The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:109222 CVE-2013-2212, CVE-2013-4553, CVE-2013-4554, CVE-2013-6375, CVE-2013-6400, CVE-2013-6885, CVE-2014-0150, CVE-2014-1642, CVE-2014-1666, CVE-2014-1891, CVE-2014-1892, CVE-2014-1893, CVE-2014-1894, CVE-2014-1895, CVE-2014-1896, CVE-2014-1950, CVE-2014-2599, CVE-2014-3124, CVE-2014-3967, CVE-2014-3968, CVE-2014-4021, CVE-2014-5146, CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188, CVE-2014-8594, CVE-2014-8595, […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:25201 CVE-2015-1268, Cross-origin bypass vulnerability in blink in Google Chrome – CVE-2015-1268 oval:org.secpod.oval:def:25200 CVE-2015-1266, Scheme validation error vulnerability in WebUI in Google Chrome oval:org.secpod.oval:def:25202 CVE-2015-1267, Cross-origin bypass vulnerability in […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:25193 APSB15-14, CVE-2015-3113, Heap-based buffer overflow vulnerability in Adobe Flash Player – APSB15-14 oval:org.secpod.oval:def:25189 cpe:/a:adobe:flash_player_activex:18::x86, Adobe Flash Player 18 ActiveX (32-bit) is installed oval:org.secpod.oval:def:25190 cpe:/a:adobe:flash_player_activex:18::x64, Adobe Flash Player 18 […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:25125 CVE-2014-7810, Security bypass vulnerability in the Expression Language (EL) implementation in Apache Tomcat oval:org.secpod.oval:def:25126 CVE-2014-0230, Denial of service vulnerability in Apache Tomcat via a series of aborted upload […]

Read More →

A critical vulnerability is discovered in Rivest Cipher 4 software stream cipher. In cryptography, RC4 is one of the most used software-based stream ciphers in the world. The cipher is included in popular Internet protocols such as Transport Layer Security (TLS). It is a very simple cipher when compared to competing algorithms of the same […]

Read More →

SecPod Research Team member (Deependra Bapna) has found Multiple Stored Cross-site Scripting Vulnerabilities in ClipBucket. The vulnerabilities are due to improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory in CVRF […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:702603 CVE-2015-1328, USN-2642-1, USN-2642-1 — linux-image oval:org.secpod.oval:def:702604 CVE-2015-1328, USN-2646-1, USN-2646-1 — linux-image oval:org.secpod.oval:def:702605 CVE-2015-1328, USN-2647-1, USN-2647-1 — linux-image oval:org.secpod.oval:def:702606 CVE-2015-1328, USN-2644-1, USN-2644-1 — linux-image oval:org.secpod.oval:def:702607 CVE-2015-1328, USN-2641-1, USN-2641-1 — […]

Read More →

SecPod Research Team member (Thanga Prakash) has found Multiple Cross-site Scripting Vulnerabilities and SQL injection vulnerability in WordPress HTML5 MP3 Player with Playlist plugin. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, inject or manipulate SQL queries in the back-end […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:25117 CVE-2015-1791, Double free and application crash vulnerability in OpenSSL due to a race condition oval:org.secpod.oval:def:25116 CVE-2015-1792, Denial of service vulnerability in OpenSSL via vectors that trigger a NULL […]

Read More →

SecPod Research Team member (Thanga Prakash) has found Multiple Reflected Cross-site Scripting Vulnerabilities in ManageEngine Firewall Analyzer. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory […]

Read More →