SCAP Feed Release : 28-Sep-2018

  • Post author:
  • Reading time:38 mins read

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:115129 CVE-2017-1000405
CVE-2017-12193
CVE-2017-15115
CVE-2017-16532
CVE-2017-16538
CVE-2017-16644
CVE-2017-16647
CVE-2017-16649
CVE-2017-16650
CVE-2017-17448
CVE-2017-17449
CVE-2017-17450
CVE-2017-17558
CVE-2017-17712
CVE-2017-17741
CVE-2017-17852
CVE-2017-17853
CVE-2017-17854
CVE-2017-17855
CVE-2017-17856
CVE-2017-17857
CVE-2017-17862
CVE-2017-17863
CVE-2017-17864
CVE-2017-18232
CVE-2017-8824
CVE-2018-1000004
CVE-2018-1000026
CVE-2018-10021
CVE-2018-10322
CVE-2018-10323
CVE-2018-1065
CVE-2018-10840
CVE-2018-10853
CVE-2018-1108
CVE-2018-1120
CVE-2018-11506
CVE-2018-12232
CVE-2018-12633
CVE-2018-12714
CVE-2018-12896
CVE-2018-13053
CVE-2018-13093
CVE-2018-13094
CVE-2018-13095
CVE-2018-13405
CVE-2018-14678
CVE-2018-14734
CVE-2018-15471
CVE-2018-17182
CVE-2018-3620
CVE-2018-3639
CVE-2018-3646
CVE-2018-5332
CVE-2018-5333
CVE-2018-5344
CVE-2018-5391
CVE-2018-5750
CVE-2018-5803
CVE-2018-7757
CVE-2018-7995
CVE-2018-8043
FEDORA-2018-d77cc41f35
FEDORA-2018-d77cc41f35 — Fedora 27 kernel-4.18.9-100.fc27
oval:org.secpod.oval:def:115130 CVE-2016-1549
CVE-2018-12327
CVE-2018-7170
CVE-2018-7182
CVE-2018-7183
CVE-2018-7184
CVE-2018-7185
FEDORA-2018-7051d682fa
FEDORA-2018-7051d682fa — Fedora 27 ntp-4.2.8p12-1.fc27
oval:org.secpod.oval:def:1502317 CVE-2018-14634
CVE-2018-3620
CVE-2018-3693
CVE-2018-5390
ELSA-2018-2748
ELSA-2018-2748 — Oracle kernel_python-perf_perf
oval:org.secpod.oval:def:1502318 CVE-2018-6560
ELSA-2018-2766
ELSA-2018-2766 — Oracle flatpak
oval:org.secpod.oval:def:1502319 CVE-2018-10850
CVE-2018-10935
CVE-2018-14624
CVE-2018-14638
ELSA-2018-2757
ELSA-2018-2757 — Oracle 389-ds-base
oval:org.secpod.oval:def:1502320 CVE-2017-13695
CVE-2018-16658
CVE-2018-5873
ELSA-2018-4227
ELSA-2018-4227 — Oracle kernel-uek
oval:org.secpod.oval:def:1502321 CVE-2017-13695
CVE-2018-16658
CVE-2018-5873
ELSA-2018-4227
ELSA-2018-4227 — Oracle kernel-uek
oval:org.secpod.oval:def:1502322 CVE-2018-12384
ELSA-2018-2768
ELSA-2018-2768 — Oracle nss
oval:org.secpod.oval:def:1502323 CVE-2018-0739
ELSA-2018-4228
ELSA-2018-4228 — Oracle openssl
oval:org.secpod.oval:def:1700079 ALAS-2018-1080
CVE-2018-10915
ALAS2-2018-1080 — postgresql
oval:org.secpod.oval:def:1700080 ALAS-2018-1075
CVE-2018-15473
ALAS2-2018-1075 — openssh pam_ssh_agent_auth
oval:org.secpod.oval:def:1700081 ALAS-2018-1082
CVE-2018-5740
ALAS2-2018-1082 — bind
oval:org.secpod.oval:def:1801158 9383
CVE-2018-10194
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
[3.8] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911)
oval:org.secpod.oval:def:1801159 9396
CVE-2018-14618
[3.6] curl: NTLM password overflow via integer overflow (CVE-2018-14618)
oval:org.secpod.oval:def:1801160 9320
CVE-2018-15473
[3.6] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473)
oval:org.secpod.oval:def:1801161 9394
CVE-2018-14618
[3.8] curl: NTLM password overflow via integer overflow (CVE-2018-14618)
oval:org.secpod.oval:def:1801162 9385
CVE-2018-10194
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
[3.6] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911)
oval:org.secpod.oval:def:1801163 9182
CVE-2018-14767
[3.8] kamailio: Security vulnerability in Kamailio core related to To header processing (CVE-2018-14767)
oval:org.secpod.oval:def:1801165 9319
CVE-2018-15473
[3.7] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473)
oval:org.secpod.oval:def:1801166 9379
CVE-2017-15107
[3.6] dnsmasq: Improper validation of wildcard synthesized NSEC records (CVE-2017-15107)
oval:org.secpod.oval:def:1801168 9386
CVE-2018-10194
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
[3.5] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911)
oval:org.secpod.oval:def:1801169 9321
CVE-2018-15473
[3.5] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473)
oval:org.secpod.oval:def:1801170 9184
CVE-2018-14767
[3.6] kamailio: Security vulnerability in Kamailio core related to To header processing (CVE-2018-14767)
oval:org.secpod.oval:def:1801171 9380
CVE-2017-15107
[3.5] dnsmasq: Improper validation of wildcard synthesized NSEC records (CVE-2017-15107)
oval:org.secpod.oval:def:1801172 9378
CVE-2017-15107
[3.7] dnsmasq: Improper validation of wildcard synthesized NSEC records (CVE-2017-15107)
oval:org.secpod.oval:def:1801173 9384
CVE-2018-10194
CVE-2018-15908
CVE-2018-15909
CVE-2018-15910
CVE-2018-15911
[3.7] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911)
oval:org.secpod.oval:def:1801174 9395
CVE-2018-14618
[3.7] curl: NTLM password overflow via integer overflow (CVE-2018-14618)
oval:org.secpod.oval:def:1801175 9397
CVE-2018-14618
[3.5] curl: NTLM password overflow via integer overflow (CVE-2018-14618)
oval:org.secpod.oval:def:1801176 9318
CVE-2018-15473
[3.8] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473)
oval:org.secpod.oval:def:47604 CVE-2018-10811
CVE-2018-16151
CVE-2018-16152
CVE-2018-5388
USN-3771-1
USN-3771-1 — strongswan vulnerabilities
oval:org.secpod.oval:def:47608 CVE-2013-1172 Input validation vulnerability in Cisco AnyConnect secure mobility client – CVE-2013-1172
oval:org.secpod.oval:def:47610 CVE-2013-1173 Input validation vulnerability in Cisco AnyConnect secure mobility client – CVE-2013-1173
oval:org.secpod.oval:def:47611 CVE-2013-5559 Buffer overflow vulnerability in Cisco AnyConnect secure mobility client – CVE-2013-5559
oval:org.secpod.oval:def:47612 CVE-2014-8021 Cross-site scripting (XSS) vulnerability in Cisco AnyConnect secure mobility client – CVE-2014-8021
oval:org.secpod.oval:def:47613 CVE-2015-0662 Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0662
oval:org.secpod.oval:def:47614 CVE-2015-0663 Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0663
oval:org.secpod.oval:def:47615 CVE-2015-0664 Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0664
oval:org.secpod.oval:def:47616 CVE-2015-0665 Path traversal vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-0665
oval:org.secpod.oval:def:47617 CVE-2015-6305 Untrusted search path vulnerability in Cisco AnyConnect secure mobility client – CVE-2015-6305
oval:org.secpod.oval:def:47618 CVE-2016-6369 Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2016-6369
oval:org.secpod.oval:def:47619 CVE-2016-9192 Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2016-9192
oval:org.secpod.oval:def:47620 CVE-2017-6638 Privilege escalation vulnerability in Cisco AnyConnect secure mobility client – CVE-2017-6638
oval:org.secpod.oval:def:47621 CVE-2018-0229 Session Fixation vulnerability in Cisco AnyConnect secure mobility client – CVE-2018-0229
oval:org.secpod.oval:def:47625 APPLE-SA-2018-9-24-2
CVE-2018-4191
CVE-2018-4197
CVE-2018-4299
CVE-2018-4306
CVE-2018-4309
CVE-2018-4311
CVE-2018-4312
CVE-2018-4314
CVE-2018-4315
CVE-2018-4316
CVE-2018-4317
CVE-2018-4318
CVE-2018-4319
CVE-2018-4323
CVE-2018-4328
CVE-2018-4345
CVE-2018-4358
CVE-2018-4359
CVE-2018-4361
Multiple vulnerabilities in Apple iTunes – APPLE-SA-2018-9-24-2
oval:org.secpod.oval:def:47626 CVE-2018-4191 Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4191
oval:org.secpod.oval:def:47627 CVE-2018-4311 Cross-site scripting vulnerability in Apple iTunes – CVE-2018-4311
oval:org.secpod.oval:def:47628 CVE-2018-4316 Arbitrary code execution vulnerability in Apple iTunes – CVE-2018-4316
oval:org.secpod.oval:def:47629 CVE-2018-4319 Cross-site scripting vulnerability in Apple iTunes – CVE-2018-4319
oval:org.secpod.oval:def:47630 CVE-2018-4309 Cross-site scripting vulnerability in Apple iTunes due to improper validation – CVE-2018-4309
oval:org.secpod.oval:def:47631 CVE-2018-4345 Cross-site scripting vulnerability in Apple iTunes due to improper validation – CVE-2018-4345
oval:org.secpod.oval:def:47632 CVE-2018-4361 Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4361
oval:org.secpod.oval:def:47633 CVE-2018-4299 Memory corruption vulnerability in Apple iTunes due to improper memory handling – CVE-2018-4299
oval:org.secpod.oval:def:47634 CVE-2018-4323 Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4323
oval:org.secpod.oval:def:47635 CVE-2018-4328 Memory corruption vulnerability in Apple iTunes due to improper validation – CVE-2018-4328
oval:org.secpod.oval:def:47636 CVE-2018-4358 Memory corruption vulnerability in Apple iTunes due to improper memory handling – CVE-2018-4358
oval:org.secpod.oval:def:47637 CVE-2018-4359 Memory corruption vulnerability in Apple iTunes due to improper memory handling – CVE-2018-4359
oval:org.secpod.oval:def:47638 CVE-2018-4197 Use after free vulnerability in Apple iTunes – CVE-2018-4197
oval:org.secpod.oval:def:47639 CVE-2018-4306 Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4306
oval:org.secpod.oval:def:47640 CVE-2018-4312 Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4312
oval:org.secpod.oval:def:47641 CVE-2018-4314 Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4314
oval:org.secpod.oval:def:47642 CVE-2018-4315 Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4315
oval:org.secpod.oval:def:47643 CVE-2018-4317 Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4317
oval:org.secpod.oval:def:47644 CVE-2018-4318 Use after free vulnerability in Apple iTunes due to improper validation – CVE-2018-4318
Share this article