The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:24192 CVE-2015-1235, Cross-origin bypass vulnerability in HTML parser in Google Chrome (rpm) oval:org.secpod.oval:def:24201 CVE-2015-1240, Out-of-bounds read vulnerability in WebGL in Google Chrome (dpkg) oval:org.secpod.oval:def:24202 CVE-2015-1241, Tap-jacking vulnerability in Google […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:24177 CVE-2015-0491, Unspecified vulnerability in Oracle Java SE via unknown vectors related to 2D – CVE-2015-0491 oval:org.secpod.oval:def:24186 CVE-2015-0470, Unspecified vulnerability in Oracle Java SE via unknown vectors related to […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:24133 CVE-2015-3038, Arbitrary code execution vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-3038 oval:org.secpod.oval:def:24146 CVE-2015-0355, Arbitrary code execution vulnerability in Adobe Flash Player via unspecified vectors – […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:702512 USN-2569-2, USN-2569-2 — apport vulnerability oval:org.secpod.oval:def:602050 CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573, DSA-3229-1, DSA-3229-1 mysql-5.5 — mysql-server-5.5 oval:org.secpod.oval:def:602051 CVE-2015-3310, DSA-3228-1, DSA-3228-1 ppp — ppp oval:org.secpod.oval:def:702509 CVE-2015-1798, […]

Read More →

  This April another big update from Microsoft, which includes 11 security bulletins addressing a total of 26 vulnerabilities. The high priority fix is for Microsoft Office addressing 5 vulnerabilities, Windows HTTP protocol stack (HTTP.sys) and Internet Explorer addressing 10 vulnerabilities. This month four bulletins are rated as Critical, addressing 17 vulnerabilities and seven are […]

Read More →

SecPod Research Team member (Shakeel Bhat) has found Multiple Stored Cross-Site Scripting Vulnerabilities in Dotclear CMS. The vulnerability is caused by improper validation of various parameter in various pages. This may allow an attacker to steal cookie-based authentication¬†credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory in CVRF […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:24112 CVE-2015-1640, Cross-site scripting vulnerability in Microsoft Sharepoint – CVE-2015-1640 oval:org.secpod.oval:def:24113 CVE-2015-1653, Cross-site scripting vulnerability in Microsoft Sharepoint – CVE-2015-1653 oval:org.secpod.oval:def:24114 CVE-2015-1640, CVE-2015-1653, MS15-036, Cross-site scripting vulnerability in Microsoft […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:24061 CVE-2015-0251, svn:author property spoofing vulnerability in Apache Subversion via a crafted v1 HTTP protocol request sequences oval:org.secpod.oval:def:24062 CVE-2015-0202, Denial of service vulnerability in Apache Subversion via a large […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:24051 CVE-2015-0799, Security bypass vulnerability in Mozilla products via an Alt-Svc header oval:org.secpod.oval:def:24053 cpe:/a:elastic:elasticsearch, Elasticsearch is installed (dpkg) oval:org.secpod.oval:def:24054 cpe:/a:elastic:elasticsearch:1.4, Elasticsearch 1.4.x is installed (dpkg) oval:org.secpod.oval:def:24055 CVE-2015-1427, Security bypass […]

Read More →