6629 CVE-2016-6630 CVE-2016-6631 CVE-2016-6632 CVE-2016-6633 |
[3.4] phpmyadmin: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800592 | 7913 CVE-2017-13765 CVE-2017-13766 CVE-2017-13767 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 |
[3.4] wireshark: Multiple vulnerabilities (CVE-2017-13765, CVE-2017-13767) |
| oval:org.secpod.oval:def:1800593 | 5966 CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 |
[3.4] libidn: Multiple security issues (CVE-2016-6263, CVE-2015-8948, CVE-2016-6262, CVE-2016-6261) |
| oval:org.secpod.oval:def:1800595 | 5852 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 |
[3.5] wireshark: multiple issues (CVE-2016-5350, CVE-2016-5351, CVE-2016-5352, CVE-2016-5353, CVE-2016-5354, CVE-2016-5355, CVE-2016-5356, CVE-2016-5357, CVE-2016-5358) |
| oval:org.secpod.oval:def:1800596 | 8276 CVE-2017-3737 CVE-2017-3738 |
[3.5] openssl: Multiple vulnerabilities (CVE-2017-3737, CVE-2017-3738) |
| oval:org.secpod.oval:def:1800597 | 7466 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 |
[3.4] apache2: Several vulnerabilities (CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679) |
| oval:org.secpod.oval:def:1800598 | 5841 CVE-2016-5701 CVE-2016-5702 CVE-2016-5703 CVE-2016-5704 CVE-2016-5705 CVE-2016-5706 CVE-2016-5732 |
[3.4] phpmyadmin: Multiple issues (CVE-2016-5702, CVE-2016-5704, CVE-2016-5732) |
| oval:org.secpod.oval:def:1800599 | 7432 CVE-2017-9526 |
[3.6] libgcrypt: Possible timing attack on EdDSA session key (CVE-2017-9526) |
| oval:org.secpod.oval:def:1800600 | 6913 CVE-2016-10140 CVE-2017-5367 CVE-2017-5368 CVE-2017-5595 |
[3.5] zoneminder: Multiple vulnerabilities (CVE-2017-5595, CVE-2017-5367, CVE-2017-5368, CVE-2016-10140) |
| oval:org.secpod.oval:def:1800602 | 6535 CVE-2016-7969 CVE-2016-7970 CVE-2016-7971 CVE-2016-7972 |
[3.5] libass: Multiple issues (CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972) |
| oval:org.secpod.oval:def:1800603 | 6734 CVE-2017-5225 |
[3.5] tiff: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value (CVE-2017-5225) |
| oval:org.secpod.oval:def:1800604 | 7940 CVE-2017-14160 |
[3.4] libvorbis: out-of-bounds access and application crash (CVE-2017-14160) |
| oval:org.secpod.oval:def:1800605 | 7321 CVE-2017-7494 |
[3.5] samba: Remote code execution from a writable share (CVE-2017-7494) |
| oval:org.secpod.oval:def:1800606 | 6003 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 |
[3.5] curl: Several vulnerabilities (CVE-2016-5419, CVE-2016-5420, CVE-2016-5421) |
| oval:org.secpod.oval:def:1800609 | 7686 CVE-2017-11610 |
[3.6] supervisor: Command injection via malicious XML-RPC request (CVE-2017-11610) |
| oval:org.secpod.oval:def:1800610 | 7015 CVE-2017-3302 CVE-2017-3313 |
[3.5] mariadb: Multiple vulnerabilities (CVE-2017-3313, CVE-2017-3302) |
| oval:org.secpod.oval:def:1800611 | 6741 CVE-2016-10128 CVE-2016-10129 CVE-2016-10130 |
[3.4] libgit2: Multiple vulnerabilities (CVE-2016-10128, CVE-2016-10129, CVE-2016-10130) |
| oval:org.secpod.oval:def:1800612 | 7993 CVE-2017-11714 CVE-2017-9611 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9835 |
[3.6] ghostscript: Multiple vulnerabilities (CVE-2017-9611, CVE-2017-9612, CVE-2017-9726, CVE-2017-9727, CVE-2017-9739, CVE-2017-9835, CVE-2017-11714) |
| oval:org.secpod.oval:def:1800613 | 7134 CVE-2017-7407 CVE-2017-7468 |
[3.5] curl: write-out out of buffer read (CVE-2017-7407) |
| oval:org.secpod.oval:def:1800614 | 7687 CVE-2017-11610 |
[3.5] supervisor: Command injection via malicious XML-RPC request (CVE-2017-11610) |
| oval:org.secpod.oval:def:1800615 | 7911 CVE-2017-13765 CVE-2017-13766 CVE-2017-13767 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 |
[3.6] wireshark: Multiple vulnerabilities (CVE-2017-13765, CVE-2017-13766, CVE-2017-13767) |
| oval:org.secpod.oval:def:1800616 | 8419 CVE-2017-3145 |
[3.5] bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) |
| oval:org.secpod.oval:def:1800617 | 6594 CVE-2016-9847 CVE-2016-9848 CVE-2016-9849 CVE-2016-9850 CVE-2016-9851 CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855 CVE-2016-9856 CVE-2016-9857 CVE-2016-9858 CVE-2016-9859 CVE-2016-9860 CVE-2016-9861 CVE-2016-9862 CVE-2016-9863 CVE-2016-9864 CVE-2016-9865 CVE-2016-9866 |
[3.6] phpmyadmin: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800618 | 6410 CVE-2016-7543 |
[3.4] bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution (CVE-2016-7543) |
| oval:org.secpod.oval:def:1800620 | 6916 CVE-2017-2615 CVE-2017-2620 |
[3.5] xen: Multiple issues (XSA-207, CVE-2017-2615, CVE-2017-2620) |
| oval:org.secpod.oval:def:1800621 | 6010 CVE-2015-7554 CVE-2015-8668 CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5320 |
[3.4] tiff: Several vulnerabilities (CVE-2015-7554, CVE-2015-8668, CVE-2016-3945, CVE-2016-3632, CVE-2016-3990, CVE-2016-3991) |
| oval:org.secpod.oval:def:1800622 | 7300 CVE-2017-9078 CVE-2017-9079 |
[3.4] dropbear: Multiple vulnerabilities (CVE-2017-9078, CVE-2017-9079) |
| oval:org.secpod.oval:def:1800624 | 8277 CVE-2017-3737 CVE-2017-3738 |
[3.4] openssl: Multiple vulnerabilities (CVE-2017-3737, CVE-2017-3738) |
| oval:org.secpod.oval:def:1800625 | 6555 CVE-2016-9888 |
[3.4] libgsf: Null pointer dereference in tar_directory_for_file() (CVE-2016-9888) |
| oval:org.secpod.oval:def:1800626 | 7160 CVE-2017-7607 CVE-2017-7608 |
[3.6] elfutils: Multiple issues (CVE-2017-7607, CVE-2017-7608) |
| oval:org.secpod.oval:def:1800628 | 6290 CVE-2016-7949 CVE-2016-7950 |
[3.4] libxrender: insufficient validation of data from the X server can cause out of boundary memory writes (CVE-2016-7949, CVE-2016-7950) |
| oval:org.secpod.oval:def:1800629 | 6735 CVE-2017-5225 |
[3.4] tiff: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value (CVE-2017-5225) |
| oval:org.secpod.oval:def:1800630 | 5453 CVE-2016-3119 |
[3.4] krb5: null pointer dereference in kadmin (CVE-2016-3119) |
| oval:org.secpod.oval:def:1800631 | 7591 CVE-2017-7506 |
[3.5] spice: Possible buffer overflow via invalid monitor configurations (CVE-2017-7506) |
| oval:org.secpod.oval:def:1800632 | 7443 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 |
[3.4] libsndfile: Multiple vulnerabilities (CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365) |
| oval:org.secpod.oval:def:1800633 | 5791 CVE-2016-4425 |
[3.4] jansson: stack exhaustion parsing a JSON file (CVE-2016-4425) |
| oval:org.secpod.oval:def:1800635 | 7741 CVE-2017-6886 CVE-2017-6887 |
[3.6] libraw: Multiple vulnerabilities (CVE-2017-6886, CVE-2017-6887) |
| oval:org.secpod.oval:def:1800636 | 7629 CVE-2015-9099 CVE-2015-9100 CVE-2017-11720 CVE-2017-9410 CVE-2017-9411 CVE-2017-9412 |
[3.4] lame: Multiple vulnerabilities (CVE-2015-9099, CVE-2015-9100, CVE-2017-9410, CVE-2017-9411, CVE-2017-9412, CVE-2017-11720) |
| oval:org.secpod.oval:def:1800637 | 7052 CVE-2017-2619 |
[3.4] samba: Symlink race allows access outside share definition (CVE-2017-2619) |
| oval:org.secpod.oval:def:1800638 | 6824 CVE-2017-5596 CVE-2017-5597 |
[3.4] wireshark: Multiple issues (CVE-2017-5596, CVE-2017-5597) |
| oval:org.secpod.oval:def:1800639 | 5864 CVE-2016-4971 |
[3.4] wget: Lack of filename checking allows arbitrary file upload via FTP redirect (CVE-2016-4971) |
| oval:org.secpod.oval:def:1800640 | 5172 CVE-2016-0739 |
[3.4] libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length (CVE-2016-0739) |
| oval:org.secpod.oval:def:1800643 | 7845 CVE-2017-1000250 |
[3.5] bluez: Out-of-bounds heap read in service_search_attr_req function (CVE-2017-1000250) |
| oval:org.secpod.oval:def:1800644 | 7075 CVE-2017-6542 |
[3.4] putty: Integer overflow in the ssh_agent_channel_data (CVE-2017-6542) |
| oval:org.secpod.oval:def:1800646 | 6890 CVE-2012-0876 CVE-2012-6702 CVE-2016-5300 |
[3.4] expat: Multiple issues (CVE-2012-6702, CVE-2016-5300) |
| oval:org.secpod.oval:def:1800648 | 8543 CVE-2017-1000158 |
[3.4] python: PyString_DecodeEscape integer overflow (CVE-2017-1000158) |
| oval:org.secpod.oval:def:1800649 | 7377 CVE-2017-9343 CVE-2017-9344 CVE-2017-9345 CVE-2017-9346 CVE-2017-9347 CVE-2017-9348 CVE-2017-9349 CVE-2017-9350 CVE-2017-9351 CVE-2017-9352 CVE-2017-9353 CVE-2017-9354 |
[3.6] wireshark: Multiple vulnerabilities (CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9347, CVE-2017-9348, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9353, CVE-2017-9354) |
| oval:org.secpod.oval:def:1800650 | 6915 CVE-2017-2615 CVE-2017-2620 |
[3.6] xen: Multiple issues (XSA-207, CVE-2017-2615, CVE-2017-2620) |
| oval:org.secpod.oval:def:1800651 | 6272 CVE-2016-7953 |
[3.4] libxvmc: Insufficient validation of server responses results in buffer underflow (CVE-2016-7953) |
| oval:org.secpod.oval:def:1800652 | 7694 CVE-2017-1000115 CVE-2017-1000116 CVE-2017-9462 |
[3.4] mercurial: Multiples vulnerabilities (CVE-2017-9462, CVE-2017-1000115, CVE-2017-1000116) |
| oval:org.secpod.oval:def:1800653 | 7369 CVE-2017-7650 |
[3.4] mosquitto: Pattern based ACLs can be bypassed (CVE-2017-7650) |
| oval:org.secpod.oval:def:1800655 | 7950 CVE-2017-10989 |
[3.6] sqlite: Heap-buffer overflow in the getNodeSize function (CVE-2017-10989) |
| oval:org.secpod.oval:def:1800657 | 6239 CVE-2016-5250 CVE-2016-5257 CVE-2016-5261 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284 |
[3.4] firefox-esr: Security vulnerabilities (CVE-2016-5270, CVE-2016-5272, CVE-2016-5276, CVE-2016-5274, CVE-2016-5277, CVE-2016-5278, CVE-2016-5280, CVE-2016-5281, CVE-2016-5284, CVE-2016-5250, CVE-2016-5261, CVE-2016-5257) |
| oval:org.secpod.oval:def:1800658 | 8206 CVE-2017-11399 CVE-2017-11665 CVE-2017-11719 CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223 CVE-2017-14225 CVE-2017-14767 CVE-2017-15186 CVE-2017-5024 CVE-2017-5025 CVE-2017-9608 CVE-2017-9991 CVE-2017-9992 CVE-2017-9993 CVE-2017-9994 CVE-2017-9996 |
[3.6] ffmpeg: Multiple vulnerabilities (CVE-2017-9991, CVE-2017-9992, CVE-2017-9993, CVE-2017-14767, CVE-2017-15186) |
| oval:org.secpod.oval:def:1800659 | 5785 CVE-2016-2177 CVE-2016-2178 |
[3.4] openssl: Security issues (CVE-2016-2177, CVE-2016-2178) |
| oval:org.secpod.oval:def:1800660 | 7734 CVE-2017-12134 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 |
[3.5] xen: Multiple vulnerabilities (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855) |
| oval:org.secpod.oval:def:1800661 | 7367 CVE-2017-7650 |
[3.6] mosquitto: Pattern based ACLs can be bypassed (CVE-2017-7650) |
| oval:org.secpod.oval:def:1800662 | 7846 CVE-2017-1000250 |
[3.4] bluez: Out-of-bounds heap read in service_search_attr_req function (CVE-2017-1000250) |
| oval:org.secpod.oval:def:1800663 | 8158 CVE-2017-1000256 |
[3.6] libvirt: TLS certificate verification disabled for clients (CVE-2017-1000256) |
| oval:org.secpod.oval:def:1800664 | 6349 CVE-2016-7777 |
[3.4] xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (CVE-2016-7777) |
| oval:org.secpod.oval:def:1800665 | 8321 CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 |
[3.4] rsync: Several vulnerabilities (CVE-2017-16548, CVE-2017-17433, CVE-2017-17434) |
| oval:org.secpod.oval:def:1800666 | 7089 CVE-2017-6508 |
[3.4] wget: CRLF injection in the url_parse function in url.c (CVE-2017-6508) |
| oval:org.secpod.oval:def:1800667 | 8553 CVE-2018-1000024 CVE-2018-1000027 |
[3.5] squid: Multiple vulnerabilities (CVE-2018-1000024, CVE-2018-1000027) |
| oval:org.secpod.oval:def:1800668 | 5046 CVE-2015-7744 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0610 CVE-2016-0616 CVE-2016-2047 |
[3.4] mariadb: Multiple security vulnerabilities (various CVEs) |
| oval:org.secpod.oval:def:1800669 | 8398 CVE-2017-16931 |
[3.5] libxml2: Mishandling parameter-entity references (CVE-2017-16931) |
| oval:org.secpod.oval:def:1800670 | 7484 CVE-2017-10688 CVE-2017-9147 CVE-2017-9403 CVE-2017-9404 CVE-2017-9936 |
[3.4] tiff: Multiple vulnerabilities (CVE-2017-9147, CVE-2017-9403, CVE-2017-9404, CVE-2017-9936, CVE-2017-10688) |
| oval:org.secpod.oval:def:1800671 | 8542 CVE-2017-1000158 |
[3.5] python: PyString_DecodeEscape integer overflow (CVE-2017-1000158) |
| oval:org.secpod.oval:def:1800673 | 7692 CVE-2017-1000115 CVE-2017-1000116 CVE-2017-9462 |
[3.6] mercurial: Multiples vulnerabilities (CVE-2017-1000115, CVE-2017-1000116) |
| oval:org.secpod.oval:def:1800674 | 6325 CVE-2016-7799 CVE-2016-7906 |
[3.4] imagemagick: multiple issues (CVE-2016-7799, CVE-2016-7906) |
| oval:org.secpod.oval:def:1800676 | 6313 CVE-2016-7942 CVE-2016-7943 |
[3.5] libx11: Insufficient validation of server responses in XGetImage() and FontNames (CVE-2016-7942, CVE-2016-7943) |
| oval:org.secpod.oval:def:1800678 | 6784 CVE-2016-9587 |
[3.4] ansible: host to controller command execution vulnerability (CVE-2016-9587) |
| oval:org.secpod.oval:def:1800679 | 6565 CVE-2016-9580 CVE-2016-9581 |
[3.5] openjpeg: Multiple issues (CVE-2016-9580, CVE-2016-9581) |
| oval:org.secpod.oval:def:1800680 | 7806 CVE-2017-14166 |
[3.4] libarchive: heap-based buffer overflow in xml_data (CVE-2017-14166) |
| oval:org.secpod.oval:def:1800681 | 8331 CVE-2017-6362 CVE-2017-7890 |
[3.4] gd: Multiple vulnerabilities (CVE-2017-6362, CVE-2017-7890) |
| oval:org.secpod.oval:def:1800682 | 6733 CVE-2017-5225 |
[3.6] tiff: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value (CVE-2017-5225) |
| oval:org.secpod.oval:def:1800683 | 7464 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 |
[3.6] apache2: Several vulnerabilities (CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679) |
| oval:org.secpod.oval:def:1800684 | 6730 CVE-2017-5618 |
[3.5] Screen: root exploit 4.5.0 (CVE-2017-5618) |
| oval:org.secpod.oval:def:1800686 | 5737 CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2824 CVE-2016-2828 CVE-2016-2831 |
[3.5] firefox-esr: Multiple vulnerabilities (CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2824, CVE-2016-2828, CVE-2016-2831) |
| oval:org.secpod.oval:def:1800687 | 5213 CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 |
[3.4] squid: Multiple Denial of Service issues (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572) |
| oval:org.secpod.oval:def:1800689 | 7397 CVE-2017-9468 CVE-2017-9469 |
[3.4] irssi: Multiple vulnerabilities (CVE-2017-9468, CVE-2017-9469) |
| oval:org.secpod.oval:def:1800692 | 6691 CVE-2017-5193 CVE-2017-5194 CVE-2017-5195 CVE-2017-5196 CVE-2017-5356 |
[3.5] irssi: Multiple vulnerabilities (CVE-2017-5193, CVE-2017-5194, CVE-2017-5356, CVE-2017-5195, CVE-2017-5196) |
| oval:org.secpod.oval:def:1800693 | 7322 CVE-2017-7494 |
[3.4] samba: Remote code execution from a writable share (CVE-2017-7494) |
| oval:org.secpod.oval:def:1800694 | 8096 CVE-2017-13065 CVE-2017-13648 CVE-2017-14042 CVE-2017-14314 CVE-2017-14504 CVE-2017-14733 CVE-2017-14994 CVE-2017-14997 CVE-2017-15930 |
[3.6] graphicsmagick: Multiple vulnerabilities (CVE-2017-14314, CVE-2017-14504, CVE-2017-14733, CVE-2017-14994 CVE-2017-14997, CVE-2017-15930) |
| oval:org.secpod.oval:def:1800695 | 5447 CVE-2016-4008 |
[3.4] libtasn1: infinite loop while parsing DER certificates (CVE-2016-4008) |
| oval:org.secpod.oval:def:1800696 | 6495 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 |
[3.5] xen: Multiple issues (CVE-2016-9386, CVE-2016-9382, CVE-2016-9385, CVE-2016-9384, CVE-2016-9383, CVE-2016-9377, CVE-2016-9378, CVE-2016-9381, CVE-2016-9379, CVE-2016-9380) |
| oval:org.secpod.oval:def:1800697 | 8440 CVE-2018-1000005 CVE-2018-1000007 |
[3.6] curl: Multiple vulnerabilities (CVE-2018-1000005, CVE-2018-1000007) |
| oval:org.secpod.oval:def:1800698 | 7521 CVE-2017-7529 |
[3.5] nginx: Integer overflow in nginx range filter module leading to memory disclosure (CVE-2017-7529) |
| oval:org.secpod.oval:def:1800699 | 6787 CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009 CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013 CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-5017 CVE-2017-5018 CVE-2017-5019 CVE-2017-5020 CVE-2017-5021 CVE-2017-5022 CVE-2017-5023 CVE-2017-5024 CVE-2017-5025 CVE-2017-5026 |
[3.5] chromium: Multiple vulnerabilities (CVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE-2017-5019, CVE-2017-5020, CVE-2017-5021, CVE-2017-5022, CVE-2017-5023, CVE-2017-5024, CVE-2017-5025, CVE-2017-5026) |
| oval:org.secpod.oval:def:1800700 | 7482 CVE-2017-10688 CVE-2017-9147 CVE-2017-9403 CVE-2017-9404 CVE-2017-9936 |
[3.6] tiff: Multiple vulnerabilities (CVE-2017-9147, CVE-2017-9403, CVE-2017-9404, CVE-2017-9936, CVE-2017-10688) |
| oval:org.secpod.oval:def:1800701 | 7868 CVE-2017-2862 |
[3.4] gdk-pixbuf: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function (CVE-2017-2862) |
| oval:org.secpod.oval:def:1800703 | 6792 CVE-2017-5601 |
[3.4] libarchive: Out of bounds read in lha_read_file_header_1() function (CVE-2017-5601) |
| oval:org.secpod.oval:def:1800704 | 6747 CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5383 CVE-2017-5386 CVE-2017-5390 CVE-2017-5396 |
[3.5] firefox-esr: Security vulnerabilities (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396) |
| oval:org.secpod.oval:def:1800706 | 7442 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 |
[3.5] libsndfile: Multiple vulnerabilities (CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365) |
| oval:org.secpod.oval:def:1800709 | 8128 CVE-2017-12166 |
[3.4] openvpn: remote buffer overflow (CVE-2017-12166) |
| oval:org.secpod.oval:def:1800710 | 5513 CVE-2016-3977 |
[3.4] giflib: heap buffer overflow in gif2rgb (CVE-2016-3977) |
| oval:org.secpod.oval:def:1800712 | 8462 CVE-2017-18013 |
[3.6] Tiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() (CVE-2017-18013) |
| oval:org.secpod.oval:def:1800714 | 7690 CVE-2017-10970 CVE-2017-11163 CVE-2017-11691 CVE-2017-12065 CVE-2017-12066 |
[3.6] cacti: Multiple vulnerabilities (CVE-2017-10970, CVE-2017-11163, CVE-2017-11691, CVE-2017-12065, CVE-2017-12066) |
| oval:org.secpod.oval:def:1800715 | 8530 CVE-2018-6003 |
[3.4] libtasn1: Stack exhaustion due to indefinite recursion during BER decoding (CVE-2018-6003) |
| oval:org.secpod.oval:def:1800716 | 6235 CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 |
[3.4] wireshark: Multiple issues (CVE-2016-7175, CVE-2016-7176, CVE-2016-7177, CVE-2016-7178, CVE-2016-7179, CVE-2016-7180) |
| oval:org.secpod.oval:def:1800717 | 6157 CVE-2016-3120 |
[3.5] krb5: S4U2Self KDC crash when anon is restricted (CVE-2016-3120) |
| oval:org.secpod.oval:def:1800718 | 6819 CVE-2016-10169 CVE-2016-1017 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172 |
[3.4] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172) |
| oval:org.secpod.oval:def:1800719 | 7727 CVE-2017-12904 |
[3.6] newsbeuter: Remote code execution (CVE-2017-12904) |
| oval:org.secpod.oval:def:1800720 | 8114 CVE-2017-3735 CVE-2017-3736 |
[3.6] openssl: Multiple vulnerabilities (CVE-2017-3735, CVE-2017-3736) |
| oval:org.secpod.oval:def:1800721 | 7721 CVE-2017-7555 |
[3.5] augeas: Improper handling of escaped strings leading to memory corruption (CVE-2017-7555) |
| oval:org.secpod.oval:def:1800722 | 6189 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 |
[3.5] php5: Multiple issues (CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418) |
| oval:org.secpod.oval:def:1800723 | 7419 CVE-2017-7507 |
[3.4] gnutls: Crash upon receiving well-formed status_request extension (CVE-2017-7507) |
| oval:org.secpod.oval:def:1800724 | 8207 CVE-2017-11399 CVE-2017-11665 CVE-2017-11719 CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223 CVE-2017-14225 CVE-2017-14767 CVE-2017-15186 CVE-2017-9991 CVE-2017-9992 CVE-2017-9993 CVE-2017-9994 CVE-2017-9996 |
[3.5] ffmpeg: Multiple vulnerabilities (CVE-2017-9991, CVE-2017-9992, CVE-2017-9993, CVE-2017-14767, CVE-2017-15186) |
| oval:org.secpod.oval:def:1800725 | 8159 CVE-2017-1000256 |
[3.5] libvirt: TLS certificate verification disabled for clients (CVE-2017-1000256) |
| oval:org.secpod.oval:def:1800726 | 8393 CVE-2017-16879 |
[3.6] ncurses:Stack based buffer overflow (CVE-2017-16879) |
| oval:org.secpod.oval:def:1800727 | 6397 CVE-2016-6321 |
[3.5] tar: extract pathname bypass (CVE-2016-6321) |
| oval:org.secpod.oval:def:1800731 | 7540 CVE-2017-11103 |
[3.5] heimdal: Orpheus& |
| oval:org.secpod.oval:def:1800732 | 7329 CVE-2017-6891 |
[3.5] libtasn1: asn1_find_node() based stackoverflow (CVE-2017-6891) |
| oval:org.secpod.oval:def:1800733 | 7655 CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 |
[3.5] curl: Multiple vulnerabilities (CVE-2017-1000100, CVE-2017-1000101) |
| oval:org.secpod.oval:def:1800734 | 5849 CVE-2016-4324 |
[3.5] libreoffice: Dereference of invalid STL iterator on processing RTF file (CVE-2016-4324) |
| oval:org.secpod.oval:def:1800735 | 7662 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 |
[3.5] postgresql: Multiple vulnerabilities (CVE-2017-7546, CVE-2017-7547, CVE-2017-7548) |
| oval:org.secpod.oval:def:1800736 | 7417 CVE-2017-7507 |
[3.6] gnutls: Crash upon receiving well-formed status_request extension (CVE-2017-7507) |
| oval:org.secpod.oval:def:1800737 | 8586 CVE-2017-18190 |
[3.4] cups: A localhost.localdomain whitelist entry in valid_host() (CVE-2017-18190) |
| oval:org.secpod.oval:def:1800739 | 6509 CVE-2016-8568 CVE-2016-8569 |
[3.4] libgit2: Multiple issues (CVE-2016-8568, CVE-2016-8569) |
| oval:org.secpod.oval:def:1800740 | 6308 CVE-2016-7944 |
[3.4] libXfixes: Integer overflow on illegal server response (CVE-2016-7944) |
| oval:org.secpod.oval:def:1800742 | 7357 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 |
[3.5] zlib: Multiple vulnerabilities (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843) |
| oval:org.secpod.oval:def:1800743 | 7603 CVE-2017-10790 |
[3.5] libtasn1: NULL pointer dereference in the _asn1_check_identifier function (CVE-2017-10790) |
| oval:org.secpod.oval:def:1800744 | 8015 CVE-2017-13765 CVE-2017-13766 CVE-2017-13767 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 |
[3.5] wireshark: Multiple vulnerabilities (CVE-2017-15191, CVE-2017-15192, CVE-2017-15193) |
| oval:org.secpod.oval:def:1800745 | 7759 CVE-2017-11423 CVE-2017-6419 |
[3.4] libmspack: Multiple vulnerabilities (CVE-2017-6419, CVE-2017-11423) |
| oval:org.secpod.oval:def:1800746 | 7866 CVE-2017-2862 |
[3.6] gdk-pixbuf: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function (CVE-2017-2862) |
| oval:org.secpod.oval:def:1800748 | 6064 CVE-2016-6313 |
[3.4] libgcrypt: PRNG output is predictable (CVE-2016-6313) |
| oval:org.secpod.oval:def:1800749 | 7349 CVE-2017-9022 CVE-2017-9023 |
[3.4] strongswan: Multiple vulnerabilities (CVE-2017-9022, CVE-2017-9023) |
| oval:org.secpod.oval:def:1800750 | 5800 CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 |
[3.4] python: security vulnerabilities (CVE-2016-0772 , CVE-2016-5636 , CVE-2016-5699) |
| oval:org.secpod.oval:def:1800751 | 7006 CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5409 CVE-2017-5410 CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 |
[3.5] firefox-esr: Multiple vulnerabilities (CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5409, CVE….CVE-2017-5469) |
| oval:org.secpod.oval:def:1800752 | 7757 CVE-2017-11423 CVE-2017-6419 |
[3.6] libmspack: Multiple vulnerabilities (CVE-2017-6419, CVE-2017-11423) |
| oval:org.secpod.oval:def:1800753 | 7647 CVE-2017-12562 |
[3.6] libsndfile: Heap-based Buffer Overflow (CVE-2017-12562) |
| oval:org.secpod.oval:def:1800754 | 5178 CVE-2016-0787 |
[3.4] libssh2: Wrong calculation of Diffie Helllman secret length (CVE-2016-0787) |
| oval:org.secpod.oval:def:1800756 | 7196 CVE-2017-8073 |
[3.4] weechat: Buffer overflow in the irc_ctcp_dcc_filename_without_quotes function (CVE-2017-8073) |
| oval:org.secpod.oval:def:1800757 | 7635 CVE-2017-11108 |
[3.5] tcpdump: heap-based buffer over-read and application crash (CVE-2017-11108) |
| oval:org.secpod.oval:def:1800758 | 8190 CVE-2017-15873 CVE-2017-15874 CVE-2017-16544 |
[3.4] busybox: Multiple vulnerabilities (CVE-2017-15873, CVE-2017-16544) |
| oval:org.secpod.oval:def:1800759 | 8229 CVE-2017-16612 |
[3.5] libxcursor: heap overflows when parsing malicious files (CVE-2017-16612) |
| oval:org.secpod.oval:def:1800760 | 6940 CVE-2016-0736 CVE-2016-2161 CVE-2016-8740 CVE-2016-8743 |
[3.4] apache2: Multiple vulnerabilities (CVE-2016-0736, CVE-2016-2161, CVE-2016-8740, CVE-2016-8743) |
| oval:org.secpod.oval:def:1800762 | 6729 CVE-2017-5618 |
[3.6] Screen: root exploit 4.5.0 |
| oval:org.secpod.oval:def:1800763 | 5125 CVE-2015-8629 CVE-2015-8630 CVE-2015-8631 |
[3.4] Krb5: Multiple vulnerabilities (CVE-2015-8629, CVE-2015-8630, CVE-2015-8631) |
| oval:org.secpod.oval:def:1800764 | 6540 CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818 CVE-2016-9932 |
[3.5] xen: Multiple issues (CVE-2016-9932, CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818) |
| oval:org.secpod.oval:def:1800765 | 5823 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 |
[3.5] tiff: Several vulnerabilities (CVE-2015-8665, CVE-2015-8683, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2015-8784) |
| oval:org.secpod.oval:def:1800766 | 7051 CVE-2017-2619 |
[3.5] samba: Symlink race allows access outside share definition (CVE-2017-2619) |
| oval:org.secpod.oval:def:1800767 | 7821 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 |
[3.5] xen: Multiple vulnerabilities (CVE-2017-14316, CVE-2017-14317, CVE-2017-14318, CVE-2017-14319) |
| oval:org.secpod.oval:def:1800768 | 8147 CVE-2017-16231 CVE-2017-16232 |
[3.5] tiff: memory-based DoS in tiff2bw (CVE-2017-16232) |
| oval:org.secpod.oval:def:1800769 | 8154 CVE-2017-12172 CVE-2017-15098 CVE-2017-15099 |
[3.5] postgresql: Multiple vulnerabilities (CVE-2017-12172, CVE-2017-15098, CVE-2017-15099) |
| oval:org.secpod.oval:def:1800770 | 7113 CVE-2016-9603 CVE-2017-7228 |
[3.5] xen: Multiple issues (CVE-2016-9603, CVE-2017-7228) |
| oval:org.secpod.oval:def:1800771 | 5834 CVE-2016-5701 CVE-2016-5702 CVE-2016-5703 CVE-2016-5704 CVE-2016-5705 CVE-2016-5706 CVE-2016-5730 CVE-2016-5731 CVE-2016-5732 CVE-2016-5733 CVE-2016-5734 CVE-2016-5739 |
[3.5] phpmyadmin: Multiple issues (CVE-2016-5701, CVE-2016-5703, CVE-2016-5705, CVE-2016-5706, CVE-2016-5730, CVE-2016-5731, CVE-2016-5733, CVE-2016-5734, CVE-2016-5739) |
| oval:org.secpod.oval:def:1800772 | 7905 CVE-2017-11185 |
[3.4] strongswan: Insufficient Input Validation in gmp Plugin (CVE-2017-11185) |
| oval:org.secpod.oval:def:1800773 | 6778 CVE-2016-10165 |
[3.5] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165) |
| oval:org.secpod.oval:def:1800775 | 8517 CVE-2017-14632 CVE-2017-14633 |
[3.5] libvorbis: Multiple vulnerabilities (CVE-2017-14632, CVE-2017-14633) |
| oval:org.secpod.oval:def:1800777 | 8155 CVE-2017-12172 CVE-2017-15098 CVE-2017-15099 |
[3.4] postgresql: Multiple vulnerabilities (CVE-2017-12172, CVE-2017-15098, CVE-2017-15099) |
| oval:org.secpod.oval:def:1800778 | 8330 CVE-2017-6362 CVE-2017-7890 |
[3.5] gd: Multiple vulnerabilities (CVE-2017-6362, CVE-2017-7890) |
| oval:org.secpod.oval:def:1800779 | 7834 CVE-2017-0378 CVE-2017-0379 |
[3.4] libgcrypt: Missing input validation for X25519 curve (CVE-2017-0379) |
| oval:org.secpod.oval:def:1800780 | 8418 CVE-2017-3145 |
[3.6] bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) |
| oval:org.secpod.oval:def:1800781 | 5609 CVE-2016-3074 |
[3.4] gd: signedness vulnerability causing heap overflow (CVE-2016-3074) |
| oval:org.secpod.oval:def:1800782 | 7126 CVE-2016-9318 |
[3.5] libxml2: XML External Entity vulnerability (CVE-2016-9318) |
| oval:org.secpod.oval:def:1800783 | 6224 CVE-2016-2776 |
[3.4] bind: Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request (CVE-2016-2776) |
| oval:org.secpod.oval:def:1800784 | 7930 CVE-2017-14727 |
[3.5] weechat: crash in logger plugin when converting date/time specifiers in file mask (CVE-2017-14727) |
| oval:org.secpod.oval:def:1800786 | 8014 CVE-2017-13765 CVE-2017-13766 CVE-2017-13767 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 |
[3.6] wireshark: Multiple vulnerabilities (CVE-2017-15191, CVE-2017-15192, CVE-2017-15193) |
| oval:org.secpod.oval:def:1800787 | 5965 CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 |
[3.5] libidn: Multiple security issues (CVE-2016-6263, CVE-2015-8948, CVE-2016-6262, CVE-2016-6261) |
| oval:org.secpod.oval:def:1800788 | 7206 CVE-2016-10198 CVE-2016-10199 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2017-5840 CVE-2017-5841 CVE-2017-5845 |
[3.4] gst-plugins-good1: Multiple vulnerabilities (CVE-2016-10198, CVE-2016-10199, CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808, CVE-2017-5840, CVE-2017-5841, CVE-2017-5845) |
| oval:org.secpod.oval:def:1800789 | 6952 CVE-2017-6188 |
[3.5] munin: Local file write vulnerability with CGI graphs enabled (CVE-2017-6188) |
| oval:org.secpod.oval:def:1800790 | 5926 CVE-2016-6210 |
[3.4] openssh: User enumeration via covert timing channel (CVE-2016-6210) |
| oval:org.secpod.oval:def:1800791 | 7074 CVE-2017-6542 |
[3.5] putty: Integer overflow in the ssh_agent_channel_data (CVE-2017-6542) |
| oval:org.secpod.oval:def:1800792 | 7289 CVE-2017-8903 CVE-2017-8904 CVE-2017-8905 |
[3.5] xen: Multiple issues (CVE-2017-8903, CVE-2017-8904) |
| oval:org.secpod.oval:def:1800793 | 6257 CVE-2016-5180 |
[3.4] c-ares: Single byte out of buffer write (CVE-2016-5180) |
| oval:org.secpod.oval:def:1800794 | 8041 CVE-2017-1000257 |
[3.4] curl: IMAP FETCH response out of bounds read (CVE-2017-1000257) |
| oval:org.secpod.oval:def:1800795 | 8356 CVE-2017-16671 CVE-2017-16672 CVE-2017-17090 CVE-2017-17664 CVE-2017-17850 |
[3.4] asterisk: Multiple vulnerabilities (CVE-2017-16671, CVE-2017-16672, CVE-2017-17090, CVE-2017-17664, CVE-2017-17850) |
| oval:org.secpod.oval:def:1800796 | 8226 CVE-2017-16611 |
[3.4] libxfont: Open files with O_NOFOLLOW (CVE-2017-16611) |
| oval:org.secpod.oval:def:1800797 | 5971 CVE-2015-8934 CVE-2016-4300 CVE-2016-4302 CVE-2016-4809 CVE-2016-5844 CVE-2016-6250 |
[3.4] libarchive: Multiple issues (CVE-2015-8934, CVE-2016-4300, CVE-2016-4302, CVE-2016-4809, CVE-2016-5844, CVE-2016-6250) |
| oval:org.secpod.oval:def:1800798 | 6462 CVE-2016-9013 CVE-2016-9014 |
[3.5] py-django: security issues (CVE-2016-9013, CVE-2016-9014) |
| oval:org.secpod.oval:def:1800799 | 5250 CVE-2016-2563 |
[3.4] putty: old-style scp downloads may allow remote code execution (CVE-2016-2563) |
| oval:org.secpod.oval:def:1800800 | 6176 CVE-2016-2179 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6303 |
[3.5] openssl: Multiple issues (CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE-2016-6303) |
| oval:org.secpod.oval:def:1800801 | 6134 CVE-2016-5420 CVE-2016-7141 |
[3.4] curl: Incorrect reuse of client certificates (CVE-2016-7141) |
| oval:org.secpod.oval:def:1800802 | 7477 CVE-2017-7526 CVE-2017-9526 |
[3.5] Libgcrypt 1.7.8 released to fix CVE-2017-7526 |
| oval:org.secpod.oval:def:1800803 | 6348 CVE-2016-7777 |
[3.5] xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (CVE-2016-7777) |
| oval:org.secpod.oval:def:1800804 | 7963 CVE-2017-1000254 |
[3.5] curl: FTP PWD response parser out of bounds read (CVE-2017-1000254) |
| oval:org.secpod.oval:def:1800805 | 6364 CVE-2016-8605 CVE-2016-8606 |
[3.5] guile: multiple issues (CVE-2016-8605, CVE-2016-8606) |
| oval:org.secpod.oval:def:1800806 | 7418 CVE-2017-7507 |
[3.5] gnutls: Crash upon receiving well-formed status_request extension (CVE-2017-7507) |
| oval:org.secpod.oval:def:1800807 | 6277 CVE-2016-5407 |
[3.5] libxv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407) |
| oval:org.secpod.oval:def:1800808 | 6835 CVE-2017-5930 |
[3.5] postfixadmin: allows to delete protected aliases (CVE-2017-5930) |
| oval:org.secpod.oval:def:1800809 | 6852 CVE-2017-5969 |
[3.6] libxml2: null pointer dereference when parsing a xml file using recover mode (CVE-2017-5969) |
| oval:org.secpod.oval:def:1800810 | 6887 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 |
[3.6] webkit2gtk: Several vulnerabilities (CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373) |
| oval:org.secpod.oval:def:1800811 | 5238 | [3.4] drupal7: Multiple Vulnerabilities (no CVE) |
| oval:org.secpod.oval:def:1800812 | 6830 CVE-2017-3135 |
[3.4] bind: Combination of DNS64 and RPZ Can Lead to Crash (CVE-2017-3135) |
| oval:org.secpod.oval:def:1800813 | 8215 CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 |
[3.4] curl: Multiple vulnerabilities (CVE-2017-8816, CVE-2017-8817) |
| oval:org.secpod.oval:def:1800814 | 5426 CVE-2016-1651 CVE-2016-1652 CVE-2016-1653 CVE-2016-1654 CVE-2016-1655 CVE-2016-1656 CVE-2016-1657 CVE-2016-1658 CVE-2016-1659 CVE-2016-1660 CVE-2016-1661 CVE-2016-1662 CVE-2016-1667 CVE-2016-1668 CVE-2016-1669 |
[3.4] chromium: Multiple Security Fixes (CVE-2016-1651, CVE-2016-1652, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659) |
| oval:org.secpod.oval:def:1800815 | 6398 CVE-2016-6321 |
[3.4] tar: extract pathname bypass (CVE-2016-6321) |
| oval:org.secpod.oval:def:1800816 | 8083 CVE-2017-16227 |
[3.6] quagga: remote denial of service via BGP UPDATE messages (CVE-2017-16227) |
| oval:org.secpod.oval:def:1800817 | 7810 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 |
[3.6] php7: Multiple vulnerabilities (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229) |
| oval:org.secpod.oval:def:1800819 | 7636 CVE-2017-11108 |
[3.4] tcpdump: heap-based buffer over-read and application crash (CVE-2017-11108) |
| oval:org.secpod.oval:def:1800820 | 7190 CVE-2017-7867 CVE-2017-7868 |
[3.5] icu: multiple issues (CVE-2017-7867, CVE-2017-7868) |
| oval:org.secpod.oval:def:1800821 | 6853 CVE-2017-5969 |
[3.5] libxml2: null pointer dereference when parsing a xml file using recover mode (CVE-2017-5969) |
| oval:org.secpod.oval:def:1800822 | 5738 CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2824 CVE-2016-2828 CVE-2016-2831 |
[3.4] firefox-esr: Multiple vulnerabilities (CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2824, CVE-2016-2828, CVE-2016-2831) |
| oval:org.secpod.oval:def:1800824 | 5687 CVE-2016-1651 CVE-2016-1652 CVE-2016-1653 CVE-2016-1660 CVE-2016-1661 CVE-2016-1662 CVE-2016-1667 CVE-2016-1668 CVE-2016-1669 CVE-2016-1670 CVE-2016-1671 CVE-2016-1672 CVE-2016-1673 CVE-2016-1674 CVE-2016-1675 CVE-2016-1676 CVE-2016-1677 CVE-2016-1678 CVE-2016-1679 CVE-2016-1680 CVE-2016-1681 CVE-2016-1682 CVE-2016-1683 CVE-2016-1684 CVE-2016-1685 CVE-2016-1686 CVE-2016-1687 CVE-2016-1688 CVE-2016-1689 CVE-2016-1690 CVE-2016-1691 CVE-2016-1692 CVE-2016-1693 CVE-2016-1694 CVE-2016-1695 |
[3.4] chromium: Multiple vulnerabilities (CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1694, CVE-2016-1695) |
| oval:org.secpod.oval:def:1800825 | 6307 CVE-2016-7944 |
[3.5] libXfixes: Integer overflow on illegal server response (CVE-2016-7944) |
| oval:org.secpod.oval:def:1800827 | 7864 CVE-2017-14482 |
[3.6] emacs: Unsafe enriched mode translations (CVE-2017-14482) |
| oval:org.secpod.oval:def:1800828 | 7545 CVE-2017-1000083 |
[3.6] evince: command injection via filename in tar-compressed comics archive (CVE-2017-1000083) |
| oval:org.secpod.oval:def:1800830 | 4993 CVE-2015-8369 CVE-2015-8377 |
[3.4] cacti: Security issues (CVE-2015-8369, CVE-2015-8377) |
| oval:org.secpod.oval:def:1800831 | 6623 CVE-2016-10033 CVE-2016-10045 |
[3.5] phpmailer: Remote Code Execution (CVE-2016-10033, CVE-2016-10045) |
| oval:org.secpod.oval:def:1800834 | 7877 CVE-2017-12904 CVE-2017-14500 |
[3.6] newsbeuter: remote code execution (CVE-2017-14500) |
| oval:org.secpod.oval:def:1800835 | 6818 CVE-2016-10169 CVE-2016-1017 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172 |
[3.5] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172) |
| oval:org.secpod.oval:def:1800836 | 6511 CVE-2016-9296 |
[3.4] p7zip: Null pointer dereference in 7zIn.cpp (CVE-2016-9296) |
| oval:org.secpod.oval:def:1800838 | 5913 CVE-2016-6186 |
[3.4] py-django: XSS in admin& |
| oval:org.secpod.oval:def:1800839 | 7602 CVE-2017-10790 |
[3.6] libtasn1: NULL pointer dereference in the _asn1_check_identifier function (CVE-2017-10790) |
| oval:org.secpod.oval:def:1800840 | 5472 CVE-2016-1283 CVE-2016-3191 |
[3.4] pcre: Several vulnerabilities (CVE-2016-1283, CVE-2016-3191) |
| oval:org.secpod.oval:def:1800842 | 7533 CVE-2017-11103 |
[3.6] samba: Orpheus& |
| oval:org.secpod.oval:def:1800843 | 5790 CVE-2016-4425 |
[3.5] jansson: stack exhaustion parsing a JSON file (CVE-2016-4425) |
| oval:org.secpod.oval:def:1800844 | 8283 CVE-2017-15906 |
[3.6] openssh: Improper write operations in readonly mode allow for zero-length file creation (CVE-2017-15906) |
| oval:org.secpod.oval:def:1800845 | 6829 CVE-2017-3135 |
[3.5] bind: Combination of DNS64 and RPZ Can Lead to Crash (CVE-2017-3135) |
| oval:org.secpod.oval:def:1800846 | 6756 CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 |
[3.5] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055) |
| oval:org.secpod.oval:def:1800847 | 6624 CVE-2016-10033 CVE-2016-10045 |
[3.4] phpmailer: Remote Code Execution (CVE-2016-10033, CVE-2016-10045) |
| oval:org.secpod.oval:def:1800848 | 8040 CVE-2017-1000257 |
[3.5] curl: IMAP FETCH response out of bounds read (CVE-2017-1000257) |
| oval:org.secpod.oval:def:1800849 | 6956 CVE-2017-6311 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314 |
[3.4] gdk-pixbuf: Multiple vulnerabilities (CVE-2017-6311, CVE-2017-6312, CVE-2017-6313, CVE-2017-6314) |
| oval:org.secpod.oval:def:1800850 | 8284 CVE-2017-15906 |
[3.5] openssh: Improper write operations in readonly mode allow for zero-length file creation (CVE-2017-15906) |
| oval:org.secpod.oval:def:1800851 | 6102 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-6589 |
[3.4] imagemagick: Multiple issues (CVE-2016-5010, CVE… CVE-2016-5690, CVE-2016-5691, CVE-2016-5841, CVE-2016-5842, CVE-2016-6491) |
| oval:org.secpod.oval:def:1800852 | 7378 CVE-2017-9343 CVE-2017-9344 CVE-2017-9345 CVE-2017-9346 CVE-2017-9347 CVE-2017-9348 CVE-2017-9349 CVE-2017-9350 CVE-2017-9351 CVE-2017-9352 CVE-2017-9353 CVE-2017-9354 |
[3.5] wireshark: Multiple vulnerabilities (CVE-2017-9343, CVE-2017-9344, CVE-2017-9345, CVE-2017-9346, CVE-2017-9347, CVE-2017-9348, CVE-2017-9349, CVE-2017-9350, CVE-2017-9351, CVE-2017-9352, CVE-2017-9353, CVE-2017-9354) |
| oval:org.secpod.oval:def:1800854 | 7564 CVE-2017-10684 CVE-2017-10685 |
[3.6] ncurses: buffer overflow in the fmt_entry function(CVE-2017-10684, CVE-2017-10685) |
| oval:org.secpod.oval:def:1800855 | 7654 CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 |
[3.6] curl: Multiple vulnerabilities (CVE-2017-1000100, CVE-2017-1000101) |
| oval:org.secpod.oval:def:1800856 | 5201 CVE-2015-8377 CVE-2015-8604 |
[3.4] cacti: SQL injection in graps_new.php via cg_g parameter (CVE-2015-8604) |
| oval:org.secpod.oval:def:1800857 | 7002 CVE-2017-2640 |
[3.4] pidgin: Out-of-bounds write when stripping xml (CVE-2017-2640) |
| oval:org.secpod.oval:def:1800858 | 5243 CVE-2016-1285 CVE-2016-1286 CVE-2016-2088 |
[3.4] bind: Multiple issues (CVE-2016-1285, CVE-2016-1286, CVE-2016-2088) |
| oval:org.secpod.oval:def:1800859 | 7368 CVE-2017-7650 |
[3.5] mosquitto: Pattern based ACLs can be bypassed (CVE-2017-7650) |
| oval:org.secpod.oval:def:1800861 | 7363 CVE-2017-9287 |
[3.5] openldap: Double free vulnerability in servers/slapd/back-mdb/search.c (CVE-2017-9287) |
| oval:org.secpod.oval:def:1800862 | 7892 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 |
[3.6] samba: Multiple vulnerabilities (CVE-2017-12150, CVE-2017-12151, CVE-2017-12163) |
| oval:org.secpod.oval:def:1800863 | 7267 CVE-2016-10244 CVE-2017-8105 CVE-2017-8287 |
[3.5] freetype: Multiple vulnerabilities (CVE-2016-10244, CVE-2017-8105, CVE-2017-8287) |
| oval:org.secpod.oval:def:1800866 | 5328 CVE-2015-8607 |
[3.4] perl-PathTools: Taint propagation flaw in canonpath() (CVE-2015-8607) |
| oval:org.secpod.oval:def:1800868 | 7268 CVE-2016-10244 CVE-2017-8105 CVE-2017-8287 |
[3.4] freetype: Multiple vulnerabilities (CVE-2016-10244, CVE-2017-8105, CVE-2017-8287) |
| oval:org.secpod.oval:def:1800870 | 7515 CVE-2017-10965 CVE-2017-10966 |
[3.5] irssi: Multiple issues (CVE-2017-10965, CVE-2017-10966) |
| oval:org.secpod.oval:def:1800871 | 5958 CVE-2016-5399 |
[3.5] php5: out-of-bounds write in bzread() (CVE-2016-5399) |
| oval:org.secpod.oval:def:1800872 | 8148 CVE-2017-16231 CVE-2017-16232 |
[3.4] tiff: memory-based DoS in tiff2bw (CVE-2017-16232) |
| oval:org.secpod.oval:def:1800873 | 7574 CVE-2017-1000050 |
[3.5] jasper: NULL pointer exception in the function jp2_encode (CVE-2017-1000050) |
| oval:org.secpod.oval:def:1800874 | 6301 CVE-2016-7945 CVE-2016-7946 |
[3.5] libxi: various flaws (CVE-2016-7945, CVE-2016-7946) |
| oval:org.secpod.oval:def:1800875 | 5540 CVE-2016-1651 CVE-2016-1652 CVE-2016-1653 CVE-2016-1660 CVE-2016-1661 CVE-2016-1662 CVE-2016-1663 CVE-2016-1664 CVE-2016-1665 CVE-2016-1666 CVE-2016-1667 CVE-2016-1668 CVE-2016-1669 |
[3.4] chromium: Multiple vulnerabilities (CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666) |
| oval:org.secpod.oval:def:1800876 | 7504 CVE-2017-10911 CVE-2017-10912 CVE-2017-10913 CVE-2017-10914 CVE-2017-10915 CVE-2017-10916 CVE-2017-10917 CVE-2017-10918 CVE-2017-10919 CVE-2017-10920 CVE-2017-10921 CVE-2017-10922 CVE-2017-10923 |
[3.5] xen: Multiple vulnerabilities (CVE-2017-10911, CVE-2017-10912, CVE-2017-10913, CVE-2017-10914, CVE-2017-10915, CVE-2017-10916, CVE-2017-10917, CVE-2017-10918, CVE-2017-10919, CVE-2017-10920, CVE-2017-10921, CVE-2017-10922, CVE-2017-10923) |
| oval:org.secpod.oval:def:1800877 | 6779 CVE-2016-10165 |
[3.4] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165) |
| oval:org.secpod.oval:def:1800878 | 6314 CVE-2016-7942 CVE-2016-7943 |
[3.4] libx11: Insufficient validation of server responses in XGetImage() and FontNames (CVE-2016-7942, CVE-2016-7943) |
| oval:org.secpod.oval:def:1800880 | 6584 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 |
[3.4] openssh: multiple issues (CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012) |
| oval:org.secpod.oval:def:1800881 | 7427 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 |
[3.6] graphite2: Multiple vulnerabilities (CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778) |
| oval:org.secpod.oval:def:1800882 | 5414 CVE-2011-5326 CVE-2016-3993 CVE-2016-3994 |
[3.4] imlib2: Security issues (CVE-2011-5326, CVE-2016-3993, CVE-2016-3994) |
| oval:org.secpod.oval:def:1800884 | 6571 CVE-2016-10013 CVE-2016-10024 CVE-2016-10025 |
[3.4] xen: Multiple issues (CVE-2016-10024, CVE-2016-10025, CVE-2016-10013) |
| oval:org.secpod.oval:def:1800885 | 7044 CVE-2016-2120 CVE-2016-7068 CVE-2016-7072 CVE-2016-7073 CVE-2016-7074 |
[3.5] pdns: Multiple vulnerabilities (CVE-2016-2120, CVE-2016-7068, CVE-2016-7072, CVE-2016-7073, CVE-2016-7074) |
| oval:org.secpod.oval:def:1800887 | 8043 CVE-2017-15041 CVE-2017-15042 |
[3.6] go: Multiple vulnerabilities (CVE-2017-15041, CVE-2017-15042) |
| oval:org.secpod.oval:def:1800888 | 6152 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7154 |
[3.4] xen: Multiple issues (CVE-2016-7092, CVE-2016-7093, CVE-2016-7094) |
| oval:org.secpod.oval:def:1800890 | 7347 CVE-2017-9022 CVE-2017-9023 |
[3.6] strongswan: Multiple vulnerabilities (CVE-2017-9022, CVE-2017-9023) |
| oval:org.secpod.oval:def:1800891 | 7118 CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 |
[3.6] tiff: Multiple vulnerabilities (CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7597, CVE-2017-7598, CVE-2017-7599, CVE-2017-7600, CVE-2017-7601, CVE-2017-7602) |
| oval:org.secpod.oval:def:1800892 | 6599 CVE-2016-9586 CVE-2016-9594 CVE-2016-9952 CVE-2016-9953 |
[3.4] curl: printf floating point buffer overflow (CVE-2016-9586) |
| oval:org.secpod.oval:def:1800893 | 8208 CVE-2017-11399 CVE-2017-11665 CVE-2017-11719 CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223 CVE-2017-14225 CVE-2017-14767 CVE-2017-15186 CVE-2017-9991 CVE-2017-9992 CVE-2017-9993 CVE-2017-9994 CVE-2017-9996 |
[3.4] ffmpeg: Multiple vulnerabilities (CVE-2017-9991, CVE-2017-9992, CVE-2017-9993, CVE-2017-14767, CVE-2017-15186) |
| oval:org.secpod.oval:def:1800894 | 5232 CVE-2016-1577 CVE-2016-2089 CVE-2016-2116 |
[3.4] jasper: Security issues (CVE-2016-1577, CVE-2016-2089, CVE-2016-2116) |
| oval:org.secpod.oval:def:1800895 | 7127 CVE-2016-9318 |
[3.4] libxml2: XML External Entity vulnerability (CVE-2016-9318) |
| oval:org.secpod.oval:def:1800896 | 7191 CVE-2017-7867 CVE-2017-7868 |
[3.4] icu: multiple issues (CVE-2017-7867, CVE-2017-7868) |
| oval:org.secpod.oval:def:1800897 | 7912 CVE-2017-13765 CVE-2017-13766 CVE-2017-13767 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 |
[3.5] wireshark: Multiple vulnerabilities (CVE-2017-13765, CVE-2017-13766, CVE-2017-13767) |
| oval:org.secpod.oval:def:1800898 | 7597 CVE-2017-11126 CVE-2017-9545 CVE-2017-9870 |
[3.4] mpg123: global buffer overflow in III_i_stereo (layer3.c) (CVE-2017-11126) |
| oval:org.secpod.oval:def:1800899 | 6812 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 |
[3.5] tcpdump: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800900 | 6863 CVE-2017-5953 |
[3.5] vim: Tree length values not validated properly when handling a spell file (CVE-2017-5953) |
| oval:org.secpod.oval:def:1800901 | 8420 CVE-2017-3145 |
[3.4] bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) |
| oval:org.secpod.oval:def:1800903 | 5995 | [3.4] dropbear: 2016.74 security update |
| oval:org.secpod.oval:def:1800904 | 8463 CVE-2017-18013 |
[3.5] Tiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() (CVE-2017-18013) |
| oval:org.secpod.oval:def:1800905 | 7894 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 |
[3.4] samba: Multiple vulnerabilities (CVE-2017-12150, CVE-2017-12151, CVE-2017-12163) |
| oval:org.secpod.oval:def:1800906 | 7016 CVE-2017-3302 CVE-2017-3313 |
[3.4] mariadb: Multiple vulnerabilities (CVE-2017-3313, CVE-2017-3302) |
| oval:org.secpod.oval:def:1800907 | 8355 CVE-2017-16671 CVE-2017-16672 CVE-2017-17090 CVE-2017-17664 CVE-2017-17850 |
[3.5] asterisk: Multiple vulnerabilities (CVE-2017-16671, CVE-2017-16672, CVE-2017-17090, CVE-2017-17664, CVE-2017-17850) |
| oval:org.secpod.oval:def:1800909 | 6955 CVE-2017-6311 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314 |
[3.5] gdk-pixbuf: Multiple vulnerabilities (CVE-2017-6311, CVE-2017-6312, CVE-2017-6313, CVE-2017-6314) |
| oval:org.secpod.oval:def:1800910 | 7813 CVE-2017-9224 CVE-2017-9225 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 |
[3.5] oniguruma: Multiple vulnerabilities (CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228) |
| oval:org.secpod.oval:def:1800911 | 7227 CVE-2016-9811 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 |
[3.5] gst-plugins-base1: Multiple vulnerabilities (CVE-2016-9811, CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844) |
| oval:org.secpod.oval:def:1800912 | 8397 CVE-2017-16931 |
[3.6] libxml2: Mishandling parameter-entity references (CVE-2017-16931) |
| oval:org.secpod.oval:def:1800913 | 6798 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 |
[3.6] libevent: Multiple issues (CVE-2016-10195, CVE-2016-10196, CVE-2016-10197) |
| oval:org.secpod.oval:def:1800914 | 8213 CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 |
[3.6] curl: Multiple vulnerabilities (CVE-2017-8816, CVE-2017-8817, CVE-2017-8818) |
| oval:org.secpod.oval:def:1800915 | 8516 CVE-2017-14632 CVE-2017-14633 |
[3.6] libvorbis: Multiple vulnerabilities (CVE-2017-14632, CVE-2017-14633) |
| oval:org.secpod.oval:def:1800916 | 6501 CVE-2016-1248 |
[3.4] vim: Lack of validation of values for few options results in code exection (CVE-2016-1248) |
| oval:org.secpod.oval:def:1800917 | 7805 CVE-2017-14166 |
[3.5] libarchive: heap-based buffer overflow in xml_data (CVE-2017-14166) |
| oval:org.secpod.oval:def:1800918 | 7293 CVE-2016-10327 CVE-2017-7870 |
[3.5] libreoffice: Heap-buffer-overflow in WMF polygon processing and EMF filter (CVE-2017-7870, CVE-2016-10327) |
| oval:org.secpod.oval:def:1800919 | 6195 CVE-2016-6606 CVE-2016-6607 CVE-2016-6608 CVE-2016-6609 CVE-2016-6610 CVE-2016-6611 CVE-2016-6612 CVE-2016-6613 CVE-2016-6614 CVE-2016-6615 CVE-2016-6616 CVE-2016-6617 CVE-2016-6618 CVE-2016-6619 CVE-2016-6620 CVE-2016-6622 CVE-2016-6623 CVE-2016-6624 CVE-2016-6625 CVE-2016-6626 CVE-2016-6627 CVE-2016-6628 CVE-2016-6629 CVE-2016-6630 CVE-2016-6631 CVE-2016-6632 CVE-2016-6633 |
[3.5] phpmyadmin: Multiple vulnerabilities (Various CVEs) |
| oval:org.secpod.oval:def:1800920 | 7478 CVE-2017-7526 CVE-2017-9526 |
[3.4] Libgcrypt 1.7.8 released to fix CVE-2017-7526 |
| oval:org.secpod.oval:def:1800921 | 8222 CVE-2017-17044 CVE-2017-17045 |
[3.4] xen: Multiple vulnerabilities (CVE-2017-17044, CVE-2017-17045) |
| oval:org.secpod.oval:def:1800922 | 6677 CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 |
[3.4] bind: Multiple security issues (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444) |