Vulnerability CVE-2015-0235 - CERT Civis.Net

Vulnerability Name:

CVE-2015-0235 (CCN-100386)

Assigned:

2014-11-18

Published:

2015-01-27

Updated:

2022-07-05

Summary:

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

CVSS v3 Severity:

9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
8.3 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
6.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.6 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-787
CWE-122

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: Third Party Advisory
http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/

Source: MITRE
Type: CNA
CVE-2015-0235

Source: CCN
Type: Juniper Networks Security Bulletin JSA10671
2015-01 Out of Cycle Security Bulletin: GHOST glibc gethostbyname() buffer overflow vulnerability (CVE-2015-0235)

Source: CONFIRM
Type: Third Party Advisory
http://linux.oracle.com/errata/ELSA-2015-0090.html

Source: CONFIRM
Type: Third Party Advisory
http://linux.oracle.com/errata/ELSA-2015-0092.html

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2015-06-30-2

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2015-10-21-4

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2015-09-30-3

Source: HP
Type: Issue Tracking, Mailing List, Third Party Advisory
HPSBGN03247

Source: HP
Type: Issue Tracking, Mailing List, Third Party Advisory
HPSBHF03289

Source: HP
Type: Issue Tracking, Mailing List, Third Party Advisory
HPSBGN03285

Source: HP
Type: Issue Tracking, Mailing List, Third Party Advisory
HPSBGN03270

Source: HP
Type: Issue Tracking, Mailing List, Third Party Advisory
HPSBMU03330

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html

Source: MISC
Type: Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html

Source: CCN
Type: RHSA-2015-0090
Critical: glibc security update

Source: CCN
Type: RHSA-2015-0092
Critical: glibc security update

Source: CCN
Type: RHSA-2015-0099
Critical: glibc security update

Source: CCN
Type: RHSA-2015-0101
Critical: glibc security update

Source: CCN
Type: RHSA-2015-0126
Critical: rhev-hypervisor6 security update

Source: REDHAT
Type: Third Party Advisory
RHSA-2015:0126

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices

Source: FULLDISC
Type: Exploit, Mailing List, Third Party Advisory
20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)

Source: BUGTRAQ
Type: Exploit, Mailing List, Third Party Advisory
20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

Source: SECUNIA
Type: Not Applicable
62517

Source: SECUNIA
Type: Not Applicable
62640

Source: SECUNIA
Type: Not Applicable
62667

Source: SECUNIA
Type: Not Applicable
62680

Source: SECUNIA
Type: Not Applicable
62681

Source: SECUNIA
Type: Not Applicable
62688

Source: SECUNIA
Type: Not Applicable
62690

Source: SECUNIA
Type: Not Applicable
62691

Source: SECUNIA
Type: Not Applicable
62692

Source: SECUNIA
Type: Not Applicable
62698

Source: SECUNIA
Type: Not Applicable
62715

Source: SECUNIA
Type: Not Applicable
62758

Source: SECUNIA
Type: Not Applicable
62812

Source: SECUNIA
Type: Not Applicable
62813

Source: SECUNIA
Type: Not Applicable
62816

Source: SECUNIA
Type: Not Applicable
62865

Source: SECUNIA
Type: Not Applicable
62870

Source: SECUNIA
Type: Not Applicable
62871

Source: SECUNIA
Type: Not Applicable
62879

Source: SECUNIA
Type: Not Applicable
62883

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT204942

Source: CCN
Type: cisco-sa-20150128-ghost
GNU glibc gethostbyname Function Buffer Overflow Vulnerability

Source: CISCO
Type: Third Party Advisory
20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability

Source: CCN
Type: IBM Security Bulletin N1020559
GNU C Library (glibc) Vulnerability Affects Power Hardware Management Console (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005063
GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen2 (CVE-2015-0235)

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695695

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695774

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695835

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21695860

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696131

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696243

Source: CCN
Type: IBM Security Bulletin 1696362
GNU C library (glibc) vulnerability affects Tivoli Storage Productivity Center (CVE-2015-0235)

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696526

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696600

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696602

Source: CONFIRM
Type: Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21696618

Source: DEBIAN
Type: Third Party Advisory
DSA-3142

Source: CCN
Type: GNU Web site
The GNU C Library

Source: CCN
Type: IBM Security Bulletin T1022015
GNU C library (glibc) vulnerability affects PowerKVM (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin T1022024
GNU C library (glibc) vulnerability affects IBM SmartCloud Entry (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin T1022050
GNU C library (glibc) vulnerability affects IBM SDN-VE Unified Controller and IBM SDN-VE Service Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005051
GNU C library (glibc) vulnerability affects IBM System Storage Storwize V7000 Unified (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005054
Vulnerabilities affect TSSC: GNU C library (glibc) (CVE-2015-0235, "GHOST") Firefox (CVE-2014-1587 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594) and NTP (CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296)

Source: CCN
Type: IBM Security Bulletin S1005056
GNU C library (glibc) vulnerability affects DS8000 (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005062
GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen3 (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005064
GNU C library (glibc) vulnerability affects IBM Hyper-Scale Manager Virtual Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005065
GNU C library (glibc) vulnerability affects ProtecTIER (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005068
GNU C library (glibc) vulnerability affects Real-time Compression Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005122
GNU C library (glibc) vulnerability affects IBM/Cisco Switches and Directors (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin S1005172
GNU C library (glibc) vulnerability affects IBM System Storage SONAS (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695637
Security Bulletin: GNU C library (glibc) vulnerability is fixed in IBM Security Identity Manager Virtual Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695695
GNU C library (glibc) vulnerability affects IBM Security Access Manager for Mobile (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695774
GNU C library (glibc) vulnerability affects IBM Security Access Manager for Web (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695835
Security Bulletin: GNU C library (glibc) vulnerability is fixed in IBM Security Access Manager for Enterprise Single Sign-On Virtual Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695859
GNU C library (glibc) vulnerability affects IBM Security Network Intrusion Prevention System (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695860
GNU C library (glibc) vulnerability affects QRadar SIEM, QRadar Risk Manager, and QRadar Vulnerability Manager (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695947
GNU C library (glibc) vulnerability affects SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1695967
GNU C library (glibc) vulnerability affects IBM QRadar Incident Forensics (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696066
Security Bulletin: GNU C library (glibc) vulnerability is fixed in IBM Security Identity Governance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696131
GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696204
GNU C library (glibc) vulnerability affects IBM MessageSight (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696234
GNU C library (glibc) vulnerability affects IBM InfoSphere Balanced Warehouse C3000, C4000, IBM Smart Analytics System 1050, 2050, 5600, and 5710 (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696243
GNU C library (glibc) vulnerability affects WebSphere Transformation Extender with Launcher Hypervisor Edition [for RHEL] (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696303
GNU C library (glibc) vulnerability affects IBM Security Proventia Network Multi-Function Security System (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696416
GNU C library (glibc) vulnerability affects InfoSphere GuardiumBM InfoSphere Guardium (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696461
GNU C library (glibc) vulnerability affects IBM Smart Analytics System 7600, 7700 and 7710 (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696466
GNU C library (glibc) vulnerability affects IBM API Management (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696526
GNU C library (glibc) vulnerability affects IBM Security Virtual Server Protection for VMware (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696600
GNU C library (glibc) vulnerability affects IBM Workload Deployer (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696602
GNU C library (glibc) vulnerability affects IBM PureApplication System (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696618
GNU C library (glibc) vulnerability affects IBM Security Proventia Network Enterprise Scanner (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696630
GNU C library (glibc) vulnerability affects IBM Netezza Host Management (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1696640
GNU C library (glibc) vulnerability affects IBM DataPower Gateway appliances (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1697192
GNU C library (glibc) vulnerability affects IBM PureData System for Operational Analytics (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1697250
GNU C library (glibc) vulnerability affects WebSphere DataPower XC10 Appliance (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1697268
GNU C library (glibc) vulnerability affects IBM WebSphere Cast Iron Solution (CVE-2015-0235)

Source: CCN
Type: IBM Security Bulletin 1698044
GNU C library (glibc) vulnerability is fixed in IBM Security Privileged Identity Manager (CVE-2015-0235)

Source: CONFIRM
Type: Broken Link
http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf

Source: CCN
Type: US-CERT VU#967332
GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow

Source: MANDRIVA
Type: Third Party Advisory
MDVSA-2015:039

Source: CCN
Type: oss-security Mailing List, Tue, 27 Jan 2015 08:29:36 -0800
Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

Source: MLIST
Type: Exploit, Mailing List
[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim

Source: CCN
Type: Oracle CPUJul2016
Oracle Critical Patch Update Advisory - July 2016

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Source: CCN
Type: Oracle CPUJul2017
Oracle Critical Patch Update Advisory - July 2017

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

Source: CCN
Type: Oracle CPUOct2016
Oracle Critical Patch Update Advisory - October 2016

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: CCN
Type: Oracle CPUOct2017
Oracle Critical Patch Update Advisory - October 2017

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: CCN
Type: Oracle CPUOct2018
Oracle Critical Patch Update Advisory - October 2018

Source: CONFIRM
Type: Patch, Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Source: CCN
Type: Oracle Critical Patch Update - April 2015
Oracle Critical Patch Update - April 2015

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

Source: CCN
Type: Oracle Critical Patch Update Advisory - January 2016
Oracle Critical Patch Update Advisory - January 2016

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Source: CCN
Type: Oracle Critical Patch Update - July 2015
Oracle Critical Patch Update - July 2015

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

Source: CCN
Type: Oracle Critical Patch Update Advisory - October 2015
Oracle Critical Patch Update Advisory - October 2015

Source: CONFIRM
Type: Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Source: BUGTRAQ
Type: Exploit, Third Party Advisory, VDB Entry
20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235

Source: BID
Type: Third Party Advisory, VDB Entry
72325

Source: CCN
Type: BID-72325
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
91787

Source: CCN
Type: BID-91787
Oracle July 2016 Critical Patch Update Multiple Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1032909

Source: CONFIRM
Type: Broken Link, Permissions Required
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

Source: CONFIRM
Type: Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa90

Source: CCN
Type: Red Hat Bugzilla - Bug 1183461
CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow

Source: CONFIRM
Type: Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf

Source: MISC
Type: Third Party Advisory
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

Source: XF
Type: UNKNOWN
glibc-cve20150235-bo(100386)

Source: CONFIRM
Type: Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668

Source: CONFIRM
Type: Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

Source: CONFIRM
Type: Third Party Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671

Source: CONFIRM
Type: Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10100

Source: CCN
Type: Packet Storm Security [01-27-2015]
Qualys Security Advisory - glibc gethostbyname Buffer Overflow

Source: CCN
Type: Packet Storm Security [01-29-2015]
Exim ESMTP GHOST Denial Of Service

Source: CCN
Type: Packet Storm Security [03-24-2015]
Exim GHOST (glibc gethostbyname) Buffer Overflow

Source: CCN
Type: Packet Storm Security [09-01-2021]
Moxa Command Injection / Cross Site Scripting / Vulnerable Software

Source: CCN
Type: Packet Storm Security [06-20-2022]
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor

Source: BUGTRAQ
Type: Exploit, Mailing List, Third Party Advisory
20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Source: GENTOO
Type: Third Party Advisory
GLSA-201503-04

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20150127-0001/

Source: CCN
Type: glibc GIT Repository
Fix parsing of numeric hosts in gethostbyname_r

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/HT205267

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/HT205375

Source: CCN
Type: IBM Security Bulletin 5098317
GNU C library (glibc) vulnerability affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware (CVE-2015-0235)

Source: MISC
Type: Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [01-29-2015]

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [03-18-2015]

Source: CONFIRM
Type: Third Party Advisory
https://www.f-secure.com/en/web/labs_global/fsc-2015-1

Source: MISC
Type: Third Party Advisory
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt

Source: CONFIRM
Type: Third Party Advisory
https://www.sophos.com/en-us/support/knowledgebase/121879.aspx

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-0235

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:glibc:*:*:*:*:*:*:*:* (Version >= 2.0 and < 2.18)

Configuration 2:

cpe:/a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:*

OR cpe:/o:oracle:linux:7:0:*:*:*:*:*:*

OR cpe:/a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:*

OR cpe:/o:oracle:linux:5:-:*:*:*:*:*:*

OR cpe:/a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:* (Version < 3.7.1)

OR cpe:/a:oracle:communications_lsms:13.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:* (Version < 7.2.0)

OR cpe:/a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:*

OR cpe:/a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:* (Version >= 10.0.0 and <= 10.0.1)

OR cpe:/a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* (Version < 5.1.24)

Configuration 3:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:redhat:virtualization:6.0:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version < 10.11.1)

Configuration 6:

cpe:/a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.2:*:enterprise_single_sign-on:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.0.0.0:*:*:*:*:*:*:*

Configuration 7:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.5.0 and < 5.5.22)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.6.0 and < 5.6.6)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.4.0 and < 5.4.38)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 11:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 12:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 13:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:glibc:2.2:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5::client:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_virtual_server_protection:1.1.0.1:*:*:*:*:vmware:*:*

OR cpe:/a:juniper:junos_space:*:-:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.2:*:enterprise_single_sign-on:*:*:*:*:*

OR cpe:/a:ibm:messagesight:1.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0:*:web:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0:*:mobile:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_network_protection_firmware:5.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:proventia_network_enterprise_scanner:2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_entry:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_entry:3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.1:*:mobile:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.3:*:mobile:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.4:*:mobile:*:*:*:*:*

OR cpe:/a:ibm:security_virtual_server_protection:1.1:*:*:*:*:vmware:*:*

OR cpe:/a:ibm:security_virtual_server_protection:1.1.1.0:*:*:*:*:vmware:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.2:*:web:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_productivity_center:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.4.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_entry:2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_entry:2.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_network_intrusion_prevention_system:4.6.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:puredata_system:1.0.0:*:*:*:analytics:*:*:*

OR cpe:/o:ibm:security_network_protection_firmware:5.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_transformation_extender:8.4.1.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.5:*:mobile:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.4:*:web:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.0.5:*:web:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_deployer:3.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_deployer:3.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_deployer:3.1.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_deployer:3.1.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_privileged_identity_manager:1.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_qradar_incident_forensics:7.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:messagesight:1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_privileged_identity_manager:2.0.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:1.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.2:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.1:*:mobile:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.0.1:*:web:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_identity_manager:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:7.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:scale_out_network_attached_storage:1.5:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20150235	V	CVE-2015-0235	2023-06-22
oval:org.opensuse.security:def:8075	P	apache2-mod_php7-7.4.33-150400.4.22.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7714	P	log4j12-1.2.17-4.9.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7736	P	perl-5.26.1-150300.17.11.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:639	P	Security update for grafana (Important) (in QA)	2022-10-06
oval:org.opensuse.security:def:94257	P	(Important)	2022-07-11
oval:org.opensuse.security:def:3540	P	krb5-1.12.5-40.37.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3434	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95064	P	apache2-mod_php7-7.4.25-150400.2.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95170	P	apache2-mod_php8-8.0.10-150400.2.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1678	P	Security update for 389-ds (Important)	2022-06-14
oval:org.opensuse.security:def:1670	P	Security update for redis (Moderate)	2022-05-25
oval:org.opensuse.security:def:1091	P	Security update for vim (Important)	2022-03-04
oval:org.opensuse.security:def:1083	P	Security update for tiff (Important)	2022-02-17
oval:org.opensuse.security:def:1687	P	Security update for wireshark (Moderate)	2022-02-14
oval:org.opensuse.security:def:111960	P	apache2-mod_php5-5.6.28-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:111961	P	apache2-mod_php7-7.0.14-1.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113137	P	php8-8.0.11-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:9885	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10711	P	Security update for MozillaThunderbird (Important)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:9635	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:7012	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP1) (Important)	2021-12-14
oval:org.opensuse.security:def:33060	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:105525	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:10176	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:26167	P	Security update for php72 (Moderate)	2021-11-19
oval:org.opensuse.security:def:6987	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-11-17
oval:org.opensuse.security:def:105524	P	Security update for samba (Important)	2021-11-16
oval:org.opensuse.security:def:9613	P	Security update for tomcat (Important)	2021-11-16
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:32212	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:9605	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:106567	P	php8-8.0.11-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31688	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:71345	P	logrotate-3.13.0-4.3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:66926	P	Security update for xen (Moderate)	2021-09-18
oval:org.opensuse.security:def:10154	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:64758	P	Security update for libesmtp (Important)	2021-09-03
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:70282	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:47740	P	libmicrohttpd10-0.9.30-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48073	P	libXcursor1-1.1.14-4.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48157	P	libnghttp2-14-1.7.1-1.84 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47605	P	evince-3.20.2-6.22.9 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47748	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47933	P	yubikey-manager-0.6.0-1.27 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48165	P	libospf0-1.1.1-17.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48305	P	shadow-4.2.1-34.20 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47613	P	g3utils-1.1.36-58.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:9762	P	Security update for cpio (Important)	2021-08-16
oval:org.opensuse.security:def:47604	P	eog-3.20.4-7.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47619	P	giflib-progs-5.0.5-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47941	P	SuSEfirewall2-3.6.312.333-3.13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48065	P	libICE6-1.0.8-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48313	P	stunnel-5.00-4.3.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47612	P	fuse-2.9.3-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47627	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:101005	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63414	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2359	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101415	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63448	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2418	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:107671	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:94292	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63507	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2325	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100970	P	libseccomp-devel-2.4.1-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:10686	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:9743	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:10112	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:6912	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:68005	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:66834	P	Security update for jetty-minimal (Important)	2021-06-17
oval:org.opensuse.security:def:9728	P	Security update for containerd, docker, runc (Important)	2021-06-11
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:48832	P	freerdp-2.0.0~git.1463131968.4e66df7-11.69 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48527	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11413	P	libvte9-0.28.2-17.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48665	P	colord-1.1.7-2.42 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48603	P	procmail-3.22-267.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48769	P	empathy-3.12.12-5.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48840	P	gstreamer-0_10-plugins-base-0.10.36-17.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11435	P	perl-32bit-5.18.2-3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48673	P	gd-32bit-2.1.0-3.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48611	P	qemu-2.6.1-27.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16099	P	php7-devel-7.0.7-15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36502	P	libwebkit-1_0-2-1.2.7-0.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48730	P	libIlmImf-Imf_2_1-21-32bit-2.1.0-4.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42543	P	glibc-2.11.3-17.84.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36136	P	glibc-2.11.3-17.84.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16349	P	php7-devel-7.0.7-49.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48519	P	liblua5_2-5.2.2-4.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48738	P	libmysqlclient_r18-10.0.21-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36544	P	python-32bit-2.6.9-0.35.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48761	P	ImageMagick-6.8.8.1-33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36414	P	glibc-html-2.11.3-17.84.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10087	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:6893	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:73617	P	Security update for the Linux Kernel (Important)	2021-05-12
oval:org.opensuse.security:def:31614	P	Security update for java-1_7_0-openjdk (Moderate)	2021-04-29
oval:org.opensuse.security:def:7076	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP2) (Important)	2021-04-28
oval:org.opensuse.security:def:26039	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:26027	P	Security update for glibc (Important)	2021-04-13
oval:org.opensuse.security:def:31603	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:6878	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:7063	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP2) (Important)	2021-04-07
oval:org.opensuse.security:def:9681	P	Security update for MozillaFirefox (Important)	2021-04-01
oval:org.opensuse.security:def:64671	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:33099	P	Security update for python36 (Moderate)	2021-03-19
oval:org.opensuse.security:def:68105	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:9862	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:9863	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:32268	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:9855	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:9837	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Important)	2021-02-11
oval:org.opensuse.security:def:10163	P	Security update for python-urllib3 (Moderate)	2021-02-08
oval:org.opensuse.security:def:26111	P	Security update for cups (Moderate)	2021-02-02
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:35237	P	Security update for gimp (Moderate)	2020-12-29
oval:org.opensuse.security:def:70177	P	Security update for flac (Moderate)	2020-12-24
oval:org.opensuse.security:def:10586	P	Security update for PackageKit (Moderate)	2020-12-16
oval:org.opensuse.security:def:25975	P	Security update for openssl-1_0_0 (Important)	2020-12-09
oval:org.opensuse.security:def:7054	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:107636	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63389	P	apache2-mod_php7-7.2.5-2.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2308	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13245	P	apache2-mod_php7-7.0.7-15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35792	P	openslp-1.2.0-172.22.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63397	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2317	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35645	P	unrar-3.80.2-2.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16949	P	php72-devel-7.2.5-1.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35820	P	ruby-1.8.7.p357-0.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63406	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35864	P	apache2-mod_jk-1.2.26-1.30.110 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71458	P	conntrack-tools-1.4.5-1.46 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103740	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90085	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:46365	P	apache2-mod_php7-7.0.7-15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25970	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:35753	P	libmusicbrainz4-2.1.5-5.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2300	P	apache2-mod_php7-7.2.5-2.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35704	P	g3utils-1.1.36-26.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117194	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31602	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9913	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32356	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:10564	P	libxerces-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9978	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26681	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26642	P	sysstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25686	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:6831	P	rhythmbox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10762	P	libmysqlclient-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50065	P	libapr-util1-dbd-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10454	P	icecream on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10484	P	libarchive-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26417	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:25685	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25761	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31912	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27099	P	coreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50111	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26248	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:35485	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10775	P	libpng12-compat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35005	P	Security update for gnutls	2020-12-01
oval:org.opensuse.security:def:10592	P	quagga-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10814	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35017	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:26540	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6763	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7045	P	libgssglue1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9926	P	libtcnative-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27134	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25964	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:32378	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:50074	P	libosinfo-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9993	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26315	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26695	P	fetchmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25963	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:35338	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27377	P	boost-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50119	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32422	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:10836	P	php7-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10530	P	libpng12-compat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26461	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25889	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31969	P	Security update for ipsec-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26305	P	Security update for python-setuptools (Moderate)	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9904	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10611	P	xfsprogs-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32317	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:27412	P	glibc-html on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9931	P	libusbmuxd4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35101	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26593	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6755	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6785	P	libyaml-0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10753	P	libksba-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50128	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10462	P	libHX-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26403	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25697	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31820	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:10012	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26364	P	Security update for irssi (Low)	2020-12-01
oval:org.opensuse.security:def:26739	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35395	P	Security update for openslp (Important)	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50057	P	erlang-rabbitmq-client on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10577	P	ocaml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73499	P	gdb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32056	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35006	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26389	P	Security update for chromium (Important)	2020-12-01
oval:org.mitre.oval:def:28528	P	DSA-3142-1 -- eglibc -- security update	2015-03-09
oval:org.mitre.oval:def:28360	P	RHSA-2015:0090 -- glibc security update (Critical)	2015-03-09
oval:org.mitre.oval:def:28622	P	ELSA-2015-0092 -- glibc security update (critical)	2015-03-09
oval:org.mitre.oval:def:28438	P	RHSA-2015:0092 -- glibc security update (Critical)	2015-03-09
oval:org.mitre.oval:def:28638	P	ELSA-2015-0090 -- glibc security update (critical)	2015-03-09
oval:org.mitre.oval:def:28503	P	USN-2485-1 -- GNU C Library vulnerability	2015-03-09
oval:com.ubuntu.precise:def:20150235000	V	CVE-2015-0235 on Ubuntu 12.04 LTS (precise) - high.	2015-01-28
oval:com.ubuntu.trusty:def:20150235000	V	CVE-2015-0235 on Ubuntu 14.04 LTS (trusty) - high.	2015-01-28
oval:com.redhat.rhsa:def:20150090	P	RHSA-2015:0090: glibc security update (Critical)	2015-01-27
oval:com.redhat.rhsa:def:20150092	P	RHSA-2015:0092: glibc security update (Critical)	2015-01-27