Oracle Critical Patch Update Advisory - April 2019

2019-04-16T00:00:00

Description

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to: * Critical Patch Updates, Security Alerts and Bulletins for information about Oracle Security Advisories. **Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.** This Critical Patch Update contains 297 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ April 2019 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2494878.1>).

{"id": "ORACLE:CPUAPR2019", "type": "oracle", "bulletinFamily": "software", "title": " Oracle Critical Patch Update Advisory - April 2019", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n * Critical Patch Updates, Security Alerts and Bulletins for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 297 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ April 2019 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2494878.1>).\n", "published": "2019-04-16T00:00:00", "modified": "2019-05-28T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, "href": "https://www.oracle.com/security-alerts/cpuapr2019.html", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2014-0107", "CVE-2014-0114", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-7940", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-9515", "CVE-2014-9654", "CVE-2014-9911", "CVE-2015-1832", "CVE-2015-3253", "CVE-2015-5922", "CVE-2015-9251", "CVE-2016-0635", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2141", "CVE-2016-3092", "CVE-2016-4000", "CVE-2016-6293", "CVE-2016-7055", "CVE-2016-7103", "CVE-2016-7415", "CVE-2016-8735", "CVE-2017-0861", "CVE-2017-12617", "CVE-2017-14952", "CVE-2017-15265", "CVE-2017-17484", "CVE-2017-3730", "CVE-2017-3731", "CVE-2017-3732", "CVE-2017-3733", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3738", "CVE-2017-5533", "CVE-2017-5645", "CVE-2017-5664", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-7525", "CVE-2017-7867", "CVE-2017-7868", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9798", "CVE-2018-0161", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000004", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-10901", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11218", "CVE-2018-11219", "CVE-2018-11236", "CVE-2018-11237", "CVE-2018-11307", "CVE-2018-11761", "CVE-2018-11763", "CVE-2018-11775", "CVE-2018-11784", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-12384", "CVE-2018-12404", "CVE-2018-12539", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-15756", "CVE-2018-1656", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16890", "CVE-2018-17189", "CVE-2018-17199", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-20685", "CVE-2018-2880", "CVE-2018-3120", "CVE-2018-3123", "CVE-2018-3312", "CVE-2018-3314", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-5407", "CVE-2018-6485", "CVE-2018-7489", "CVE-2018-7566", "CVE-2018-8013", "CVE-2018-8034", "CVE-2018-8088", "CVE-2019-0190", "CVE-2019-1559", "CVE-2019-2424", "CVE-2019-2516", "CVE-2019-2517", "CVE-2019-2518", "CVE-2019-2551", "CVE-2019-2557", "CVE-2019-2558", "CVE-2019-2564", "CVE-2019-2565", "CVE-2019-2566", "CVE-2019-2567", "CVE-2019-2568", "CVE-2019-2570", "CVE-2019-2571", "CVE-2019-2572", "CVE-2019-2573", "CVE-2019-2574", "CVE-2019-2575", "CVE-2019-2576", "CVE-2019-2577", "CVE-2019-2578", "CVE-2019-2579", "CVE-2019-2580", "CVE-2019-2581", "CVE-2019-2582", "CVE-2019-2583", "CVE-2019-2584", "CVE-2019-2585", "CVE-2019-2586", "CVE-2019-2587", "CVE-2019-2588", "CVE-2019-2589", "CVE-2019-2590", "CVE-2019-2591", "CVE-2019-2592", "CVE-2019-2593", "CVE-2019-2594", "CVE-2019-2595", "CVE-2019-2596", "CVE-2019-2597", "CVE-2019-2598", "CVE-2019-2600", "CVE-2019-2601", "CVE-2019-2602", "CVE-2019-2603", "CVE-2019-2604", "CVE-2019-2605", "CVE-2019-2606", "CVE-2019-2607", "CVE-2019-2608", "CVE-2019-2609", "CVE-2019-2610", "CVE-2019-2611", "CVE-2019-2612", "CVE-2019-2613", "CVE-2019-2614", "CVE-2019-2615", "CVE-2019-2616", "CVE-2019-2617", "CVE-2019-2618", "CVE-2019-2619", "CVE-2019-2620", "CVE-2019-2621", "CVE-2019-2622", "CVE-2019-2623", "CVE-2019-2624", "CVE-2019-2625", "CVE-2019-2626", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2629", "CVE-2019-2630", "CVE-2019-2631", "CVE-2019-2632", "CVE-2019-2633", "CVE-2019-2634", "CVE-2019-2635", "CVE-2019-2636", "CVE-2019-2637", "CVE-2019-2638", "CVE-2019-2639", "CVE-2019-2640", "CVE-2019-2641", "CVE-2019-2642", "CVE-2019-2643", "CVE-2019-2644", "CVE-2019-2645", "CVE-2019-2646", "CVE-2019-2647", "CVE-2019-2648", "CVE-2019-2649", "CVE-2019-2650", "CVE-2019-2651", "CVE-2019-2652", "CVE-2019-2653", "CVE-2019-2654", "CVE-2019-2655", "CVE-2019-2656", "CVE-2019-2657", "CVE-2019-2658", "CVE-2019-2659", "CVE-2019-2660", "CVE-2019-2661", "CVE-2019-2662", "CVE-2019-2663", "CVE-2019-2664", "CVE-2019-2665", "CVE-2019-2669", "CVE-2019-2670", "CVE-2019-2671", "CVE-2019-2673", "CVE-2019-2674", "CVE-2019-2675", "CVE-2019-2676", "CVE-2019-2677", "CVE-2019-2678", "CVE-2019-2679", "CVE-2019-2680", "CVE-2019-2681", "CVE-2019-2682", "CVE-2019-2683", "CVE-2019-2684", "CVE-2019-2685", "CVE-2019-2686", "CVE-2019-2687", "CVE-2019-2688", "CVE-2019-2689", "CVE-2019-2690", "CVE-2019-2691", "CVE-2019-2692", "CVE-2019-2693", "CVE-2019-2694", "CVE-2019-2695", "CVE-2019-2696", "CVE-2019-2697", "CVE-2019-2698", "CVE-2019-2699", "CVE-2019-2700", "CVE-2019-2701", "CVE-2019-2702", "CVE-2019-2703", "CVE-2019-2704", "CVE-2019-2705", "CVE-2019-2706", "CVE-2019-2707", "CVE-2019-2708", "CVE-2019-2709", "CVE-2019-2712", "CVE-2019-2713", "CVE-2019-2719", "CVE-2019-2720", "CVE-2019-2721", "CVE-2019-2722", "CVE-2019-2723", "CVE-2019-2726", "CVE-2019-3772", "CVE-2019-3822", "CVE-2019-3823"], "immutableFields": [], "lastseen": "2021-10-22T15:44:21", "viewCount": 42, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["JAVA_APR2019_ADVISORY.ASC", "JAVA_JULY2018_ADVISORY.ASC", "OPENSSH_ADVISORY13.ASC", "OPENSSL_ADVISORY23.ASC", "OPENSSL_ADVISORY24.ASC", "OPENSSL_ADVISORY26.ASC", "OPENSSL_ADVISORY27.ASC", "OPENSSL_ADVISORY28.ASC", "OPENSSL_ADVISORY29.ASC", "OPENSSL_ADVISORY30.ASC", "SPECTRE_MELTDOWN_ADVISORY.ASC", "SPECTRE_UPDATE_ADVISORY.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2019:1529", "ALSA-2019:2511", "ALSA-2019:3708", "ALSA-2020:4670", "ALSA-2020:4751", "ALSA-2020:4847", "ALSA-2021:1675", "ALSA-2021:1809"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2016-7103"]}, {"type": "altlinux", "idList": ["278121AB0AB06AB0B73A0D3D3303C08C", "8C89C526B3CF25088FD55C8D5282435A"]}, {"type": "amazon", "idList": ["ALAS-2014-325", "ALAS-2016-736", "ALAS-2016-776", "ALAS-2016-777", "ALAS-2016-778", "ALAS-2017-803", "ALAS-2017-853", "ALAS-2017-854", "ALAS-2017-862", "ALAS-2017-873", "ALAS-2017-896", "ALAS-2017-913", "ALAS-2017-937", "ALAS-2018-1000", "ALAS-2018-1016", "ALAS-2018-1023", "ALAS-2018-1038", "ALAS-2018-1055", "ALAS-2018-1056", "ALAS-2018-1058", "ALAS-2018-1065", "ALAS-2018-1069", "ALAS-2018-1070", "ALAS-2018-1095", "ALAS-2018-1098", "ALAS-2018-1099", "ALAS-2018-1102", "ALAS-2018-1104", "ALAS-2018-1109", "ALAS-2018-939", "ALAS-2018-956", "ALAS-2018-972", "ALAS-2018-973", "ALAS-2019-1153", "ALAS-2019-1166", "ALAS-2019-1188", "ALAS-2019-1208", "ALAS-2019-1266", "ALAS-2019-1297", "ALAS-2019-1313", "ALAS-2020-1355", "ALAS-2020-1422", "ALAS-2022-1562", "ALAS2-2018-1004", "ALAS2-2018-1038", "ALAS2-2018-1048", "ALAS2-2018-1058", "ALAS2-2018-1095", "ALAS2-2018-1102", "ALAS2-2018-1104", "ALAS2-2018-1131", "ALAS2-2018-939", "ALAS2-2018-956", "ALAS2-2018-992", "ALAS2-2018-994", "ALAS2-2018-999", "ALAS2-2019-1141", "ALAS2-2019-1153", "ALAS2-2019-1155", "ALAS2-2019-1160", "ALAS2-2019-1162", "ALAS2-2019-1188", "ALAS2-2019-1192", "ALAS2-2019-1197", "ALAS2-2019-1209", "ALAS2-2019-1216", "ALAS2-2019-1228", "ALAS2-2019-1269", "ALAS2-2019-1292", "ALAS2-2019-1305", "ALAS2-2019-1362", "ALAS2-2020-1402", "ALAS2-2020-1519", "ALAS2-2021-1643", "ALAS2-2021-1647"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-01-01", "ANDROID:2018-02-01", "ANDROID:2018-04-01", "ANDROID:2018-05-01", "ANDROID:2018-09-01", "ANDROID:2018-12-01"]}, {"type": "apple", "idList": ["APPLE:121C0C2C932F899F870D9D5665610ED0", "APPLE:395E729CF93F555C415D358DB1C43E9A", "APPLE:3CD8680715FC8DF4A758CC6012471868", "APPLE:4F36084A54A87DEB1241F91D2A3B37FF", "APPLE:554AF3533422B9797D4FBD02BF3EC816", "APPLE:8A3948F2E8E7E8D771C8CDFA03619768", "APPLE:A906ED60E2875C343BE4CB7524339858", "APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:E110ECBEC1B5F4EBE4C6799FF1A4F4E0", "APPLE:F6306C158D7B30BA0A0EDD411C414BFE", "APPLE:HT208325", "APPLE:HT208327", "APPLE:HT208331", "APPLE:HT208334", "APPLE:HT208397", "APPLE:HT208401", "APPLE:HT208403", "APPLE:HT208465", "APPLE:HT209139", "APPLE:HT209193"]}, {"type": "archlinux", "idList": ["ASA-201501-21", "ASA-201611-22", "ASA-201701-36", "ASA-201701-37", "ASA-201705-10", "ASA-201705-7", "ASA-201706-6", "ASA-201706-7", "ASA-201709-15", "ASA-201711-14", "ASA-201711-15", "ASA-201711-25", "ASA-201711-26", "ASA-201712-11", "ASA-201712-9", "ASA-201801-1", "ASA-201801-3", "ASA-201801-4", "ASA-201801-6", "ASA-201804-2", "ASA-201804-6", "ASA-201806-10", "ASA-201812-5", "ASA-201812-6", "ASA-201812-7", "ASA-201812-8", "ASA-201901-14", "ASA-201901-9", "ASA-201902-10", "ASA-201902-11", "ASA-201902-12", "ASA-201902-13", "ASA-201902-9", "ASA-201903-2", "ASA-201903-6", "ASA-201904-11", "ASA-201910-4", "ASA-201910-5"]}, {"type": "atlassian", "idList": ["ATLASSIAN:BSERV-8977", "ATLASSIAN:CONFSERVER-59684", "ATLASSIAN:CRUC-8382", "ATLASSIAN:CRUC-8412", "ATLASSIAN:FE-7164", "ATLASSIAN:FE-7204", "ATLASSIAN:FE-7344", "ATLASSIAN:FE-7345", "ATLASSIAN:JRA-61885", "ATLASSIAN:JRASERVER-43422", "ATLASSIAN:JRASERVER-61885", "ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102", "ATLASSIAN:JRASERVER-67695", "ATLASSIAN:JRASERVER-68073", "ATLASSIAN:JRASERVER-70929", "ATLASSIAN:JSWSERVER-20705", "CRUC-8382", "CRUC-8412", "CWD-5683", "FE-7164", "FE-7204", "FE-7344", "FE-7345", "JRASERVER-61885", "JRASERVER-64394", "JRASERVER-65102", "JRASERVER-68073", "JSWSERVER-20705"]}, {"type": "attackerkb", "idList": ["AKB:1E11C24B-3FB2-4A58-8627-45A7C62A9221", "AKB:4A2FD572-63FD-426B-8D34-A9914260EF72", "AKB:4C308D6A-6844-4870-ACE4-B60F3FFC21C5", "AKB:8878CC0F-8F42-41CD-B190-6AAC449597D7", "AKB:CC9CD3C9-B8CC-456B-9B8A-33A1EB9498E9", "AKB:D0F5AA2A-4D99-41A6-9F83-6D0EA1AD01FC", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7", "AKB:FB53DB3D-5E00-4D9A-A686-D454EFED3A50"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D", "AVLEONOV:54F79F8B5C71E738DB16AEA2DF8FFD2F", "AVLEONOV:C33EB29E3A78720B630607BECBB3CEF5"]}, {"type": "canvas", "idList": ["SPECTRE_FILE_LEAK", "SPECTRE_SAM_LEAK"]}, {"type": "centos", "idList": ["CESA-2014:0348", "CESA-2014:0474", "CESA-2016:2599", "CESA-2017:0286", "CESA-2017:1809", "CESA-2017:2423", "CESA-2017:2486", "CESA-2017:2882", "CESA-2017:2972", "CESA-2017:3080", "CESA-2017:3081", "CESA-2018:0007", "CESA-2018:0008", "CESA-2018:0151", "CESA-2018:0512", "CESA-2018:0592", "CESA-2018:0998", "CESA-2018:1062", "CESA-2018:1319", "CESA-2018:2384", "CESA-2018:2390", "CESA-2018:2768", "CESA-2018:2898", "CESA-2018:3083", "CESA-2018:3090", "CESA-2018:3092", "CESA-2018:3221", "CESA-2019:0049", "CESA-2019:0201", "CESA-2019:0483", "CESA-2019:0485", "CESA-2019:0774", "CESA-2019:0775", "CESA-2019:0778", "CESA-2019:0790", "CESA-2019:0791", "CESA-2019:2125", "CESA-2019:2205", "CESA-2019:2237", "CESA-2019:2304", "CESA-2019:2327", "CESA-2019:2471", "CESA-2020:1121", "CESA-2020:3936"]}, {"type": "cert", "idList": ["VU:180049", "VU:584653", "VU:602540", "VU:982149"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1480", "CPAI-2014-1535", "CPAI-2016-0684", "CPAI-2016-0968", "CPAI-2017-0151", "CPAI-2017-0153", "CPAI-2017-0237", "CPAI-2017-0740", "CPAI-2017-0774", "CPAI-2017-0779", "CPAI-2017-0827", "CPAI-2017-0896", "CPAI-2017-1082", "CPAI-2017-1216", "CPAI-2018-0011", "CPAI-2018-1066", "CPAI-2018-1596", "CPAI-2019-0227", "CPAI-2019-0232", "CPAI-2019-0250", "CPAI-2019-0268", "CPAI-2019-0542", "CPAI-2019-0568", "CPAI-2019-0654", "CPAI-2019-0707", "CPAI-2019-1539", "CPAI-2019-1664", "CPAI-2019-1690"]}, {"type": "chrome", "idList": ["GCSA-6237449581809535742"]}, {"type": "cisa", "idList": ["CISA:1F248E306735F9135C48F3F3143C4B37", "CISA:6A3DB540F84D34B9BB99751624D91DB9", "CISA:848AFE845B4D41B0B59F2090C2571363"]}, {"type": "cisco", "idList": ["CISCO-SA-20161114-OPENSSL", "CISCO-SA-20170130-OPENSSL", "CISCO-SA-20180104-CPUSIDECHANNEL", "CISCO-SA-20180328-SNMP", "CISCO-SA-20180814-CPUSIDECHANNEL", "CISCO-SA-20181107-STRUTS-COMMONS-FILEUPLOAD"]}, {"type": "citrix", "idList": ["CTX231390", "CTX231399", "CTX234679", "CTX236548"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:057632FDE3425E82800DCEC32F03F510", "CFOUNDRY:07A2C5122ECAB467878EC7E35D5937B4", "CFOUNDRY:08639CF3E8D6C946D02AFEE0F4B5B0A0", "CFOUNDRY:1DFE9585B9C1AAABE38F2402F4352EFD", "CFOUNDRY:32C77274978FD738E63CD47FF8AF1676", "CFOUNDRY:387B2BBB51760E1FFD4562D4008446F7", "CFOUNDRY:6F9C2520DC97ECE6CB22CC0C19CA28F6", "CFOUNDRY:78350CC978808A6C42CDCB2451BF30F4", "CFOUNDRY:810699BEEA68631AFB0FAD545BB90F4B", "CFOUNDRY:81709274A5535B1DACDD4242D3B162A5", "CFOUNDRY:86B5C35F8F0E334D1CCCDAF1214EDFEF", "CFOUNDRY:871AE561BA64280CEEDB0200B9838843", "CFOUNDRY:8730FEC9F4689F70DBBC5917AC5BF0C6", "CFOUNDRY:894C76C0EB39D03A818F5E3BFAA0E55A", "CFOUNDRY:9243E8457D02CBA7A3505CB1E0E03739", "CFOUNDRY:9508E80FC3841EA0C8796974EB59D970", "CFOUNDRY:A4060C050FC7372D236C39C9DBB70320", "CFOUNDRY:B1BFB1BD3BA9A90D6CA66F05AB2DCBAE", "CFOUNDRY:B642D1016F9847BDB1C562D31A013349", "CFOUNDRY:B6F9117DDC7188793F0CD8F25AB1B9C7", "CFOUNDRY:BDB6F8275A06CC11A9EB2C43CBB82E42", "CFOUNDRY:D2095944B38019F3860438162F040964", "CFOUNDRY:DCF842DDD89D1624E7B2FFAA64957639", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC", "CFOUNDRY:E749339FD9B63A051442EBE55FFF8802", "CFOUNDRY:EFC04687630119FCBBD9AD5BD4734A0F", "CFOUNDRY:FE675C625F5EEDC7C5C065721F8F1D96"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632262317"]}, {"type": "cve", "idList": ["CVE-2014-0107", "CVE-2014-0114", "CVE-2014-3540", "CVE-2014-3893", "CVE-2014-7923", "CVE-2014-7926", "CVE-2014-7940", "CVE-2014-8146", "CVE-2014-8147", "CVE-2014-9515", "CVE-2014-9654", "CVE-2014-9911", "CVE-2015-1832", "CVE-2015-3253", "CVE-2015-5377", "CVE-2015-5922", "CVE-2015-8146", "CVE-2015-8147", "CVE-2015-9251", "CVE-2016-0635", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2141", "CVE-2016-3092", "CVE-2016-4000", "CVE-2016-6293", "CVE-2016-7055", "CVE-2016-7103", "CVE-2016-7415", "CVE-2016-8735", "CVE-2017-0861", "CVE-2017-1000394", "CVE-2017-12617", "CVE-2017-14952", "CVE-2017-15095", "CVE-2017-15265", "CVE-2017-16012", "CVE-2017-17484", "CVE-2017-17485", "CVE-2017-3730", "CVE-2017-3731", "CVE-2017-3732", "CVE-2017-3733", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3738", "CVE-2017-5533", "CVE-2017-5645", "CVE-2017-5664", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-7525", "CVE-2017-7867", "CVE-2017-7868", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9798", "CVE-2018-0161", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000004", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-10471", "CVE-2018-10901", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11218", "CVE-2018-11219", "CVE-2018-11236", "CVE-2018-11237", "CVE-2018-11307", "CVE-2018-11761", "CVE-2018-11763", "CVE-2018-11775", "CVE-2018-11784", "CVE-2018-11796", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-12384", "CVE-2018-12404", "CVE-2018-12539", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-15756", "CVE-2018-1656", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16890", "CVE-2018-17189", "CVE-2018-17199", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-19965", "CVE-2018-20685", "CVE-2018-2880", "CVE-2018-3120", "CVE-2018-3123", "CVE-2018-3312", "CVE-2018-3314", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3690", "CVE-2018-3693", "CVE-2018-5407", "CVE-2018-5968", "CVE-2018-6485", "CVE-2018-7489", "CVE-2018-7566", "CVE-2018-8013", "CVE-2018-8034", "CVE-2018-8088", "CVE-2019-0190", "CVE-2019-10202", "CVE-2019-1559", "CVE-2019-2424", "CVE-2019-25018", "CVE-2019-2516", "CVE-2019-2517", "CVE-2019-2518", "CVE-2019-2551", "CVE-2019-2557", "CVE-2019-2558", "CVE-2019-2564", "CVE-2019-2565", "CVE-2019-2566", "CVE-2019-2567", "CVE-2019-2568", "CVE-2019-2570", "CVE-2019-2571", "CVE-2019-2572", "CVE-2019-2573", "CVE-2019-2574", "CVE-2019-2575", "CVE-2019-2576", "CVE-2019-2577", "CVE-2019-2578", "CVE-2019-2579", "CVE-2019-2580", "CVE-2019-2581", "CVE-2019-2582", "CVE-2019-2583", "CVE-2019-2584", "CVE-2019-2585", "CVE-2019-2586", "CVE-2019-2587", "CVE-2019-2588", "CVE-2019-2589", "CVE-2019-2590", "CVE-2019-2591", "CVE-2019-2592", "CVE-2019-2593", "CVE-2019-2594", "CVE-2019-2595", "CVE-2019-2596", "CVE-2019-2597", "CVE-2019-2598", "CVE-2019-2600", "CVE-2019-2601", "CVE-2019-2602", "CVE-2019-2603", "CVE-2019-2604", "CVE-2019-2605", "CVE-2019-2606", "CVE-2019-2607", "CVE-2019-2608", "CVE-2019-2609", "CVE-2019-2610", "CVE-2019-2611", "CVE-2019-2612", "CVE-2019-2613", "CVE-2019-2614", "CVE-2019-2615", "CVE-2019-2616", "CVE-2019-2617", "CVE-2019-2618", "CVE-2019-2619", "CVE-2019-2620", "CVE-2019-2621", "CVE-2019-2622", "CVE-2019-2623", "CVE-2019-2624", "CVE-2019-2625", "CVE-2019-2626", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2629", "CVE-2019-2630", "CVE-2019-2631", "CVE-2019-2632", "CVE-2019-2633", "CVE-2019-2634", "CVE-2019-2635", "CVE-2019-2636", "CVE-2019-2637", "CVE-2019-2638", "CVE-2019-2639", "CVE-2019-2640", "CVE-2019-2641", "CVE-2019-2642", "CVE-2019-2643", "CVE-2019-2644", "CVE-2019-2645", "CVE-2019-2646", "CVE-2019-2647", "CVE-2019-2648", "CVE-2019-2649", "CVE-2019-2650", "CVE-2019-2651", "CVE-2019-2652", "CVE-2019-2653", "CVE-2019-2654", "CVE-2019-2655", "CVE-2019-2656", "CVE-2019-2657", "CVE-2019-2658", "CVE-2019-2659", "CVE-2019-2660", "CVE-2019-2661", "CVE-2019-2662", "CVE-2019-2663", "CVE-2019-2664", "CVE-2019-2665", "CVE-2019-2669", "CVE-2019-2670", "CVE-2019-2671", "CVE-2019-2673", "CVE-2019-2674", "CVE-2019-2675", "CVE-2019-2676", "CVE-2019-2677", "CVE-2019-2678", "CVE-2019-2679", "CVE-2019-2680", "CVE-2019-2681", "CVE-2019-2682", "CVE-2019-2683", "CVE-2019-2684", "CVE-2019-2685", "CVE-2019-2686", "CVE-2019-2687", "CVE-2019-2688", "CVE-2019-2689", "CVE-2019-2690", "CVE-2019-2691", "CVE-2019-2692", "CVE-2019-2693", "CVE-2019-2694", "CVE-2019-2695", "CVE-2019-2696", "CVE-2019-2697", "CVE-2019-2698", "CVE-2019-2699", "CVE-2019-2700", "CVE-2019-2701", "CVE-2019-2702", "CVE-2019-2703", "CVE-2019-2704", "CVE-2019-2705", "CVE-2019-2706", "CVE-2019-2707", "CVE-2019-2708", "CVE-2019-2709", "CVE-2019-2712", "CVE-2019-2713", "CVE-2019-2719", "CVE-2019-2720", "CVE-2019-2721", "CVE-2019-2722", "CVE-2019-2723", "CVE-2019-2726", "CVE-2019-3772", "CVE-2019-3815", "CVE-2019-3822", "CVE-2019-3823", "CVE-2019-3834", "CVE-2019-7282", "CVE-2020-13946", "CVE-2020-36254"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1102-1:511F7", "DEBIAN:DLA-1102-1:7F277", "DEBIAN:DLA-1157-1:16CF2", "DEBIAN:DLA-1157-1:FA549", "DEBIAN:DLA-1166-1:E77EB", "DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-1232-1:15F37", "DEBIAN:DLA-1301-1:149F1", "DEBIAN:DLA-1301-1:BE1F2", "DEBIAN:DLA-1330-1:A6756", "DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1385-1:07519", "DEBIAN:DLA-1385-1:898D3", "DEBIAN:DLA-1396-1:3B04A", "DEBIAN:DLA-1400-1:35C3A", "DEBIAN:DLA-1400-1:B4EC8", "DEBIAN:DLA-1405-1:4C0C5", "DEBIAN:DLA-1405-1:D76AF", "DEBIAN:DLA-1422-1:EBC6F", "DEBIAN:DLA-1422-2:DC70E", "DEBIAN:DLA-1423-1:B239D", "DEBIAN:DLA-1449-1:6B9AF", "DEBIAN:DLA-1449-1:EF247", "DEBIAN:DLA-1450-1:A5949", "DEBIAN:DLA-1453-1:5FFE9", "DEBIAN:DLA-1453-1:CD4E8", "DEBIAN:DLA-1481-1:EB6C9", "DEBIAN:DLA-1491-1:FF012", "DEBIAN:DLA-1506-1:91878", "DEBIAN:DLA-1506-1:B3A8C", "DEBIAN:DLA-1544-1:3B057", "DEBIAN:DLA-1544-1:E09B2", "DEBIAN:DLA-1545-1:8712A", "DEBIAN:DLA-1545-1:FA511", "DEBIAN:DLA-1586-1:00096", "DEBIAN:DLA-1639-1:E2273", "DEBIAN:DLA-1647-1:786B3", "DEBIAN:DLA-1672-1:150F0", "DEBIAN:DLA-1701-1:59A22", "DEBIAN:DLA-1701-1:65168", "DEBIAN:DLA-1703-1:8DD2D", "DEBIAN:DLA-1703-1:D506D", "DEBIAN:DLA-1704-1:5926F", "DEBIAN:DLA-1711-1:DE671", "DEBIAN:DLA-1711-1:E8CC3", "DEBIAN:DLA-1728-1:BAE1A", "DEBIAN:DLA-1728-1:E6017", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1782-1:CAC81", "DEBIAN:DLA-1782-1:EE207", "DEBIAN:DLA-2091-1:A9C2E", "DEBIAN:DLA-219-1:C7AC1", "DEBIAN:DLA-2342-1:7AEB4", "DEBIAN:DLA-2388-1:C1A90", "DEBIAN:DLA-2583-1:724F6", "DEBIAN:DLA-2635-1:94A97", "DEBIAN:DLA-274-1:EF71E", "DEBIAN:DLA-2889-1:E0D6C", "DEBIAN:DLA-528-1:BE307", "DEBIAN:DLA-528-1:C8771", "DEBIAN:DLA-529-1:758C3", "DEBIAN:DLA-529-1:DC84D", "DEBIAN:DLA-57-1:29ABF", "DEBIAN:DLA-57-1:6DE0E", "DEBIAN:DLA-615-1:B50E0", "DEBIAN:DLA-728-1:A9D65", "DEBIAN:DLA-728-1:ECD0E", "DEBIAN:DLA-729-1:1B0B9", "DEBIAN:DLA-729-1:E931B", "DEBIAN:DLA-744-1:95F46", "DEBIAN:DLA-814-1:045BE", "DEBIAN:DLA-814-1:7031E", "DEBIAN:DLA-918-1:4C05E", "DEBIAN:DLA-918-1:723AC", "DEBIAN:DLA-931-1:3C25B", "DEBIAN:DLA-931-1:6BABA", "DEBIAN:DLA-947-1:D63D3", "DEBIAN:DLA-989-1:3AA87", "DEBIAN:DLA-989-1:A666A", "DEBIAN:DLA-996-1:D223D", "DEBIAN:DLA-996-1:E5DD6", "DEBIAN:DSA-2886-1:64DF1", "DEBIAN:DSA-2940-1:494C4", "DEBIAN:DSA-3187-1:97BB3", "DEBIAN:DSA-3187-1:B06DD", "DEBIAN:DSA-3323-1:B926B", "DEBIAN:DSA-3609-1:174EB", "DEBIAN:DSA-3611-1:6D627", "DEBIAN:DSA-3611-1:F53EF", "DEBIAN:DSA-3614-1:2E149", "DEBIAN:DSA-3614-1:AC7F6", "DEBIAN:DSA-3725-1:55BC2", "DEBIAN:DSA-3725-1:7707C", "DEBIAN:DSA-3738-1:66970", "DEBIAN:DSA-3738-1:EB221", "DEBIAN:DSA-3739-1:06429", "DEBIAN:DSA-3739-1:1BDAB", "DEBIAN:DSA-3773-1:2A1F5", "DEBIAN:DSA-3830-1:43011", "DEBIAN:DSA-3830-1:6A9B9", "DEBIAN:DSA-3839-1:06091", "DEBIAN:DSA-3839-1:995C3", "DEBIAN:DSA-3891-1:2AC83", "DEBIAN:DSA-3891-1:F49C7", "DEBIAN:DSA-3892-1:275FA", "DEBIAN:DSA-3892-1:576B2", "DEBIAN:DSA-3893-1:D7D5B", "DEBIAN:DSA-3893-1:EB5EA", "DEBIAN:DSA-3980-1:6FBEB", "DEBIAN:DSA-3980-1:C7ED3", "DEBIAN:DSA-4004-1:17FA8", "DEBIAN:DSA-4004-1:F9730", "DEBIAN:DSA-4017-1:88D36", "DEBIAN:DSA-4017-1:AEF53", "DEBIAN:DSA-4018-1:01441", "DEBIAN:DSA-4018-1:DD3DF", "DEBIAN:DSA-4037-1:25D25", "DEBIAN:DSA-4037-1:C6592", "DEBIAN:DSA-4065-1:A75E5", "DEBIAN:DSA-4078-1:83863", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4082-1:58978", "DEBIAN:DSA-4120-1:7BEB7", "DEBIAN:DSA-4157-1:5A16B", "DEBIAN:DSA-4157-1:D7BEA", "DEBIAN:DSA-4158-1:43C61", "DEBIAN:DSA-4158-1:561AF", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4187-1:E8170", "DEBIAN:DSA-4188-1:B3909", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4190-1:21588", "DEBIAN:DSA-4190-1:7ADD0", "DEBIAN:DSA-4215-1:131D7", "DEBIAN:DSA-4215-1:4B480", "DEBIAN:DSA-4230-1:5B4A2", "DEBIAN:DSA-4231-1:6B2CC", "DEBIAN:DSA-4231-1:9B244", "DEBIAN:DSA-4233-1:7C3A1", "DEBIAN:DSA-4274-1:19FA6", "DEBIAN:DSA-4279-1:280AD", "DEBIAN:DSA-4279-1:66DD9", "DEBIAN:DSA-4281-1:42CC4", "DEBIAN:DSA-4281-1:EC541", "DEBIAN:DSA-4348-1:05673", "DEBIAN:DSA-4355-1:1415E", "DEBIAN:DSA-4367-1:3D2E5", "DEBIAN:DSA-4367-1:BF4F4", "DEBIAN:DSA-4386-1:8CA8C", "DEBIAN:DSA-4387-1:19CD5", "DEBIAN:DSA-4400-1:84438", "DEBIAN:DSA-4422-1:16F13", "DEBIAN:DSA-4422-1:5F32A", "DEBIAN:DSA-4452-1:F65D2", "DEBIAN:DSA-4453-1:C46EE", "DEBIAN:DSA-4469-1:052EF", "DEBIAN:DSA-4469-1:B9B08", "DEBIAN:DSA-4596-1:D180A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-0107", "DEBIANCVE:CVE-2014-0114", "DEBIANCVE:CVE-2014-7923", "DEBIANCVE:CVE-2014-7926", "DEBIANCVE:CVE-2014-7940", "DEBIANCVE:CVE-2014-8146", "DEBIANCVE:CVE-2014-8147", "DEBIANCVE:CVE-2014-9654", "DEBIANCVE:CVE-2014-9911", "DEBIANCVE:CVE-2015-1832", "DEBIANCVE:CVE-2015-3253", "DEBIANCVE:CVE-2015-9251", "DEBIANCVE:CVE-2016-1000031", "DEBIANCVE:CVE-2016-2141", "DEBIANCVE:CVE-2016-3092", "DEBIANCVE:CVE-2016-4000", "DEBIANCVE:CVE-2016-6293", "DEBIANCVE:CVE-2016-7055", "DEBIANCVE:CVE-2016-7103", "DEBIANCVE:CVE-2016-7415", "DEBIANCVE:CVE-2016-8735", "DEBIANCVE:CVE-2017-0861", "DEBIANCVE:CVE-2017-12617", "DEBIANCVE:CVE-2017-14952", "DEBIANCVE:CVE-2017-15095", "DEBIANCVE:CVE-2017-15265", "DEBIANCVE:CVE-2017-17484", "DEBIANCVE:CVE-2017-17485", "DEBIANCVE:CVE-2017-3730", "DEBIANCVE:CVE-2017-3731", "DEBIANCVE:CVE-2017-3732", "DEBIANCVE:CVE-2017-3733", "DEBIANCVE:CVE-2017-3735", "DEBIANCVE:CVE-2017-3736", "DEBIANCVE:CVE-2017-3738", "DEBIANCVE:CVE-2017-5533", "DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-5664", "DEBIANCVE:CVE-2017-5753", "DEBIANCVE:CVE-2017-5754", "DEBIANCVE:CVE-2017-7525", "DEBIANCVE:CVE-2017-7867", "DEBIANCVE:CVE-2017-7868", "DEBIANCVE:CVE-2017-8105", "DEBIANCVE:CVE-2017-8287", "DEBIANCVE:CVE-2017-9798", "DEBIANCVE:CVE-2018-0495", "DEBIANCVE:CVE-2018-0732", "DEBIANCVE:CVE-2018-0733", "DEBIANCVE:CVE-2018-0734", "DEBIANCVE:CVE-2018-0735", "DEBIANCVE:CVE-2018-0737", "DEBIANCVE:CVE-2018-0739", "DEBIANCVE:CVE-2018-1000004", "DEBIANCVE:CVE-2018-1000180", "DEBIANCVE:CVE-2018-1000613", "DEBIANCVE:CVE-2018-10471", "DEBIANCVE:CVE-2018-10901", "DEBIANCVE:CVE-2018-11039", "DEBIANCVE:CVE-2018-11040", "DEBIANCVE:CVE-2018-11218", "DEBIANCVE:CVE-2018-11219", "DEBIANCVE:CVE-2018-11236", "DEBIANCVE:CVE-2018-11237", "DEBIANCVE:CVE-2018-11307", "DEBIANCVE:CVE-2018-11761", "DEBIANCVE:CVE-2018-11763", "DEBIANCVE:CVE-2018-11775", "DEBIANCVE:CVE-2018-11784", "DEBIANCVE:CVE-2018-11796", "DEBIANCVE:CVE-2018-12022", "DEBIANCVE:CVE-2018-12023", "DEBIANCVE:CVE-2018-12384", "DEBIANCVE:CVE-2018-12404", "DEBIANCVE:CVE-2018-1257", "DEBIANCVE:CVE-2018-1304", "DEBIANCVE:CVE-2018-1305", "DEBIANCVE:CVE-2018-14718", "DEBIANCVE:CVE-2018-14719", "DEBIANCVE:CVE-2018-14720", "DEBIANCVE:CVE-2018-14721", "DEBIANCVE:CVE-2018-15756", "DEBIANCVE:CVE-2018-16864", "DEBIANCVE:CVE-2018-16865", "DEBIANCVE:CVE-2018-16890", "DEBIANCVE:CVE-2018-17189", "DEBIANCVE:CVE-2018-17199", "DEBIANCVE:CVE-2018-19360", "DEBIANCVE:CVE-2018-19361", "DEBIANCVE:CVE-2018-19362", "DEBIANCVE:CVE-2018-19965", "DEBIANCVE:CVE-2018-20685", "DEBIANCVE:CVE-2018-3620", "DEBIANCVE:CVE-2018-3646", "DEBIANCVE:CVE-2018-3693", "DEBIANCVE:CVE-2018-5407", "DEBIANCVE:CVE-2018-5968", "DEBIANCVE:CVE-2018-6485", "DEBIANCVE:CVE-2018-7489", "DEBIANCVE:CVE-2018-7566", "DEBIANCVE:CVE-2018-8013", "DEBIANCVE:CVE-2018-8034", "DEBIANCVE:CVE-2018-8088", "DEBIANCVE:CVE-2019-0190", "DEBIANCVE:CVE-2019-1559", "DEBIANCVE:CVE-2019-2574", "DEBIANCVE:CVE-2019-2602", "DEBIANCVE:CVE-2019-2614", "DEBIANCVE:CVE-2019-2627", "DEBIANCVE:CVE-2019-2628", "DEBIANCVE:CVE-2019-2656", "DEBIANCVE:CVE-2019-2657", "DEBIANCVE:CVE-2019-2678", "DEBIANCVE:CVE-2019-2679", "DEBIANCVE:CVE-2019-2680", "DEBIANCVE:CVE-2019-2684", "DEBIANCVE:CVE-2019-2690", "DEBIANCVE:CVE-2019-2692", "DEBIANCVE:CVE-2019-2696", "DEBIANCVE:CVE-2019-2697", "DEBIANCVE:CVE-2019-2698", "DEBIANCVE:CVE-2019-2699", "DEBIANCVE:CVE-2019-2703", "DEBIANCVE:CVE-2019-2721", "DEBIANCVE:CVE-2019-2722", "DEBIANCVE:CVE-2019-2723", "DEBIANCVE:CVE-2019-3815", "DEBIANCVE:CVE-2019-3822", "DEBIANCVE:CVE-2019-3823", "DEBIANCVE:CVE-2019-7282", "DEBIANCVE:CVE-2020-36254", "DEBIANCVE:TEMP-0780503-1359A5"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2022-002"]}, {"type": "dsquare", "idList": ["E-627"]}, {"type": "exploitdb", "idList": ["EDB-ID:41192", "EDB-ID:42745", "EDB-ID:42953", "EDB-ID:42966", "EDB-ID:43008", "EDB-ID:43887", "EDB-ID:44750", "EDB-ID:45785", "EDB-ID:46728", "EDB-ID:46729", "EDB-ID:50118"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:0361481628309A1D7E4A332182E03C24", "EXPLOITPACK:0B714363F2F9D4B35795B73720CAEE24", "EXPLOITPACK:28422BD346C315BD9B02E4A18C1B9B0A", "EXPLOITPACK:31B3E3F4C5EABC55DF384007CB11320A", "EXPLOITPACK:72429F5B3683F5844729D345CDA28DF9", "EXPLOITPACK:9750C06F2886431FD4242B84085D678F", "EXPLOITPACK:A973689D6080CBEE3C764AC41CE0B4D5", "EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D"]}, {"type": "f5", "idList": ["F5:K01225001", "F5:K02771314", "F5:K03314397", "F5:K03564319", "F5:K04246541", "F5:K04403302", "F5:K04623854", "F5:K05137342", "F5:K06044762", "F5:K06208063", "F5:K07519400", "F5:K07721343", "F5:K08044291", "F5:K10281096", "F5:K11175903", "F5:K11315080", "F5:K12492858", "F5:K14363514", "F5:K15551553", "F5:K15595", "F5:K16835", "F5:K18193959", "F5:K18549143", "F5:K20001553", "F5:K21462542", "F5:K21665601", "F5:K22040951", "F5:K22893952", "F5:K23173103", "F5:K25206238", "F5:K28312671", "F5:K28902827", "F5:K29562170", "F5:K31022653", "F5:K31085564", "F5:K31300402", "F5:K31781390", "F5:K32051722", "F5:K32616738", "F5:K32798641", "F5:K34468163", "F5:K34681653", "F5:K35981055", "F5:K36212405", "F5:K37526132", "F5:K40444230", "F5:K41738501", "F5:K42793451", "F5:K43429502", "F5:K43540241", "F5:K43570545", "F5:K43741620", "F5:K44512851", "F5:K49233165", "F5:K49331953", "F5:K49711130", "F5:K49820145", "F5:K52514501", "F5:K53173544", "F5:K54212139", "F5:K54252492", "F5:K54296221", "F5:K54470776", "F5:K55462146", "F5:K58304450", "F5:K58502649", "F5:K62463634", "F5:K62695363", "F5:K64921482", "F5:K65417229", "F5:K70084351", "F5:K70675920", "F5:K82392041", "F5:K84141449", "F5:K86612211", "F5:K91229003", "F5:K95065016", "F5:K95208524", "F5:K95275140", "SOL04403302", "SOL15282", "SOL15595", "SOL16835", "SOL40444230", "SOL49233165", "SOL49820145", "SOL82392041"]}, {"type": "fedora", "idList": ["FEDORA:0240B604B381", "FEDORA:0383560937A8", "FEDORA:04FF26183EFA", "FEDORA:07A43601CEEA", "FEDORA:08AC0606CFA2", "FEDORA:08D3760E6566", "FEDORA:08F4166AED40", "FEDORA:092E9605F081", "FEDORA:0AC1C60C76B5", "FEDORA:0B919601CE4F", "FEDORA:0F18160C6159", "FEDORA:10CA0613BB06", "FEDORA:10F7D6255145", "FEDORA:115AC6042D4F", "FEDORA:11625603E848", "FEDORA:11D0F601FDA8", "FEDORA:122AE604D3F9", "FEDORA:125286087B00", "FEDORA:12DAE6051076", "FEDORA:145106253446", "FEDORA:16DD7604E7EF", "FEDORA:1B0852156B", "FEDORA:1CA3E6042F34", "FEDORA:1CAC0608E6F2", "FEDORA:1DA54604D2A3", "FEDORA:1EFAB60ACFB0", "FEDORA:2429C641CB6F", "FEDORA:250CB6087A80", "FEDORA:25BDD6190ECF", "FEDORA:289326015E47", "FEDORA:28ED3610D7CE", "FEDORA:29049600CFF3", "FEDORA:2941E6094063", "FEDORA:2995960C6170", "FEDORA:29FCE65ECD33", "FEDORA:2BBC46051742", "FEDORA:2C89F6167407", "FEDORA:2D794604948D", "FEDORA:2D83A6042395", "FEDORA:2E2F560648E2", "FEDORA:2F34C6133E02", "FEDORA:3053C604816A", "FEDORA:3213A60427AB", "FEDORA:3266960F0E44", "FEDORA:32EC36051065", "FEDORA:341EA6057129", "FEDORA:3706260609AC", "FEDORA:376506075014", "FEDORA:37B8362B00D0", "FEDORA:3898F6076D25", "FEDORA:38DA86002CFB", "FEDORA:3918D608B5D7", "FEDORA:3ED26601CEE3", "FEDORA:3F89D602E3B7", "FEDORA:406C9615BA7E", "FEDORA:41B546014626", "FEDORA:42DA3601FD86", "FEDORA:44065605602A", "FEDORA:445816021736", "FEDORA:44AA5603A529", "FEDORA:456376058289", "FEDORA:4832F6079717", "FEDORA:489136051065", "FEDORA:4B961604A720", "FEDORA:4BA416093FE3", "FEDORA:4C8A2609406E", "FEDORA:4D5AD601FDAC", "FEDORA:4DF45605106F", "FEDORA:4FB5560427DA", "FEDORA:50818233B7", "FEDORA:50E6E6087656", "FEDORA:5267F604C2BD", "FEDORA:5379560874E3", "FEDORA:5D742610B071", "FEDORA:6058860877C6", "FEDORA:613766079706", "FEDORA:623C360E8D66", "FEDORA:62812605106F", "FEDORA:63AEC601CFBA", "FEDORA:648496077DD1", "FEDORA:64CD76075F16", "FEDORA:65B57634CA63", "FEDORA:67D5B602F037", "FEDORA:67F5A6051068", "FEDORA:68D44601BD0C", "FEDORA:6B39A60C690C", "FEDORA:6B66A6047312", "FEDORA:6BF9F60769FE", "FEDORA:6D39A60CC4DC", "FEDORA:6D641613A08A", "FEDORA:6EA206291A90", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:6F712609154B", "FEDORA:728DA604CD72", "FEDORA:74245604D4DA", "FEDORA:748BC6048FFE", "FEDORA:7640C641CB61", "FEDORA:76CFD605E21F", "FEDORA:77E4F6087EA4", "FEDORA:7930060A7CB6", "FEDORA:7B564604AACC", "FEDORA:7C4736051069", "FEDORA:7CCA26069A73", "FEDORA:7D428605FC47", "FEDORA:7E397618AE59", "FEDORA:80260604817C", "FEDORA:8275C3092F8B", "FEDORA:82BA46051069", "FEDORA:87BD56087904", "FEDORA:87CE1617FCD1", "FEDORA:8830E6049DEB", "FEDORA:89D4660EC1E4", "FEDORA:8CEB2616D980", "FEDORA:8D844601518F", "FEDORA:8D9BA60468B9", "FEDORA:8E08F605F09F", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:91D5F606E7CE", "FEDORA:92417604C5F1", "FEDORA:9242E60D30E0", "FEDORA:93899601DD82", "FEDORA:945D36030B31", "FEDORA:94740605F8FC", "FEDORA:957DA605174F", "FEDORA:95A686085F81", "FEDORA:98315602F10D", "FEDORA:98D5F601DECE", "FEDORA:995AF61F9AAB", "FEDORA:9A45F6078C22", "FEDORA:9B33E60E86E5", "FEDORA:9E3346051071", "FEDORA:9E3D9606D195", "FEDORA:9FDCF62874A1", "FEDORA:A01FB60BDCB4", "FEDORA:A071E60419A6", "FEDORA:A29B160972B0", "FEDORA:A7FE360648D0", "FEDORA:A9847604E850", "FEDORA:A99066078F69", "FEDORA:AB2DD6067A04", "FEDORA:AB52460321C9", "FEDORA:AB5346014BB3", "FEDORA:AB76A60CDC47", "FEDORA:AC7FC600CFCA", "FEDORA:ACC466324C7C", "FEDORA:AEECE6075DBF", "FEDORA:AFDBD60E76E0", "FEDORA:B11A16051070", "FEDORA:B395E6087A9D", "FEDORA:B4E3C6062CB4", "FEDORA:B54D264CBCAC", "FEDORA:B56AC605DCD2", "FEDORA:B5C736087A8D", "FEDORA:B62DF21B6B", "FEDORA:B72AB60A6822", "FEDORA:B76DE6348980", "FEDORA:B803860875BB", "FEDORA:B87B460876BA", "FEDORA:B8E2D6051075", "FEDORA:B98866076020", "FEDORA:BA569604CD9E", "FEDORA:BBFE360460D0", "FEDORA:BC349601DD98", "FEDORA:BC771622EB72", "FEDORA:BD35260BC96F", "FEDORA:BFACF60A35B3", "FEDORA:BFD6D6095533", "FEDORA:C49D061F375F", "FEDORA:C4FE16051044", "FEDORA:C5613607A3CF", "FEDORA:C63046095B2B", "FEDORA:C64AE6007F37", "FEDORA:C65F560874BD", "FEDORA:C85E36015F7B", "FEDORA:C8F726082DB8", "FEDORA:CE4F260CE12E", "FEDORA:CF0AC608B5E3", "FEDORA:CF28F60151B5", "FEDORA:D013361742CE", "FEDORA:D045460C6158", "FEDORA:D08CB6047310", "FEDORA:D09A26048D45", "FEDORA:D17F86077DFD", "FEDORA:D193E6133B2E", "FEDORA:D1E11620D217", "FEDORA:D1E836050C52", "FEDORA:D208C60874AA", "FEDORA:D5F726042B1F", "FEDORA:D606D605A2B4", "FEDORA:D653E604C87F", "FEDORA:D6CAE607A456", "FEDORA:D6F86601E6D9", "FEDORA:D74C160C9AD0", "FEDORA:D7E1E60C4225", "FEDORA:D8D34601DECE", "FEDORA:D8DAB61DD062", "FEDORA:D8E6160F62FB", "FEDORA:DB25A6083B5B", "FEDORA:DD3AE60954BE", "FEDORA:DDCDA60582B7", "FEDORA:DEA206060997", "FEDORA:DEE54601518F", "FEDORA:DF5176048167", "FEDORA:E150A6395ADF", "FEDORA:E37FD60924F1", "FEDORA:E5291607602A", "FEDORA:E63546051071", "FEDORA:E66CE6076F5E", "FEDORA:E6F08605DCE7", "FEDORA:E827E60200A8", "FEDORA:E8F1960525C8", "FEDORA:E93AE6077DCD", "FEDORA:EBB026048D2E", "FEDORA:EC39E6051044", "FEDORA:EE46664638EB", "FEDORA:EFDAB6050C3B", "FEDORA:F41A860321C6"]}, {"type": "fortinet", "idList": ["FG-IR-17-019", "FG-IR-17-251", "FG-IR-18-002", "FG-IR-18-013"]}, {"type": "freebsd", "idList": ["0904E81F-A89D-11E8-AFBB-BC5FF4F77B71", "0B9AF110-D529-11E6-AE1B-002590263BF5", "198E6220-AC8B-11E9-A1C7-B499BAEBFEAF", "1A802BA9-F444-11E6-9940-B499BAEBFEAF", "1CE95BC7-3278-11E8-B527-00012E582166", "2310B814-A652-11E8-805B-A4BADB2F4699", "238AE7DE-DBA2-11E8-B713-B499BAEBFEAF", "2A86F45A-FC3C-11E8-A414-00155D006B02", "3BB451FC-DB64-11E7-AC58-B499BAEBFEAF", "416CA0F4-3FE0-11E9-BBDD-6805CA0B3D42", "4A088D67-3AF2-11E7-9D75-C86000169601", "4AF92A40-DB33-11E6-AE1B-002590263BF5", "50751310-A763-11E6-A881-B499BAEBFEAF", "55C4233E-1844-11E8-A712-0025908740C2", "607F8B57-7454-42C6-A88A-8706F327076D", "61B8C359-4AAB-11E6-A7BD-14DAE9D210B8", "67B3FEF2-2BEA-11E5-86FF-14DAE9D210B8", "6F170CF2-E6B7-11E8-A9A8-B499BAEBFEAF", "714B033A-2B09-11E9-8BC3-610FD6E6CD05", "71C71CE0-0805-11EB-A3A4-0019DBB15B3F", "74DAA370-2797-11E8-95EC-A4BADB2F4699", "76B085E2-9D33-11E7-9260-000C292EE6B8", "7700061F-34F7-11E9-B95C-B499BAEBFEAF", "8F353420-4197-11E8-8777-B499BAEBFEAF", "909BE51B-9B3B-11E8-ADD2-B499BAEBFEAF", "93F8E0FF-F33D-11E8-BE46-0019DBB15B3F", "9442A811-DAB3-11E7-B5AF-A4BADB2F4699", "9B5162DE-6F39-11E8-818E-E8E0B747A45A", "9F7A0F39-DDC0-11E7-B5AF-A4BADB2F4699", "B71D7193-3C54-11E9-A3F9-00155D006B02", "B7CFF5A9-31CC-11E8-8F07-B499BAEBFEAF", "BEA84A7A-E0C9-11E7-B4F3-11BAA0C2DF21", "C0DAE634-4820-4505-850D-B1C975D0F67D", "C1265E85-7C95-11E7-93AF-005056925DB4", "C82ECAC5-6E3F-11E8-8777-B499BAEBFEAF", "CBCEEB49-3BC7-11E6-8E82-002590263BF5", "D455708A-E3D3-11E6-9940-B499BAEBFEAF", "D70C9E18-F340-11E8-BE46-0019DBB15B3F", "E182C076-C189-11E8-A6D2-B499BAEBFEAF", "E30E0C99-A1B7-11E4-B85C-00262D5ED8EE", "EB888CE5-1F19-11E9-BE05-4C72B94353B5", "ED8D5535-CA78-11E9-980B-999FF59C22EA", "F40F07AA-C00F-11E7-AC58-B499BAEBFEAF", "FE93803C-883F-11E8-9F0C-001B216D295B"]}, {"type": "gentoo", "idList": ["GLSA-201502-13", "GLSA-201503-06", "GLSA-201507-04", "GLSA-201604-02", "GLSA-201607-09", "GLSA-201610-01", "GLSA-201701-58", "GLSA-201702-07", "GLSA-201705-09", "GLSA-201706-14", "GLSA-201710-03", "GLSA-201710-28", "GLSA-201710-32", "GLSA-201712-03", "GLSA-201802-04", "GLSA-201804-02", "GLSA-201810-06", "GLSA-201811-03", "GLSA-201811-21", "GLSA-201903-03", "GLSA-201903-07", "GLSA-201903-10", "GLSA-201903-16", "GLSA-201903-21", "GLSA-201908-04", "GLSA-201908-10", "GLSA-202007-53", "GLSA-202107-39"]}, {"type": "github", "idList": ["GHSA-24WW-MC5X-XC43", "GHSA-25GW-4PCC-45CF", "GHSA-4446-656P-F54G", "GHSA-46J3-R4PJ-4835", "GHSA-4GQ5-CH57-C2MG", "GHSA-4R8Q-GV9J-3XX6", "GHSA-5GGR-MPGW-3MGX", "GHSA-5Q99-F34M-67GC", "GHSA-645P-88QH-W398", "GHSA-6JQ2-789Q-FFF2", "GHSA-6R7R-JJ8H-PQ6V", "GHSA-6RXJ-58JH-436R", "GHSA-6WQP-V4V6-C87C", "GHSA-7JW3-5Q4W-89QG", "GHSA-7X9J-7223-RG5M", "GHSA-9GCM-F4X3-8JPW", "GHSA-9MXF-G3X6-WV74", "GHSA-C8HM-7HPQ-7JHG", "GHSA-CGGJ-FVV3-CQWV", "GHSA-CJJF-94FF-43W7", "GHSA-CXRJ-66C5-9FMH", "GHSA-F26X-PR96-VW86", "GHSA-F7F6-XRWC-9C57", "GHSA-F9HV-MG5H-XCW9", "GHSA-FFVQ-7W96-97P7", "GHSA-FVM3-CFVJ-GXQQ", "GHSA-FXPH-Q3J8-MV87", "GHSA-H592-38CM-4GGP", "GHSA-H8Q5-G2CJ-QR5H", "GHSA-HPCF-8VF9-Q4GJ", "GHSA-JCQ3-CPRP-M333", "GHSA-JMVV-524F-HJ5J", "GHSA-JX6H-3FJX-CGV5", "GHSA-M9W8-V359-9FFR", "GHSA-MX9V-GMH4-MGQW", "GHSA-P66X-2CV9-QQ3V", "GHSA-QG25-HGJV-CG9Q", "GHSA-QR7J-H6GG-JMGC", "GHSA-QXXX-2PP7-5HMX", "GHSA-RC2W-R4JQ-7PFX", "GHSA-RC7H-X6CQ-988Q", "GHSA-RCPF-VJ53-7H2M", "GHSA-RFX6-VP9G-RH7V", "GHSA-RMXG-73GG-4P98", "GHSA-W3F4-3Q6J-RH82", "GHSA-W77P-8CFG-2X43", "GHSA-WR5R-M8PC-85J9", "GHSA-WR69-G62G-2R9H", "GHSA-WRR7-33FX-RCVJ", "GHSA-X2W5-5M2G-7H5M", "GHSA-XJGH-84HX-56C5", "GHSA-XQJ7-J8J5-F2XR"]}, {"type": "githubexploit", "idList": ["570FF86C-6068-5E26-9552-A6876544601F", "C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:42FBA08807698DC5CD34486014AC8332"]}, {"type": "hackerone", "idList": ["H1:269568", "H1:364964", "H1:518097", "H1:519061", "H1:874427"]}, {"type": "hp", "idList": ["HP:C05869091", "HP:C06179472"]}, {"type": "httpd", "idList": ["HTTPD:60420623F2A716909480F87DB74EE9D7", "HTTPD:6236A32987BAE49DFBF020477B1278DD", "HTTPD:7DDAAFDB1FD8B2E7FD36ADABA5DB6DAA", "HTTPD:87E6488B7C543F4421D1060636F72213", "HTTPD:AAC1059FE0E9684FAF0639E105E0C314", "HTTPD:C1BCB024FBDBA4C7909CE6FABA8E1422"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20170419-01-OPENSSL", "HUAWEI-SA-20170503-01-OPENSSL", "HUAWEI-SA-20180106-01-CPU", "HUAWEI-SA-20180228-01-STRUTS", "HUAWEI-SA-20180606-01-CPU", "HUAWEI-SA-20180613-01-OPENSSL", "HUAWEI-SA-20180815-01-CPU", "HUAWEI-SA-20181212-01-CACHE"]}, {"type": "ibm", "idList": ["002EEB5F5A7739989BC247DF814D8328529073722D1EAF6319232F8412E43B85", "005B966C0D4C843033C58B3653BB0E0525ED6FF20DBF2C930FF9484509B839C6", "005C6D395AA8716F1312AF9365F6C7581DE1A44756D16DDF39FA96712476AD24", "00CCFCA9A5F16E5078CC3A0799E78508D7F8D9C3DC2CB9C2E2996EDDB6A762AD", "015CED4DD111438880FFDB361B30E09A12892E262FEEA8F7178F7A49BBE7D4D2", "0195EF9270C92B580690607B214E8A9EAB1DF3E5DC94EF6452F5250A541EC1F4", "026861C8F37CB442AEB06F08CB67784AB6226E1C2C5830E2D4227D71E9453C5B", "0284A9C9E051B4865405E64F5A3763DE5BDDD913D368CA68D8232FD8BADE82FC", "03AF4ACA139A89E3311C3DBEB069FAA0C1761237F3BDA98BFBF2E5856D710227", "04A2D8C96A2597640B042A371899D0C3BFBD23E7CE6586C1EAEFBB5A99DD8DA7", "068E4774F9835C8E080EE324144DDF1D362B4CFF31E92E6F3B859DDEBD2C9E8C", "069F58181471E98C0C6EDE4A21485D35163C973C444F407E9C0B25C289599B53", "06EDD0088920B36E0E290AA59F24D3F5C2B7C76E0CC4278DE6D7D4B24EE9ED7B", "06EF6BE90AEC9AA90B449F2F70DD13D3C40402C9D7FEF54FD86A86FC3A820F14", "06FAF3AD79C8BAC8455C602C3F4C354C0CD9450DE060FB4D831ED000993782B4", "072EBEFE4EF574F4A87AC95BEA1237C43CF6D39DDD94C6BD9B965A322BB8CD15", "08325F6AA0E5D32062B70EC20B7BAC73EDD2082F6016AADE25F93CC5C5945E15", "08ECBCA670F0B3F435801B7A34A3A7C7EF6315794FDF864F61E57E02C2E3EFDD", "0978569FD2F147C823915C9876A71D398A665277687BCAA24AD0ED48318BA2B5", "09C0C603EECE682CFFD6D5C27B3EAA66D128B79E9D89A33E4AF2314E9BF9995F", "09CD81CAD88D5272A1898D3B104B0A76C75C4D6F24390C322F2B3A9929DF7F0F", "0A251B57941452CDFD64C031582A8D13D6719AEDB99EBF965740CC5E04A717D6", "0A3CB536625237AF6E1A39B78799B41B9AF062894DA038E4F769071D72640FDB", "0A5B13C8983BE4491518367535A0427B2CBE5B0B75C8384C4657D2E9D8B12509", "0BB0F39865741AB9E1AFB9CA3C5508F7FB9BEACECB805F04C6C6B336AA66617E", "0BE7C49B1C87D6738799B354F83EFE4BB8218E50E01DD5D29962ECEB31137434", "0C2BB43DF89AB651EB4868C14225E174A83EBF22C74E30A0801125F7BAB5FEA4", "0C4F91C9AA7E146EDA1AA877B92C4C590E445AC7D2AC0E60ECCE4BA77A47F0EB", "0C6734F6725DCB40DE954502D99954B1EAE40B4DC21216DE860B86C124C49FB8", "0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300", "0CA188EFC7CDADE90601F290707CAA5BD78A8BC55F51F5FEBB8DE6973755F589", "0CAC6F4414CAC59828DC6497D69E4CBEA3A13AFFD03636CAE9B0C1F00FCEA8FC", "0CD3C55D23EF6A3854413D6B77B0308F73405F8CB242F8337158678FAB58DBC5", "0D7A334726D7F8214BDF965C6B0ED351221CB7A9A083042878EB2C3CB193A50A", "0DA16010754F6A3A66E6070FF741D701A7AD021EAE93340A6584612005BFDA0C", "0E0A5A7B6700741752FA21EFE9AB43CC6637781C0541DB39566FEB4927470584", "0E6C36AA0AE26A92B3320E10EB0FF0C10724B1CFCCE3BCA426B32FFB32CA660D", "0E703A42B01F9DF3E0FEC04EEA4F7733F5A313C86865501C0F8A79378E425C34", "0EB149242AF86C92359FD2819FE5CA2FA94AAA9A6E3A7381956968DD540CEF70", "0EE09B7EB7702170D95421E24B37FF3DD1538C056EA0EA2EDFE386FA1CFE89C0", "0EF44D7BEF5C03959E950CB614519995F2E867A8D23700F1A140791E7A71940E", "0F0A825C07A03880DD39EA5C5014BCE8191E8BEC536CC2446F889DF92FF626E7", "0F254BE920E96D803CA1A391E1B8A3B0C658E51C8C31B0AC0F95FEDD45279D52", "0F4490A26A7A5960275AF6437143D350A19CD931C617E64E2575EA3E557FDA61", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "0F8C9B43069C04EF8D42F75FA8D42A5837D2A01F1B45F132DD6CE116C7562B83", "105582E22A7635AD8A17D8C4E6AD9235767052B536331FB67C1F6CCC68F2D519", "10A1C628C399C86E24C9D6A9B3952A5B25FBBB7072A52C80458F472DD864A956", "11452E38010E945A0FE01EFC4554F3798D8F99A1582985B386C674085821DFEE", "11AC7F14B60A5C486180C6662F02676A29D51924B42EC510A55CFB87D09F8654", "11E81EB1E5CBC5601C17BB0C111739EAEC08B28C324C7EB2A55D622BD6C239ED", "121AD16C8E6DC137F59BC7099DCBB94073B1DAF243EA01F065B73DC33C59F7CD", "12780044E1A62D25F913723FBCBD5B926E91CC9AC8CA8FAA1DCE18D02D152689", "12C657CCB040A2D71F5E7B37692A10A6A4BAA07FBFEAADA8E6F9A5BCFCFD9FAB", "1381DDC2EB11D20FD35FD5133E3BDD2833703D883F98CAA012F0CFBF823F4A6D", "140E90DD98ED4CC1A8C413867579B2EF4F8885020D8C9B221D7DC0EFA3D20518", "14B45CE958F99B93156873D6975DBFB3B70D3F58837AC0781D687F5A60FDE9BF", "150C26A4B23CEB9D10D6B5FB3E82060606745E070EDD31CF3D53C5969B98B0BF", "152DBBBD89777F049F222CCBB92B4558AF83750C87593C90CA6D85B18A25D750", "154959AD312743D0405AEAA761D472891EC4AB0DB42D62DF98414A64862177AA", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "15B7946476C14969EFBB158D48A2E631603F1323E17E2D4BDC13FB3B86B3B63B", "1684DEC3DF3BB9E78C84E76D9D7057965A40ADC07F69C113F4E928D34BF0D671", "16BD53FF8D4AF4008A6B9480C8D62C5AECEF46E4F486EC150D2D9BBC2C7349FC", "16DB31010331CDA102555C2016C4A080DD57DFC6949CFC06DB82104E0598F7E9", "174F1CB3220ED56F318FA688B5104CC5CCC2107DBECA87BE989ABF3A0091E073", "1753BC62442BE4CF992F4D8242EB34368CF93CCB6BB6464B1B6744B5BFB4A859", "176D5CD01A7F2E8EB250E29435C16F0F0F2E2585C8F6AF8AC1B966FFB7196339", "17AD7BAA4B4B92B376991EA6E2FDE807376B44743890E9D9B34CC80855CC7FB1", "180ABC95965E52B4B93F098FEC3B59035BC1F96781DAC70BFF87CA9222657520", "1815BD265DEB0EE550962E1526DA1FE75BACA3823A20A4BCDA8ED078F9EC9C8D", "1838583E85B1863FB2A37E1D706C57D1643A23633CC56790D77A47C2E362B172", "185CA7A92837C359609A198BF638BED42D46EC58A2CC11C01C5142B98CF7B593", "186A812EC8BE685A06A82835F2DB07583B9993F84BEE52B1FF4EC449933BE498", "18CF8F0579774C83A0D6E6D4B5456431AD2CF024AF0BD0A465437DE7A74A73F9", "1943EE4A2FC01AE8110B277F67FBB5B53651E812990FF383F2F98C2CB99A7DE3", "1A56C0E27437AA486509D2812836A0A7761E820321946BF730BBC1A9B185F972", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "1A977E1D46AE4CB4B7068DB341125931FAD75C28D6703503973FFF9BE917887F", "1AA4689F61391429998123661409491C7FFF90C591FBB12E8BE2CA2BE514C7C6", "1ABA3EC50C5BB5DE641865CF34A5CAC018FE13D6CFF8FE946D2F218907356D71", "1AE3C39E2B04171FD23F21949F6202B367042F6DC07FB81BDC1E886F25C20936", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1B99BE15EF0865EC7D6CAAD98E1510DF110D3FC32411F14658640A57804FCBB5", "1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "1C7571B870C8E0F53BD1021F740C140F42C5E17DC0CF9E67A9EA518C91C58FE9", "1D18DE555FB91F29F8BBC3532E15A21A7A5DE61EF8C2DB29C73E6BDCF4F0E604", "1D7A9620014C4105B221C6CDF92C1FEE1B525AEE56A16CA716E6FAE637E873E0", "1DBB84B31D8520BDA21FAB49DCBBC65BDA4B25DC581755F0005F890A0D31D1F8", "1DEC7FD30C92434624557BDD1128B37921411BD17E6CDC7FBA2302EF3CDB8DDF", "1E014E7185ECE2676B9171118053A4D1DDB9F759CD3863CCB79D1B3DBD175B95", "1EBC77DA43FD0C2AC1B3FBFCD06096623AB926F98B7AC6367589E5222F2115BC", "1EC9D814A44355A00FF42F8C8587C9E7C452415354E28A889935185CB4613BD7", "1EE6A9FE4BA67B644CF284DD602D2172C5B63FD07D6A0117C4A372E7C9EF1921", "1F0E769E02EDA03664C1D0694AF70B26BFB7E4DBC4D96E353B0F8FCBDA767545", "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "1FE8CBFD143AEE75B9E3E758B04FAAEB9E0299C133474FCE02F7561E2C393562", "2043A5155256050F160330C3A6F88A4EF47A0C2DE48EA69299E3599EEF5985A0", "204ADCCC258487D6D5F8C848C95DAB38413055F4AFD05DFCF56FD7435CBF7C69", "205D8E291F00D69928AE2777BC3A52CC5094D59B30AB5BF479F77703C17C0EBE", "2074430FA94A5CD554B789382CC458C8EDA728B391338CD7068EE4857C3E9CBE", "20895B7F4EE20D27BA455BF8CEEBC16A47A46F3AE7F323DD812A3BEECC1B20E8", "21781046737819F9BECB0172803EAC75FA331A489C94879B0B9D69C572F33FCF", "219CFAA78EC834FD6E9BB3252A14246E1D6A997716D8947B05407F1CCA7D283B", "219D23DAB6D7EED6140DB01019ADA2A19ECEF81B9513870787828621344C3705", "22AD9780FBE31F0C3A8538A94435CC685BD218FD5CD12785CA0C0F3D4BD6466A", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "2345A09A06FF03DD52F416136562E375A6BB2802869546A41ABC055F6BACF501", "236AA5CB326334A17EC158DB87DB228ABD7F09138189537C08E7544B1F21821A", "245FEAF3E7F9444B5958781DC69E3F6A353E5088DBEDBC2BC099CD2EDEC0625E", "24FD649B8646C4A9F7D11E66634C11A449A186526F1439E3A9D22D2AD284DF12", "2537F49BC389A32095FFD04DD90ABD8C245F9F959B3040D4B3B584792F460CCA", "256D69C6A8C49FA921BFF6BD50DAECC1F4BFD09962DC3AA698602171A4AF9305", "2571018C4333BB3F6C19EC9F2B6BB5326A2BDD39E6D8AFC796E89DE41BBABC6B", "25D2E41063060A04C79B1BEA256E06B67D13B6B9C57B7E667497957B4D4944CA", "2614071BF8D5B0482694D82BE1651280FCE95089D3BF507FE1CD1ED3591D2446", "266AF5CCE2935A1632FAEA2AD2ADEC7D3B1EF6585030A41069E05308C44DE9B2", "2781352DDABD04472A60AF63C2C53E5BD309AE38F103165B7AB8627F1EADB57E", "27B8E9FC98BA91ABC2C10006CF43B0739BDA7A3213E6F5DEF3851A7D59959B97", "28E683B9E1028822A2C208D0617DA2DE26079DCB38CC45919D696CC7747F906B", "28F09F928D8A64947630E0341FDF6E6F1981E04939D0DE4237070C2BDEC2DDA7", "29036B6FEB00571E2FBC00E867150134E5DF9C08AD44F9670B7C8B0109F99570", "2938738DF3DDBB63A043DF986F34D6A71B49D913722E7B5256E7CB282FB094AD", "298D694E8B6EFBF03FA97A7FCDBF327EA4FEEDD97CA520790177E2DF3923F9E1", "29DBB9F1E2675C7D11CD51CF8077BB360E608001AE72FD3BD0BEA1D3E8553096", "2A0289568A16E75438F062DD5447BEE8F462BCBB11E9154045B8CB577F2DD29B", "2A40009A88F7F92C59723B05B8A8BC439ECB104B7E48FAB00AAABF8FE910CEF1", "2A5453A8FC9EB27F6ADB0D211CACAD0F8DF506F7D5DD5C0B520193CF9BED6583", "2AA3185EBA84E6CBC03538E7B412231A35154B6FDF60A284141EB61E9ADC17E1", "2B3C9C8FEB87062CB2249D828A603478C6CE6A6307CF7103B8825D9FE81CAD3A", "2B583BAC13559207D6199DBF313322FD679D7CAC25583ADB0D482CC288326F6B", "2B9354341DE762610317643C7D0CD46292B876EA0495F199C8D716C899A81F01", "2BB93AE1C7A3B73A6491F3A66D7F39AEF96849CFFB0026B650053C816A375F8C", "2BEBB38964CEA4B62F9F2515093252761533127501B62DEFAAC8D801CC37ED8F", "2C6883C7D3865B8039726C3454BA0B0D5A6F3F11B0878992EA2AACAC9F364E05", "2C8AC5B006429736039334AE81FEBEB33B177D66F06E2FCA009B44325938A335", "2CBE7361263A50B080D6B470AE343AB65387E0B6C41ED2D3AF96DA4290CB41EA", "2D4641FC93F25631B43611B430A358D32F4D1BB80F23C0AEBB133618A3A7D20B", "2D6ABFD773A139FAF4A5896B0D244FEA196722BEDC26C16CCA61755624C6067D", "2DD38E427DB50FDA5C4D07F52BDC62BA35206BA44BC185595E39ACAE88DD41C5", "2E9BC1AFBA9F34E20E313BA5B8B5B6C1AEEC0E8F6EC0B353125AA17460789A62", "2EE525D2EA98139EECBD98B625477DDDD5A658E5F81D79BC18E2A76F2D1FAAC6", "2F4353DF684AD6726CB9491220A703D4AD06D4406D7B35BEBCB2D4EE11863E10", "2F6DCE2C99CCDBE682ED08A9421CED8979F6A988BEE9A17025F9CD412547C8CE", "2FAF7A6D577E5A551B34815E630008C9F60A86F3050B6EA1FDE834ECDAD3CDBD", "2FE62C1E3A24A2A73592656FDD830196398708E9C059617692732BA9EA6EE79C", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "308A05F5B1028A741D58EC30AC13C7A0A2B660380B87E8811177772F0014DA1B", "3099AF409810F61F136C1B25F2D414D364787DE5E6A6D82C98F2717B27280F03", "30B97F976830F38EC78A601AC4AF08E5E915E3601910C6A37C3824A2F36E31B8", "30F126C0FEE1D6C0436DFF1A6751EE8FDE2C7921F8AC99F5FF4DF624573C80E8", "31163EC63EEB5A0179912A0BC305EF5FCEB5F7D34DA7DEBB412A6F63DD9E8667", "313A00F072320526FFFC01115C5A87DEC8F1D1973172B633553FF56404DB7C22", "31ADB6C8E8FF600D11DB6D7A8786A3E889599DA69349D9CD7C480130A5790D3C", "32C5F3A427C23B34350EBCA676883F18871AA834AA2E92920588454B1810F4E9", "32EB8BE682985EED6CDB1D2FE6AAA4C3E1F475A6C6763236F416CF5D1908DDD8", "340A46633C57BC64A513C7574F7A78D6AB2EB22FC581AFEB2E64A95AF1A94932", "3495F9B812339D5B1BD78637C1F420145AAD93AFB44B6E35782DE0160CF7211B", "3540AA54A1ED51682893BA31F766B870A1375441D71B0C703E82EAA191CC0D6A", "3582AA92271267A0985635BDFBC8FC9F24691B1A4D1B420CDED32DF204F71D26", "366CE799D9AEE4234CE4D38A22D774A769300127F0319D9238DAEC27C48436E1", "366FA55EE0B09B40AABB041DB433F5E49FC0E42F7988440387EBE3EED9DBAE91", "36B9584E17AA5AF2507B4055D315F6471C0FAEB4DA5E11B3981F0D14B6267101", "36D5656B737C49D8FAFDE925D61AE63B48AA8F5E7E1EB36E926568F7A43AA810", "374411ADB66A6B6C60B3EE4DE9977ADF2AE7482BB4DDC9927957858BCCD39B02", "381B76F53A26572A7C476380F44421473D669346B3F00F995B318188F2D2B793", "3851D26A1B7DF88EA8BA11EEB80A7341FC47BF9EE9F99E03682D841ED55868A9", "38CCAB39CAFB6C2CE3724A92B67DF0EB31883A90C9A3CCC11561802DAE51A944", "3950A1BC0426AE4D016159E4D2CAF54A8DB5C777E8AD57B2F2EABA89B5BA76DB", "399718E68B1AC921F1F63310793CB30CE98BCB15C409BBB99985FB5BE97A027F", "39D4A3024CD82E0AB1412C8F0B7DE6C9C896CC59E99FBAB7A5A61175586A3211", "3A1BC1457116E48466FBE21DB096C6074F7E3864DD6D6D827772D229180E6497", "3BD924AB1914D06D60F032CE4061B3FB0D5473ECAA7B3D99C2DF77F4E5E7546B", "3C34CA137D675C01FA30FF52E4840DE4F8835BDD73CFE7BE14C18869DE46A7B2", "3C630E87CC8A98E980FC5838CF94096C676B99FA65014F79A0F1057053EEB9E0", "3CFF13ADA1D4912594BB3AC9D0D9ACB17881A208B1AD8998A1E8BD64DD6C5268", "3D3BF59CC576F554C3F716540167D85670B56CE61C0AA690764AE05CC62E23C5", "3D737E91C4B3785D05EA6B518DF81A98A3D897F7446C9E2969F3A9E22A7F3BF4", "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "3DF4EFFCBD4398CD9D2C6995C59DEC9020B7665B1A75D2B23F0CFA94C34BBB8A", "3DFE6203DB59955492FEFDC3D6D48EBB07936D0F880BA3893D07DEEAC6EC7CD2", "3E1821B985C08682BCDEB3F7FE286DDE1E327BB3B965AB5445D931413229B237", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3ED9EC3F8407924DA03D3ABC905C0426524C3277480EB60950F0B1E4F641977E", "3F517C6EB3F580D15A8688927C2FEDE369F340156A939E9A19A6F6469765380E", "3F709EA726EB2BD99A9BF0A52B5FBF758B042727BAB188CBB7DC446E3FE28E4C", "3F9F8F4832E2C9540EEE2DE7A8990AC60FA7592E705F735C05D36CB15E03989D", "3FDC0101985ADD7D5774F255D78C573813EE11684088944BAF72283AB319514E", "40143F0DA50617F5EA31C30CAE6F6341059E3F031BCE0BC7DBD9F120A3C1F432", "404E2D0E1B17160094AB135E0E50428683CA61B4BCEC0A2A54D173AA285C8666", "40656FCF61F62CEDD07B5F90A795F5BA0AB9CEBA0A98609B75E7EB58CA70F5E9", "4072C39942198FA288CA301A6C2F9213A715552B7A9DD1177F87322136D13270", "40AF05CBD3BBA604933F6C61D164EE39373BD16E9C951A8CF9EE0D2970B196AB", "40E849000289F14BA4EAA8A0BFBD0324AC59A18BA17D9C7411EF7F2C82E2F403", "411DE209066A00259E38D292C22264C2EDA3B961B523920D589433F42FB534BC", "414CD2ED8A4DB39966322AAA5EC3E25F6665F6B43B7145FD3AAB4B99AEF6A15C", "4151943AAADA6150C5AFAE2BBD8A2D632F5103C8F0241C45300A9B5E66533036", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "41A2B080355DFAE7EADFECB4D5D6C7105784D83B969140D731128E3E9EDA0757", "41CB9666A88AE67D4A0558674B8CFDA62F160B6DDCBA3C10576515447887CF12", "41D74490768E1FEA65BA04768E1BBABF9B0B30814EAF5BAAE6962979F0600776", "4250B3DD6EE0328D9C74AEF40742DE820FA06152EBCCE27DF8DD34DE016AB4B9", "42AE91380DCB3B179D17D9079FE0F75521810DC3E151069826D9442130A7A4DC", "42B553A5257DBCE0553E09359217D9B58850595C4F83DD12BEB3762A7D09FF2D", "431382DB113A5AA827C6DF689025451816886598A8DBE3FF020843B5C1B983BE", "4337F9AE4A5A2285A37D88E12A5DAC941D106D987FD93F7005C756BEB07720F5", "437063148C0599A3C3F1CECB075FB83EAFC46606410F01E39088624674767E08", "43EA7D9D017D774D32A0D197F345A2CCB9AC632F5A3F17E7D34A94C65782172D", "43F13A59BAC727291BE408250411526C9C997271C9B4A25BD10C74E510C0D8CA", "440EFFCF162389547EC94BA431325D2B42D5E91C496765EE6F12A65170790BDA", "448B36431D70C2FF876FBEC8D7CD3B51B5042A64B4AF7EEA7903D392CD01A757", "470FB53E20DCF01D3FF4FB7251C5868A5D215FF7480131C88B1F5C06E159D01A", "473B42A0AD3ADFD11193F1FA0491433B6C2F49AB442C2703D8ED509C2300C6D6", "47D25A9CCF0D2814C969F367761F24BD96489AD3394A3B36640A52F7D3604F95", "47DDA2A418E0FF6C96DFB84335DCAEDE1A8B3CE26DF31660F71744BC1ABD71AE", "4829928E4C7715561CB19AF103394931A0114E34E269A614FDFFC77D2F61D9C7", "494EAC6DED2AE35E21EE2CDDCCEF3D9DC2E0A6224046209E48AE5CA445191511", "4B7EBAB09AB01A6A2993819DB2589A79B0751770B2E5A63287320AA02BEF3420", "4BD0A578AC85BE4A404D10EC419136C4CE32988E7B285336E8F81B41BC84892B", "4BDA96731BEDBE3B4D78DBA9FA7051E3DF5C22631E9222A0E15B433BB8B9B171", "4BFE30BDDE08FFC06253F80E424B5B9EC1414B2AB557CDFC42C49CE34AE44C33", "4C800D760232A012AE25AED7F8AFCFF9E3EF3D9D48D3614E764CC6588F221519", "4C85D2930346AD967159AF4455A7D0489E2962948B89964DEEB838E940D0D79F", "4C98F5463E3FBB67682E7F864F699DD4A99514832D6E44999F6672401F35C8B0", "4D8DDFDCF2A9E08D22DE6980DCAE258956930E2ED23CDC0D9AF47F75D6F30683", "4E0CF71A698515A29D0ACA1BB71EC6A8B109B50F539EF3517671ABF65450A55C", "4EF2DC28258F6F8C814863116E6E89CA3C802A0E623177CD45C03F72ED60E5F5", "4F86FCE6A6F4F4C425A9B8B38A5DA84E886B0D17EA3E74948CB4061B7FE23597", "4FDDAEF0B75E77A06B8D7597974820AA398F5338DCF044E51EA0222441200F4A", "5049E0390F7FB17FC4FB6FCDA949E23241366872E7987B7D22194E73DA48367A", "506E8C92E0B76D834A33E4AE02E5206A0ABF28570630F6E4A780D13A5238D647", "50F17354A0A89B52C1E061D02F78509C6F34AF2860DC46D6DFC82469E2AB6C29", "5103EF573939B8BBFF52DFBA2301C37020104694D7728D02C7FDA9C30D9AFC75", "519E337117C33750E405DD899D2EAAB71E90629220E735E805D83538A071984A", "51AB1F7F50AE2546674F97D246115890E30F6672B86D6D523810D29C5BAE0D62", "5248B9256CAD1F8D158CE63A6D338882538AB4CB774063A0FD1F9D65202CEB84", "52BCF84201CEBA012FEF5D806CBEB019BE40DA44E167DE103878B677EE8CAFAB", "5456485B8C11147F0268CBD3CE78D642DD6C83E91EF7D3CF6FD3CED026F38978", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "55156FCD842A2CC421648C286DB79335E98E88FF88D30BADC857588FB7995139", "55DACA18AFE52B9657ED6763ECD6310E15A2B6AF470F5EA9C7BA6E971FD15B5B", "55DC949F3DA822F13A2DAA3B5C90F1F6E231493688ACA1A0D271E8FF8029B057", "5641564DE1A4B9249AC0EED2F265EE204961C428F093EC99321D93DA0AA23C3E", "567345576590494CB813B386383CCFD2CCE4CD51C93AD9D6FD80D7D632CC8257", "5711509DD871227FC9F7CD530DA0E06F21DDA1D522E7B1C76AC95D3AD5F6BC07", "57AE760DFB50538BE1F8A0AE6498718A547B70C0FEC4480282AF8A01140729ED", "5884DB36BB444C82DF22D31A407164BD9785D01D1382BDD13D8EC0CE83E4CEDD", "5902A41E6B193100253C43987CCC82D3DCB47681EEACDC1CD8E3887329ED5E19", "5918E9614B79CB7AD729F929FE35D24A4B9D1F15450478C744B675BA273158AA", "591E98996DBAEC8DA2E30D3261AADF9BF750C358714362A5B9B9F30A1AC23AB8", "59318B0CF4C1FAE586869CBD784AA3B2D670508ECC73EDF830A5E166B55DCF65", "599A8A2E36D1292ACD394C3442B78D3D323EE6686B7160B972508B995FF5C90E", "59AFB6B22B3D21FAFDC933DA29973F4C6887013B5320E839F5B0B140E8DDA7D1", "5A23BE34322F36780B2821378B1628B3331997E99E3A9C4B3B0067399EEBC3F5", "5A6FA2CC424A9B8D486401FE327721B1780501E50590F4DFC511823FB8D4F3BE", "5A8825AD62C7A9668D229174BBF47E909FDDC63BC31C38BE196932E629C1F298", "5B0B2EDD5203252F048F6F7FEAB4D8B03C3C046A6B06FEEAD861F79A36B2F860", "5B0D973A3FED1AF2D6DC61C906D27DFB052F1D42B4263EA8695D5ECC3E5F9F09", "5B4C19B2CA9D2714AEF1546FC810D709406148AD04288568A5EFCF5FDEF9B2D5", "5B64BCE3EE0E68F7C1E61B0134954FDB115D5AD76AD549C8F967018D7BA777A6", "5C0CB43BFD3EEE4DEDC0140098671ABC3AFF58071417714A283DF7BC26F07825", "5C50DD455BD6D918BB514770508E51191E797F301A91298501BC9B0243579591", "5C71C4B21EF8CF2C7925B0511520A2651B8EF89C97FD0A4F71D6C559935F0CC2", "5D0EF01A9559B5552716917BA193D1298820848516CB3AAE2B74F8B32EA9B337", "5D63DFA90AE05BD537122A9820FEC290A8E1FB9D0AEF4B12256F5FA09B670775", "5DAC43403A6D99FD575B46543303C4AE9DDB38B3F55FBF172BDEA1936A1DF2A2", "5DB2E519AF6A44986FAE300E5FDDBCEF984C505505D899E05EED5F1A41CC440A", "5E0E32B39EEDE0FD2DF597014A313B4760C8CCD85774132829C4BB7B6A2ECEEF", "5E1A81920E6A1A1EE7EBA39E8D98B9A3EBC541A4AA719610D4E288278B7C2CC7", "5F0A459E7C55630FE8B65EAE2894E2115CDC425C3D1639EDACE33CFA2D3E5E1F", "5F1A8E5DEF8C5B0BD8A337785BC9EC92521E4E1FC191BC80CFB2E92B4BEB7686", "5F3E26ED26EA2394AEF8CFD57D8113E0E0F4266C1E583DF03C0980A9BE5A932E", "5F957B5E06ACCABE54D87CD6147B8E68B673F925251FED25DCB9B0E9A50E046A", "6090C932221E51ADB229897A416B6CCCF4B92380897751F9E9E7D222C5B6F5AC", "6097D8015AFBEEA139CD04B0695213519AE407C70058F9CA2120CAD2E9367C6A", "6155DCB197E0C8F981A0079215EC9D72376C81F0D5C98B713195392A9699AA19", "61CBED1DD723F40330ED88729C22DA31975AA613B69AB206CEBFF70154901E8D", "62439DA1685C8834EE8D742776B2A816E2F759488A37A2E67FAF819FB474771F", "62E7A719C331FCAB47075BA0B9A2AFE666ABEF25DA19EDB1572CD3B9D2B9095E", "633101892424998D20120B3DD7F6989828A31FA0294F49F44921A8AC25511C41", "637F608901EF8B9FD34455682320A8EBC1B665D4F6B5C7F53F3E57AE66C9AAAA", "63ACF9BBC292DCDD9F48A9F8F5A37254090D93551737FDE9DA1A7B3D230EC2D4", "63C0560C61FE9A9777F6402C4988E794A31F66C8118AFA944D2596065F5D0454", "63C0B2B3226E3E98449887AA89E81C9B35F422CFE5D67FF9577B4EC869D9F5EB", "64718A406CCFAE5D2AF591487FDFB0A189E939DF11D8C72E30AAF07C12098478", "64E7356BB4143CEE7AAB99845217F78C25351A10011282B62937DEA07442F905", "651DB631D6FFC9A014FCFE5B906DD9E4E7DB043CDBCAA1B6B7D12395E2BD6E30", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "654F3603785F612FCB89C4655C367EC60F72994A083FCDAAF1A7F63C68137F21", "65AEAA74B4397CD9FC1768668C6ED4E2A219B5570B2041431D7D2F5201973D4D", "65C6CEE2220BD8F2BF06A7DA52FAE31B05C72037D4DF4346A594A14F3DBA2AF1", "65DC12D6E8E0D53E6ED0AF1F356647C749F500509AAE6E4435FC95F00517F01C", "6725498E60BAE87422EAF3456CE0CDB09BA37F2486FF5387F29D50C5D6450CFE", "68DBC189ECCF66151D979CE51DD24F6706E1ABC5421889D2F05951A52BC7EF67", "68E7DB3D7E398B2706226213F9B1A94ACD374A065EE9538BCE2CF140B065CB08", "6925315278E87FB43413287EF16CEA3071D75C13B8D35A1D7D43F00FD9F6E90C", "69C147CB642B39AA3250947FC1868ED542CC9C2C3BED4BA821CAD9BA0F178E84", "6A663A681263595D2882F213BE03BB05AA8F62FFCCF602AF57E6778E2E499DB8", "6BC9040B51F3B0282E132873A0D807E58D8450D20237A38329B62B37AB7F1BD6", "6BD0F7CBF52B7A4162592630AFEE35125FA1167D864D7AAAE4BB2433659BC75B", "6BD8A28B17576E05E0B974C262EB42ADF09E98ACEB21D1D8CF08B3D64F137C36", "6BE8692D3822CA78B4646C336839C76002B91C314A2131C842F23F12148509D9", "6BFA62BC112FABFA05C6C5C47562FC2C7D3EECB9F385BFCD8A861FE181F02933", "6C7EF094F5ADC8D9F28ABF3F2EB18A600C9A1FFD5B394603509AB166F1A6FEE3", "6CA024A9F2CDCCE74CF938895AEB6EF4585CD5981045B8153F1F14C10368A3D8", "6CDA9CBBD4E668C70A53BD4F7D7CDE00CF73C49E1D8C5300C858682BFBB02BCB", "6CEF08A1A5A2589C6B108019F507F85264A6994B29790BC8B95F25B7959C7A69", "6D6FD3B17FF4E3AEC7C3300A59DF811D1AEFB71253A1B03A9B6D6569C666112F", "6DB274E6F7EB4D6F538135EC07CF4443980A5C2FC8C1652E16833E39D5F430D2", "6E26A0758438B20E786E7278B449CE995EB702FD88F24C2EEA45FAEAF3CAD7A1", "6F2C088BF5D78FB804760981ACFE38C9CC104BC5F9390812E5D324682512AD45", "6F75059EBDF719D84C8DC0CA4BAADF9428544BDAFCEEAE62F4225A55CA1E8AF0", "6F9B3E5D97FDBB41059AA8C4DDC3F8C6E337642756FF537C16A61C7599D523B9", "702737E727126374B1B95753A3C516B3B30B5DFB07610F7636B07D2E346D87F0", "70A3DA093ABDE18F72C315FEE3BB4BF5BC15B78D8580EF9CAE5E47A72E111EE0", "70D8566E5246B3550B562DC69BD9E44914B7C5D0DCD3C21264DA9CD5683C56E6", "71A0E260D835E4FB784163408D486ADEA9933D2BF29E0D594920C0DE72D440F2", "71A473993D401FAFDA20A063C958EB3785E06B0F2833BBEB5FA0B1E2E3123139", "725E32A9B6092E4AD63AD8E97B36AECDCE864C1BA681C18BE98CB3D51167C891", "72F388362AF41C5685D24932E9104E4D10F2F34B4CB1D6A825C5735F1D4D2178", "732078ACDC6764E165D318761AB2A077ED1DD347047F72351BAA5F9FD5BAD43E", "732500E18BE7C9ED830D9D2C86A1F758E95A1A12A09BE8FE102B75F50E6A1E5B", "7334315670DD2CB11A3544BF6ADDF33C038F5FDC7174D76FDA618631B3F74B69", "73AC0A21A1C1C6C3987AD6559B838B31C02E7FC2112C00D32E18ABA3B130AC8F", "73F295E4CA98A62DC32C3F4805623BBE6C4CCCD3F58645888D4CF9A556BEE309", "742A5EE5095C2D25FD4C21E1BCFF447C64FB309C1797EDABFD78DFF9772CD9C4", "750AF6432F6476D75E53148C1320B292C1009046C8733595D70EB7AB5F389E6D", "7528A3A0902BD0E84C18A74B2060682D416756B7BDA47A549953D62A2C4905D5", "75AE9D4CB9FE02C082FC4424DBD420EA2EAC4CD4BCE0C4E376DC8DEE1119F8D3", "765EE754DDB2AFC25A4F81B453619E8DE782835F4B2ACED4DF8CE43B5D4C10B8", "7673ECA7C26C82F326589C66582D68F7F87357B4FB250AD73DE7E7F5EC924344", "77352C82A30EA733694B5D88C0D7D12ED4F6B39811776EF99E8E73A7C6CD693F", "774E529F1CEB73A24DBF6DF8AB48E58FA90E77E5C6F1D88214997D9283C7C4BB", "77C6BF921A5EE4D83AAD3E81B0714C7F02AA72F5A80BC01802CC6F1440DE7948", "77DA9A466A7C42373FF7E0F4EB5E62474CCAD685AD37FE9457EFB7AD15F923AD", "78B5CDD949B0594AC0F181656CB6536E0B075D4B064576C915C9BFAF10028314", "78BAD43C88F0291540D28D9B278D560FB7D643B21400003DDCF10124DD2DED21", "78CFFC4D2D270C24EEDC9DA3C157BE051A6915432AF4FACB8946F44274B08376", "78F585E499684A44D21982BB07C498E010C527FBE1866DD676965E7AAD25664A", "790AEE8158E5072311EE0B1D8C1CACC2CAE27CA8C7B75F39AD990B40790CFB8C", "7911EC80C28F7BE157F66EC6B3E35B2999E41F97F4299CD83723DE004A5C5CC2", "7925A4A82073B74561DC5D50CF078A50AF6B99A79615D52B72210290EF21A39B", "7996A5B21090888A5E92985E9AA52C1DFFD5B468A73A1B32557A0A11DFBE0724", "79C9308A38227EABEE316B0407CBC46021561F829AEBF9659F93085D4FC63547", "7A53C19FF480E48C62F3A876817E646DD9329F4F75468297B786BC33EF754038", "7A811732B34C1BAA3F2209EA69EE01FCACF762E53C22EAE8A8FB7A45B4E7164D", "7A8AECBA2150A61A3DE291986CB985C43FC8004FBBDBF70A216519054A0B49F1", "7AE0AD6D1DAB3FC37214E1A0FCAC4D74DD7278E9BEEC70EEF549EC606CF6A798", "7B6A0EC4B0BDE7D3CCC734AA346757CF04E0ACCB853B4076CEA5505A64B850B6", "7B753C368ACA27C22C23CCCF0ADAC34B8D0ABE013F91E91F77FAA106033ADC8E", "7BA7D9376555CC5B2B7E08065746897098280BCE50BE977DF3BE95F1EF6FB5F6", "7BD03C97D3450FEAE4EB4F8F33140691B9F85B4915C83AFD5212FE881A12ADDA", "7BE38BC9D9063F34BE9B8AEC73F5518E1D7B0EC8F35109DB2E64EBA48061A6DB", "7C371350C79C6F7596054D8B19A4BAAD069A8ADE699FB847B44E70E03F3D6988", "7C630DEEF9C025461097DE30AF143B45E948D8E848AEF027D365F38629529B0E", "7C9157E346AC79316DDB98434F0E33C3519FE79C9DBB12AEF05930DBF715E4B4", "7CB83B36707C65E12319F21FCCA0331FC7E7DB8440CE02E4269ED8930A8079D6", "7CD76102AB6BC7575AE0FC31DF4EFC5F5C1D5540091DFEFF03725F29385E3537", "7CF53FE09C7D25161BFAD59060E2F4269BC90C0B892337805721A0FE0A9BDA22", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "7D46658778E442AD0D43B74E767B5638C73A3147A2AD662C6A1BAB31343A96D2", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E1CB2FDA212C7A8FC0CCD8803720285F00C1F62F3E2628C7217A85BFA5FFBC8", "7E2F62106B895325A750D4AC20BF018E0EF2AE3D85B9685ADBC3048C8D7487CA", "7E4E851053AF5C2BFADF66AC8494971BF986538EB9E1BEE4C5D8B83D2DB1BBB0", "7EDB94BFBB09B175B9D9EB0AAAAB691B264C9156774980A04507F74668F108C9", "7EFB522319684542D37BC81717D35991CE91F1752F5381EA6BFA2B84165FC89C", "7FE72ED4C858FD4F010CC95764D03AAC86CD4C73FE6C4B388FE981C9E76DD0F6", "80489411CAB04FBDC8043529670BEC2C45004C175864AC8845B7DAE26D981661", "807F02BF5D04D1D709B1D383A56D073A3E2ABB5E058B819FF145C9C80E083AF4", "81B43D7CFC92C499BCB5A612BA8889A175C9862AB5DCCB9C95EB8CAB818B2D5F", "8215E02FB88590F4B93468E9B3C6A2785DF30F06545A788005F8AA267BB66470", "824ADAF8E5DE88375EFC5412C86554019A1D20AE993BF46D6E6A634FA7987D24", "825B52995DBE90672BBA09CCFBDD51925814B984495E8E740D466D1C921FE61C", "8275C3B123771E721297381D0F66E5CCB99C5D5EA14F12413C6DF109D950665B", "829888007050D9C11A7557C40DBAAED034B1097EC4A906EEC0D336ABDA0D0B50", "82D72845B48E29F382E3CB32198A7458539BFAEC832BAC6D7B23609003A86C76", "8325E2E8632F22E10CD653162D8EFC2BD56BD809EC2298B08EF585D287E1CFA8", "838185B2913A44E852BC8B77D80730F1A8E62A2DF3C8C992C682B9C59DBF08C9", "838A16B0CE06CFADC4E063690DD0FFF6D0DC192AB216FFCF35FC2AB89203341C", "8451DCEAC7362310C8EAA923574AFEAD09CA58D139A870AE0ED1E3D11764573B", "84BB486A16164E9E9FFD8E6D5DA45CDDD2999475349031D618B321E598A27C51", "859E9503503A634C300E460C2F12FCA56E167B475CCBFA01CFD35167C415E188", "85A9CCC329280354A0F8271CF2AC6C4D6A82AF417642C72236CF8B3B9902B024", "85C244F40F078C64D61F63F2C6CB1A6851B539CC7B4530BE8884CFAD733EEA2C", "868FA6DB6C0D6319E1B3081CCB6B4C3817A1853F87C138E75E8C43A455725423", "86D355F68F85D65B3FD45457F96CAF7864164018AA27439D7F53F3145DFF6AB4", "8731F85B75BA77CC3784CD784E98484D53CD189EA60F1F57A3A4EE351FF62B39", "8759A08F8DCE05EB5B0136A785BCAFCDBFE613A7D435C0FA20FDB4424A7CAC70", "87A19FB5346DA81A86907270AB84E2E3899A8B6E531102A2175D836AB9D8EBF9", "87B26C2B63AF8A971A79B4CB2207EC51AF74A57FD839002466AFD594F7918F65", "880C8CCFEF3637D915CD2A945EAB6F29F1CFADA9041654A93101F51058EC852E", "88F3587B22B66042418FF189277EA7BC1A004E4B0D911699062E18728ADEAC9A", "88F727F191CFFC37044A03CB83B1BC4AD832285EA66FE76EABF1CD38612CA6F6", "89D009E3524C1B9AD87ACA19EAA960BC3BB181F3123552424DF4436450F0C39A", "89ECD262B4968A1CEAC0618400CB1E2118B5134D866FB3DB5A845EFBE37B4016", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "8A3C4FBF20635DD01A5B58269ABD76FF6451A13FCBB437C76C92D2484A5C9ECA", "8A4B8F016E20BE062D275D1D7DA531E398846FA5F653F9077E943F8758AD58E1", "8C13A93038AC136772B2598C633467116BF44538BBB507D836B65485D5AA47D7", "8CB9D0387141654C3CF6D4DE9206C4786C02BFC2860F29D379CC3D78BAF86A49", "8D3E851B6F9CBDD7264BBFE58728A1E8475B1E27E6A51A85B7A02401B1D363BF", "8D5E2B88D45BBC51C1E874562BD7CA1C628FF6220F99BFFAE4FD6ECD4E193CA0", "8D7ED64456FC169D02750D2AA4A80B16FFC334A2DA71875B22768979B26CAC67", "8EB2C9E7DB5013AD05B30490E2989C17EE64FBE9B0024B1E76805B1F1B95B816", "8EFB8A654D3536DD4481500A7680D75E0B2A04D2F63C829CAE130B12A35D7ED3", "8F42B1EECF982913B8608A5CFBA9BAC45C8FBE09DA56D904DDD3116F3FD9BC4A", "9018EBBB2B02EE47F1D399A0C2BDB34D3337938CEAB3DDDABC830CFAB6427187", "9180198017E53C3ABE300BED146F25E3DDEE3F2933FD128F75729D691DFE41B1", "91C10A77460E47F53661352C6380E6E959F0A94B552C3AE3314BBEC480C0AD09", "9236C16A24BA84E07FA1B5FE61AB69610142241A7BE4E44680058F24F4687159", "92C616799A38917F3F1C44962428D315FC07EA3A8878B8244D3CC7AA47835556", "930FC3DBD61B7E8555AF191AB7E1E95834FBDFDFC85B66000C95954661FFE18D", "93A2C56B0AB96E65E4360EC6548816D3C33DE282AFCF4BF7B723C6CAF3370854", "93AF3A0CB685837B7C985687A86604D2436D2B5919B3C105E801C3ADABAF8404", "93D77A1B89E1A50F1C0067EF8EBF986A45818BA7243FCA3AE9F58E577BC97021", "93F376A33DAF2CAA98CBF6E0EBE1D85CAFA8457254A8255841887F4BAE5738F6", "94533C1AEDE627C97E171FC1339661B263CF1EA6678274080F922CA0E372274C", "94B3EC63956148268E5D16E07FE76E71DA01EB7625BA7498384CCAD5794DE007", "9534FBA81D419F5E2702A5D0AC49A1619BA42EF0BDEAE97E0E5F96F56CE93084", "95CD62FEDAEA72A3108F90B80812DA1D38B9D58498C1F872BB283E27B2E4A609", "9689CC781FFB77A68D0808F73F4652707DF84089948BC46748A94D94E9B86E90", "96B8C81AD52035685E7BCA439CB3B55D261A1BC816DF2B4A9A8ECBB387488B19", "96BD78A851756098C227E98FD62220AF1B5931B15BB2031029FDB3A09B830E21", "970FDDCE850E0E2FE3639BBF29E02DA879EC48839EDFCB87B3C50CFDF9341157", "972701C7DC1452FBCF01B7BFE4A7289076C9DC38C28E80665321248205EAAF12", "9765CC2CD4E8CF43C86EE7859F7012EB2A38E6A4A80E55865CD6E4E883D3188A", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "9872D764206750F6FD9C7F555D6B4C23926B755B4AE368CDD8485546CDEBC462", "989BF293C7092FFD11AA33DF268D74DDF2FE740CEF8C6C7B0A84E8A14F4D2E5F", "98C2299E82C81E1CC3EFB8629E8262393014376C64F3F09018090397A1EA00AE", "997FE97A9402E21A1AEB24DC72948345A78B9DEA937A0707F5075C73CCE629EE", "99C4FE5226D6D4C3DFB065D997F2D2D168A50F2B090813B4AFFCC6BF971F9576", "99E8EFD982702D0DA3B71A579F8DE7ED0EE792CBC5A6CC73A7B091F68F5F71F4", "9B29E95933D7FC3EBCF270BA84DE60106B20376EEAFD5D4DF4DCD949178CB0AB", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "9BE1D889C1BD77682655EB00AA0EE21AA5C7CCAA1F93287BB788D1CFC12BBD77", "9C14329016F5418723129DEF900843F6DADE916AF1558462C16C6E034CB381D5", "9C1D1FE90E2F187821C270EFC3B5F3A57AF88428D8DB76F072CD050048739C9F", "9C6F1EFD064B98941F8B42A32A91BAB15206AC55CF09BF3BAAA5925A1B9B55C9", "9C9974897D9032CCE40784D8D39546999D4563EDB691A9F8F85E7C125665ACFD", "9CCEB90B89301ED91DF7A501EF3103FD54D3AD611D342CF6E4B19E5105E84E35", "9CF4B754DA9567471C44FB69CAED5998B46728364F8A6BB60BDB8AF3BB37AA50", "9D369F46B0635D31A8A683338B578CAD380D46F2A6EAA8E945524F1CAD77AC5B", "9D74E16E695D45F37788D786140C9FB31C6F44CCE29B81D1A1A36FDFC8AFFEE7", "9D892AD714895E9B8DA3E59547784D03B32EADD3AC421AB0003E3191C1AE27AD", "9D9F8496AA1AAAE7CF135E4A6F86B7D8F86173A0E558AD93AA10046F0ACAAE6D", "9E3B1F6158EF5703EF54F7C3064A7EB99BF9523B8A6CCF05475346791179C879", "9ED959A552F1F1135D021720BFEF601A33E4FF298A735DCF0648EF0558E731A9", "9F1EAE184F8F81E7EF066AB9ADC34807AD597CF2027BBE8AB8CDA2E9B96470E6", "A04FE2EEFC21C3A9305B1CF7463C731D28C17EB5521A8E54F5F564939C5E91E2", "A061041B46187FCFEBBFB87034130DA72B29436DCFD2D239C3A2AA980AFAA845", "A06995A18F242A8E0CE9698293C0ACAED8F503E8D3DAB686F06DDDB4E0B314D5", "A09274BA1A31537EA391724E8C52797113E094AE9E4EAA66FB5A50D995921587", "A0AF964F99F6F1CA9CF2FBAB158E4F174891DFEE87F27BC64946EB7750486063", "A0ECE071B650D8F5EC02E601175D0E3683680641E4438CAB1D935DEB21EBDD49", "A0EF1B53F76A87117F5A8C9A4208296020E4E538E12E58B3F85BF4F0ADDB481A", "A1547A458E01103818454427D9CBF914A72D3F13D80277B6658A6A2B4E85543C", "A2986B3F1E7D262A7D84A42B3E6305CB140E7761D5A0E56DB1A501FFE61D4E56", "A2BAC82E395F9C0C2BED37EEE45890A06C1C799AB1B521E972E4D70A5F31ECA7", "A2D99883140C7F5EE9B1EBEAE7F0540992E04F6263F481DB5289C6F803CF9EC4", "A32C6DF76505CE1438834C46A179D3BAF5C4C941E7A4CCE13657E37ADAA6DA21", "A3F81D2285DF9221924E5104EFB0F98FF72F9D472D339274BDE26E31B0BB2B18", "A40A589B8B7C643E28A9A4004401F03C17A0AC69DEA5C00BDCF2D7C08F573EA9", "A4167E89DAF98623836F64826EDC7413C8B06B29A2E76A886419750438EAEA04", "A4829964562D4DA75AC835389538AF91BE820F503BFE614BB74E402BC80BACA1", "A491BD6DC6AF5A623AEDFEDF7E779F24335832EEADC2D8516572D7CD002EA565", "A49F8E92510CDD96D8127764BC310529CF44A60596DB14352FF329575652A707", "A4C126DE8B68F4946419663C8E65E6EB45454AC6132F288C65EC44EB78F1062D", "A4FDFC527D8A765D6247DDB806EE98612DA0FE7BCB4E133A742D7FA9A06E39DC", "A5525E806C3BC29BE214997F5DF6164E4E0C046A575DE1E16DE595D33789AEE3", "A594E3179D9A187B5EAE777411B4109CB85600F1AEC96905951B67E4F825EC64", "A6E0AA4F7CE2CD35281870E21B59F32FD6E5217A46EC5702A87294F585538FD3", "A8C4FAE86EAE65D0C1F3A30200BC3B099B396436A3DF948A48B8B78AEF01300E", "A940972EE8C6FDFEAA789156E684C0D5729686CEDFD51FCF6C875BE8FF25FBF6", "A99E3F04B980E14EA168EF35F9FF0CC63287952BC8F944305B9D7E2DE3672C8A", "A9ABCB46C2AB3205C68FA05A05C66734611D213CAC0440DC7D00A0FFBBB76A34", "AAE50909D8058934D5CCB989B4CEA17B72CABD2BC4CF08576581EC909FE087A7", "AB8332BB49251697A40C4A181070CC821286458CE2114BD526688971705EBC0B", "ABF8825C48969D423E885B7CCB57BDB86E27F87DD082837A7884ABA77320FDB1", "AC5DE01326AFA37CBA7F799502684F57AF3D9271EC49734648DB7797522AF2E8", "ACBA42A9F266755DB30CE35DBA1907FB61B1687AAD3415499AF5573BC67595AA", "ACF676405BBB5AE27485D9F48AD72AC6E8FE2D60EE0D4B0D45374459BCE07DA3", "AE9AE27A2F9D74588E4BD4733FD267C7A7AFFE6114F53DACEBDC4FEAEEAC13DA", "AED01AE411153EF61F18A5379A53E9FF22A1966A07D8367620044DFB22FE9466", "AFEEA2FD6DAD8D0A14CDDBFE5B88BAAC96CC7F69AE0C82038055448DFE0E6A90", "B05329785ED4441E67419C72F4E8D5EFB095312F0129B7DAC17DB1F2F0780EEC", "B0549540072FC1BB0D803052330E32E656605B46C7EDC1BE259FE2273831E00B", "B0917B9B05986D5C57AFA7D61D59DB3AC46BF8A66810DCCC331CD59E3A0CC975", "B0A606101370774E5FB3E4409A17D910B4B5997971AC7B7045727379D355B696", "B0A86AE748A5FEB5B28098C199E3AE109F5F415CD018723CC5E174C68579E28F", "B0FB4CCA6C2AAF4AE7DFA7516AE94640B71BE0BE346F669F7A4393C673251F3D", "B1340D24CC010D0154CDFA55F2F704541845D2EAB55B6F14185B1E2157AA991A", "B146240A6413699A63C2D6019C38D06615E6DC96CDA4CD8F928A38A2B5E16E08", "B1EE6762D8CA97073B01F6DB0A792F8F3F34B9F5EC96BE6D83DAFE3049D11046", "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "B2B68C580CD4171A7F8B6F6C9AFDAF01A0B27307289C6197742BE7B8A33D5D39", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B314C20BF91C600149F279A906C6EBEE84E73ADFE2036985C9D6023680EB2CA8", "B33FA893148E9C76925FA67166C54BB7E197EC96DD88578FEB3D80D16489F9CA", "B3446AFA47BD664B99B6DC653C6AF10D8AFCE06B43C0C23D364D628FAD4130CA", "B35331C8976936545073B60350455C602E3A6DA9E2C52BDF202502219C50D240", "B36A668C28C4D760F6B565A18CA1708BA647B0486720FF7FEE833AC59F8D4800", "B37FB96EE4FA4B06328DA641D49120233F6F6FC031E87E5A21A71F34BB882B42", "B3E6D054507AB3B2747CD81EF1321A37C5EECBBAA25C47BEBF1156723BC9BC6F", "B4A5A501AD0C9A763CCC9C4E415BD3518308CF6344F4B2B2E587671B3A834FE5", "B4ACC50FB3EFBFCDCC381ED7E344E2F40C781747A414909444C31FECCA264613", "B54C23AB6C2F4099543B14F5900252BB82DD7A923744D25CBFCED8DB2A18B38B", "B569A853D72B998931834B4E507ABAC9BFD3A8D8EC956A6081EB37817B823603", "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "B5FF3A0A4BEBE5C4947ADA43EB1B39C0645EF9ABEBE4A315AFFAEB9638C6CB41", "B645A1884F55B8D23E89889934405E297A29DD4C710A7CC08A400CAB85EC2792", "B667E3D9390E85C117F5CC01B897A666F73B53F1B38A735C2523D3F70CB052A6", "B6ABCBAEBA2CF48D6DADDF1BB047FFAB6ACAAAAF6535CC5B7D3C594226337396", "B7FF1129A02D2738AED73A8C157F3D6D872B530527C875906B3678301D70ECBB", "B8C124EE4E419DE7F41A9CB0246E9FF21300C4C9A2734EF999830B9906B65133", "B8DC16D7984D0BBBA4C1AF32274D163BB6450605EB784C1C3FB1AA833F622DDD", "B8E199CFC7A9C8DCF033928312B9AE0E344AB91916C93723350723B89FCB619A", "B93CBD995960C74072CEEF36E0F5A0227F680BEF8318CC7D97C9863BCE03826F", "B9B157CE2F5856DDEBF84E234FD678B9A23FE2E3E41F20E5870E92B79E07079A", "B9E9CED15D52245923C5C522920522901C04440B4FB14B24474C1033AA731D66", "BA641051633E4D947A94268037F8B8865B6EE865868B44CAAC2ACF192C454E89", "BA7DDF52CA98D664390133915CDD092BBB639AEA4E911EB487134FB1F8A967A9", "BAC0ECD094048AB5764245E3813A4B3FD7B15C38CF78917E44082B74A378C2E8", "BB06E8BD028B2DF581C4E507E45CF66921EDD872018812A67B8FFD9CD3141ABF", "BC6791BE1BE27712E7F93A3CF6425D4DFC9F597812F25D8188ADDCC84186E81E", "BC7F561FAB80D5D0A48021AB45201595C02030C9CECEBEB548DFB50B6376384A", "BD55A0B2740E1F2CAF9976B32464B25B68B478CF5B269F51D2CBB1CBE5533C11", "BD6AE1C01578D2358D9720998260BF5FCA8B53021F548065995F3783AB704E64", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "BE28B80282A36EB5AE12EA4346DFDEB6572CBBFD3F23A4A31E09F4406B8F71BD", "BE40ACF27D8AE17579CFB2450280D344E32F14B5AFCC639EDB71C9D294778D10", "BE6E8380C13D1103EE23BA2477B40F90E44B32F9B46BF16533F8DB60DB918AA5", "BEC5CE0A39BF468C1CF717499397D0B4CFE3022F0DBE143403F4FBF431616E65", "BF241965E218490C5786B115CB2639A8CA788DC4170BC648A82E9FCC5A5AEBA4", "BFFC97D9B867396253756A09ED28B13F581A2B14A0637B4684951D9BD6071488", "C034F4A93C7986F86B5276634B82B774DA1796B9A2CC2371DA4859670D82233E", "C18E4772030D674D152D69B21575B31602E8081D2A7D63F34DF5712FA898D8EA", "C1DE62607E696F3135AA44A9ED964385998509307175EDF6F47BDAEC9E4F6C06", "C222A8A891F504F40C914F8F66ABB73F5EF9BD26F781A02F39DE0DB06449374A", "C24D4FCC97FD95E90382A4216040099F16203ABF61AF30281EF1C2E136253A42", "C270008C47088F4AB45570D101436BB116E08F304CC36AF51E0823C68AFCAAE8", "C2C6C7F101E8DF80A7C41D3B860D83FF7FBDA9849EE7408F7B000742FC3F3077", "C2E8B6DDE464206AEDDA1C71AA033CD48E5CBB40D6C71D0239B45AA056C35190", "C31436DA6C1FDD78E2ECB68688AFD20C432119CDF718A53729D0F429AE0174AA", "C3213A08C57037B560B797CE67723EFC3B1D755253338C716ACD0DE2BA91026C", "C3B05CDEF184BFD293F7EDCB8C5A430A32B9D04DDF8336E289D0609D021B85C2", "C43D2CB156B7BD39FC113EAD22568306F95463D3E29CC3A697EB085F142533BB", "C493462547813E2D896F759039078514A13F0934C26044CBC7F658187CF3E4C0", "C4FFA255D4922A7FE74CC895D8052CE0138FAB7F76A29E92DC6016319E40056A", "C52E4F43633A26DE3EC912F6665C082BAA08696723A69DA841FA0065F135AD79", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C5BECC1FF633D3A61CC27E6C697004609D2D53037AA1A203924F83717DF01AC2", "C5DFD6DDF0D044C736F3F1427CBB14FC5CF33A1F5084FA65609536B85A5FB9AF", "C61272AAD42C3342F52FDEEAF76F6DCE5A2C3FF3C3CF7540B218B24B7CA5C12B", "C6324A3EF45791634807F1A3E649F45DC0E3697C2CBC966F21AF4D4D9E99531F", "C6A8C2447BF88E0D4461C61E401962D77CBF20913BC12869EED5BF31650D2CCF", "C6D76168198B9EF24D77F1D04BA06E30D33B0C7D71C8457114E69E1A43BB68AD", "C7752951E8085C186BF5D89E852FCD41F36C211BD9364B8CA87F6E4FF8AFF924", "C79D23C222CEF5A47B842EED122B47A6156BE366D2CFAF0600BE6AFF5348D09F", "C810968492FABE70B0CBF249C3674187F1C428AC5C884D1DBAAB3F0B6A3A7FC9", "C8205FB95C2ED4DB838682591C292536A747C0745D002F607FDB822EC4BB12AC", "C84CBEF45E7C55B768FF70F0726C557D5B2B1BA13E601F6D2893838D10B3E0F1", "C854D3DFD3F24731F7427D2F122E814A9AFC5BD6245867AB980A6407E71526FE", "C88FD4D469A35327F18A441E0F6F16137E5E2FA23925AE0EC11E2F76B3D0967E", "C9594147E388237928595F1CF759F8EC355015BE6AC29A030A2FA3207D9B6DE4", "C976F3FB2440651533AB7414A4F76FC3C66CAF49895BE704575E993E6B5F6D48", "C9FB34DC4DD9D107AA44B9450C99B916BC840CD0F468825041F3DBD249EAC5CD", "CA9DCF531A11B03DA139506DC9F6319E49C554DF0F64E8DEC99E49C30FB2656F", "CAD407DFBC6E187A3E74DFA6FCEE14FB4DD4967C79A0911A77D5E485F020AA28", "CB650C098E7F975732842DF3BA263EE87E1FC1874100FCC105AB0C9D8AA03627", "CBA598237EC6F84B53BABD94A4C1A8896539FE5863458FA4408BD6DB2D7A57BB", "CBAD9A5D72D7476363185541BD693344F4EEB28C6708F8A48B2849B3FD618351", "CC5089F9744A6B5AF776C8A1234A9BCA32E0798D396B5C631C8D215B02EA08AB", "CC522CEFDA1CDA2D6A41F4CEB23188FCDCB5B9C7684188F7ACD43070E2E91B27", "CC714D6CB93526CA67C3B1AF953783F7648CF4A4936616886992C0290C5D5B18", "CC7F2C7FBABBEF125BC9CDD07AF840C1709E9984DB5D8952CB809E4D9B63520F", "CC90511999CDCFF078D628EABBA53FB2DAD95FDB412A61D2D60AF25820C65A9B", "CD1271F65919F0A27ABAC5D2FB90AF847030089BEFBA36FA40622E14F85284D4", "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56", "CD9B5BF488F3327F1A5D08B8A25E9EF90D7304376F44A16FB3F05E06566E80FF", "CEF23955780B797D3E4DFF7B2586F5C1F6FE284FDC236FD6F838681B4A03628B", "CF522262D87F5B9763F1CC4CBAEE8D69CF8EAC24981BCFAA135D6302BFDDFDD3", "CF5AE1AC4D7F12352FB77F91CC5048FC41163311A15377504B06C6A053ADC4D7", "CF8080897BA997E374072C563D7B6C6088F56DDA07F407BD98DF25411FE5E09C", "CF99691D618EB1EA9A8A075EF91665712165EA871FA9FCC7A423963F869D124A", "D12D4BA37401CEB11895561D471A9AE3CA7EAB842BCDE04258D6F9B744444396", "D138CF49E6FBCAA675A233FF8BBC22B5BBB468193170BFE1965F464155B0FE14", "D1CE2D9E2B9A3419FE3C9AB3A447623523F119DE8D1288401E98053F1834B378", "D272B1ACFC08FB00F71DAECEAF120EF8F47B4AA0F575849F81F09FF6E35CBFB5", "D2C2FAA59189FC355096429F31F4AD0BE546851207D1F9D74226059031643143", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D339AF4F92E6BDA2B14C46B53EEC584B9068C60D095CA91F8D91E775B6991D1D", "D3B59177D114DCF1239840844E0A1313A6C48D0E9D54BDCA2BE196EB6EC763A0", "D41C12FBC700B1C1A9A83784082394BE3AA1A560141066160B2FD4DDF6C14DD4", "D454B083C2F6C01D5FB789AAD7FBA7EC3275CE75337FDA7E432D981B6497D940", "D4C1C0E6A5170ECC8C7B3DFFE304FF401A904E8D9E1A70A203081EBBCDBE568F", "D4F9AE28EA501CF2A176391E0E920E7B7FC3A2D7D8CE5319FAE6CA44DF5B1E04", "D5006110BB901C8B28332845E7232D26FD36B1609362E9BF8C8B8705EFBF33D5", "D5AA5A836C6CC887766560D5C0DEA7A00ECE08E7210420C4B9BBFF45EA1FF9F6", "D5DD24C882DBB1D9A7CA1FF6A2B5E71A2110BD5524772EF5C4D134F94002AC84", "D5FAA4D531F2C77FCA796CDBE24E353B88AF07EF4901D113FCF9A8A7AA86B84A", "D63678498B94CE4636F5CEB8FAB7C8F6F571F578E6D0EF1B23F011C3A5778E9E", "D70C0CFD2132EBB5AAF3CF53E301E73B5E5845FB7B0FC143B5DBE6CBAF3A884B", "D81266EEF9A30224B03C1D4084FE2FB22F1A32AE3AEF1D43DC3CA53C8F5BCAA6", "D8BB0C04F4C87E1FB90E8BB3AE2E9667CC6668F2651561409DB510A8857B4220", "D8D588857753522B66C312EF6F3B0A65C4ECB964AEB602A162B2335C73AA5957", "D9F3546932BD432766323A6E9A562D656E3EAC77AAB6EE3AAADFF6008E59BC30", "DAA1AB493771F23C03A5CF68B32054DD0BF2FFAABB82BF77077C01F8D84DFBED", "DAB6CB181424781D3CAEADDD031227EAB5B67EECC36B24ACF558ADBC524F2D57", "DB2C86720632450365AEBF019E5390EF2849F0C30BF4F940F146BE30CE25C947", "DB5D4D065C0F261805DE8CAED872298523533EEBF7999AB216A1D9F951C28DC5", "DB866DC8DC23646847AE5E9E25C02B2DF2A195A414B2734DCAA102E637957BAF", "DBF3688DBA798444F3C298FA2AC7CFA893F49EE4F4F4469F192EA874C9A777D6", "DC6CFA97AFC11ECA8AC903B07B25377D9849F6E270CE2A8494F78E7B651A0389", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "DDAC6B14B8934B2E6C225A197BD36CA0AC38FD8684F572F5702537FFE8240DAB", "DDAE44367545E909F1C5E82BA6B48DEA1D51F717CEAE6CED7805AFEA883D85F1", "DDBD4BDAEE1412B8C8199BA8BCDE15F2A42D1C2982D2BFF3B062BFCD642CDD23", "DDE3DEB25676ADC1DB480364A779909356249858CDB0D097DC67216D3015C436", "DE6FC785FAEA5CDC22FA3DD95C1113BD7CE8E4668A2B0686DFF968822706AA72", "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "DFB4A89370117A0C76AEBA610891449C199F7498B60521F9612F1A48A7736A6B", "E0184E948F3D818B565F1FD84CB87C1C12010E2962BE23C8901E7DC4EE7D3CEE", "E026D876441506065638E9669757F49A62954ECA499F837804AD1070CA5C7B19", "E0CAD87D2D58A2FEE5B2191470CEB1BAD189DB6A091A60BC28E6B8904753BA45", "E12AC4164A95297C0432973D30F603FA386B4210C32C90DA21EC4D23B1C17983", "E19B380C2BF0F26DFDCBADD37C1B7D4A13ED463E7B4B4ECE7EEEC8895D5690CB", "E1CD32BD9F91BBD42336CF9972C1DF18FC5977D57499520A6A97DE2B4C471DCE", "E24545639D10A648BCB6D9F4AAE7525E072A1C6A4E5448AFD0E797BA58867591", "E27CF59C9E2E6C51C822E91F4392208E7D3759A654890A485CF9095C81FD8C05", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E2BB43D9DCFAAF1172FDDD2E46ECD410924036D49C8E4E9B1CB5312FDD5E81C8", "E321CD2FAD2352A58756D698FB9F6AEEA2D5866CC41E10025794D036A188BF76", "E3BD856982B27C3FE93EC13A76D5806B5BB18B95DD328F70706B73BE68D790ED", "E515D9AE5ED3FEB7BDBAF35D90286D2E963A5E50F83A19555DC0BA545BE5A8E7", "E51DDF73E3F5CD96B12560329D18889F698C09D96494E43FCCF428FEC32A1F2E", "E538650CAB7B2D6CD412F77C70DB4E45A1E53D161BD7EFE9A7A13EB7FAF5973C", "E5F1A51EB15FC95B082794A6D26932005C3A423DCD7B90C89E58A6878FD1D000", "E600E0C30FA57438BAA328F6729F104613C088264EDBAF41A037C964282DC8A6", "E6075AA4421CDE4C93FB6FE776168FD888F3E662A7F0CD9B705035929B13694E", "E6FCDAF229D9B08B47522BF5A52A247A437CC2DC9C2822EEE2F847066D8AF4D4", "E709674FBABF3ACF153296465B387FAF06F18F887BD2A7754503B905294A1BED", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "E77EC6F45B7D6E8BB278E220AB25F28DDD520313254120E5AA95ABE42DD9D030", "E79BC6C34DAD829FAB4182BB79212B7400A2BCB673A1FFCDE7E446FA6EFAF11B", "E8502415402D8DEE3757A91FDF5FC83A369265B0F5E2AE2A7246A3FC800EEE8B", "E8785330052719CAFEAAD58D08CA6A5AC216720B2ADB457FB5C017CF4DA084A7", "E89944ACFFB4A887B7F06E5F3FC1FCE1030CC953A3AC604AEC6044F23C7ED724", "E8A312ECF86D6A1C6D9722B8D51FDE987A400AF0C6568E0E843C6327878D3511", "E8A9D3E9EB263B8252AC392A110C5699C152EBE388EA85E79DC45D6A3DA9A738", "E9C1A49043693794000D0923340F217402D1FA6EE6CB02F1F2FBFA857D52D321", "EA4BC9A6E1BC28B39AE0C360DA599139777EC05EDFDC5120E91AC3051300D3E7", "EA8553DAFF0C61751BCA11FBF65DA7AD70FBACC18027B10070942936A64799A5", "EAB022DE308F5B13CC9EAE2FD13C9C4FB07FF103515D4C2F19880811A62F133D", "EB488D986A623E81C07D5F38DFFA754649938084B72DDAA698DEA6B41BB73C49", "EBACE003ECE04EFB687B32B1C56A8544D399C6F6EF5AD3DF3696388A24535AAB", "EBBA69401956060B98C4FDDE1CDAAA10D09B28A527F8C5C2F8D2998B16B675C4", "EBBF00D1C8DFAC2AF76D93E0B377EBA032F2F9F1AAFD2C87CD6605C0927AEA08", "EC68A07B2C3DAE1C815890F259C28E42A77D5A3444423C6A6324A3D881B16265", "ED28089FC95E7D5F93CB79EE07E2E9B5DFE0BD6243061242F1C25EB73DF910A0", "ED421E5B06D77F465CCEA96D8345D19C2837ECC2D4297803042D83E3B60C624B", "EDB34CD93CDAF5921CF795AC72A6405C79962D06DE79535AF74133F2884DA4EB", "EDC4C5C80C00EE4AC9AA2C2F8FC5CF316B401A50DA42A577EE4FA380D4A47809", "EDE46F79339F31B288331499F14F3B438F6D996F61A34D7F6C76D195EA6D0845", "EF2B4F4110ACF96FDC34CF6D7B916C577277400859F5F464947088E0CE635995", "EF8F0A9CABE55A98975A5E586449578AFBE0581CC3BBC4848706891FDC02ED1D", "EF9B6C270DCF82283BF13AFE4BD6A359C1D124B7D4895440A36E199964CDEF36", "EFC96C84FC6627E09277E1FB61859CD2CA1859DFD91107C5D299A533D68503BF", "F07DB3E9DE713D6D6258FA7BB69C354916D6B592DF066F85F76143C8963BA25E", "F0864C914EFB62F7C48822F52BDF423B57466738327736DD211AEFBE34B7C109", "F09AD94B48DEE6804F3C9AEE48EB9BA274CE6A40FCE684B18CF3D4B1944D4CCE", "F14A52FB736037E01486249E61D237CDD65B31B91BE931E3C7DE0760AAFD7ED4", "F17C09CA9366DB4B46C2D2458B4B0B2F150A45007792754545A5B15C91CA9BBA", "F2A538AF2ED1CAABCF5F0891DB02363ECADA659FE7F2989D3CCD7668E4585622", "F4B9D71D3FABEC6658928AA2A337B66B863636EDAA889DCF19CDC196449826D5", "F4BDACE4C2BD969BE014F58FD96BAC012DCB9FD40640A048ED223245FEA36AB5", "F5BAF336C0FFA1A9715652B899383A9C6D730D8ADE9E07CAD68C90971C7F8249", "F5D5AAF38F45575DCEBF7AD5E9B3D25AA8678ED2972A091BF0082B881BDC74A4", "F5E4E7E94A5B5416B7962B49F2B3AB24AF78940915813B594DD105945CECD269", "F60FB6B417861EFCE2067F8F14DE0B1CA58EA7D370406ECFBA09B863C8963687", "F6CDB4165F0815673E8D7DF5243F53D5969DA8F04AB124265C7114AE04637CC8", "F6F81EC2A93E77E4D599C827E29E48EFC512C7EB406ED8ADA47D239D81A82F3B", "F7297DEE78789012F7802C00A7D437B06424929237D39542808A1D9905687922", "F7862E3AFF4165C1E96904B0CC478B568FD7C29638F30D7255C5D201546C0450", "F7980932C2678735C2BC72D859D9BE9BD6A2E613155F6CE731318CF3B17871DA", "F872F8566F9FD82E04F4F560133262995FD83D6A264C910C9967DE1B18E27727", "F88AB70CD85155C975C0810DDFE43E2F0438D32F72233BCE8661A2136F3AED87", "F8F311B3072223D52EB3D8154BEE85BE4F61B6D245F44A1A11E0A790CE3F0D4E", "F90FD904FE2AD66DEF4FDDFD5D99DDE1F5E9A79893EE2F3ADB1619E2F648B6FC", "F9A935F07F0C2592550406829A333AA17FFA9DE5B312BF55A008E03FEAC4C43E", "F9ED99C3F4B2D868A3826BA34135EFCC7EF1978329C535488F23E6CF98DA913D", "FA72645AEA039BA3B00779CC846F404BEAFC0CD1CF57E01D9602CBEC8B491F79", "FB50FC72D1ADF03C64135E473D71F8FDDDF0FBB202D69511A7EA94874CC168D1", "FBA957E4586048D9FF15DAEE4F11829492FC4F59F16FD6E5E54DB4DA8A8E3636", "FC5432554321062F7980E7F32E434446E2B7BB8C9560215C6162A9D3DF6BA6A8", "FCAC7D98117B03399F82DCCB838E46178F1E1B0134953A875D65C1A4DDEEE33C", "FD48BA74DC3A1C3984E282E9336A9AAC5D63A6863D7227C72593B2FEC3CC6C79", "FD5117210C2F203C26C62ABB3038601BE66CC50E434B762331873254C1B3BDA3", "FD54ED57D0984C8885C877F9181732A5619A1E525F7855FB4A72EC63053B7375", "FD98647DA723C33CDEC38C52B57AE83B49EBDE217212120E05428E998223B712", "FE252D131D8F7560832F857A2E94C6660B4590940855E6B811C5BA4036C7A5C4", "FEDE4F7915CF8E683DBC7AB56D68872D5740EF9C5D19FED52B140130771052A2", "FF4432A27B4718F6B6690DC3DCFE7C2CBBF0869ADFCB851599EB603D7A8FE82F", "FFF1402575E7BE1F32E231DF470BEDA94544D3C346FFE024F98E6A628264A23E"]}, {"type": "ics", "idList": ["ICSA-18-212-04", "ICSA-19-024-02", "ICSA-19-099-04", "ICSA-20-068-10", "ICSA-21-040-04", "ICSA-21-068-10", "ICSA-21-159-08", "ICSA-22-097-01", "ICSMA-20-184-01", "ICSMA-21-187-01"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4F187FDBA230373382F26BA12E00F8E7"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00088", "INTEL:INTEL-SA-00117", "INTEL:INTEL-SA-00161"]}, {"type": "jvn", "idList": ["JVN:03188560", "JVN:19118282", "JVN:30962312", "JVN:65044642", "JVN:89379547"]}, {"type": "kaspersky", "idList": ["KLA10669", "KLA11118", "KLA11173", "KLA11179", "KLA11203", "KLA11236", "KLA11297", "KLA11304", "KLA11327", "KLA11339", "KLA11405", "KLA11470", "KLA11471", "KLA12363", "KLA12364"]}, {"type": "kitploit", "idList": ["KITPLOIT:5052987141331551837", "KITPLOIT:5230099254245458698", "KITPLOIT:5327440096042512502", "KITPLOIT:6228086289371789135", "KITPLOIT:7013881512724945934", "KITPLOIT:7323577050718865961", "KITPLOIT:8752367943592764867", "KITPLOIT:8917740741292426205"]}, {"type": "lenovo", "idList": ["LENOVO:PS500151-NOSID", "LENOVO:PS500151-READING-PRIVILEGED-MEMORY-WITH-A-SIDE-CHANNEL-NOSID", "LENOVO:PS500159-NOSID", "LENOVO:PS500167-NOSID", "LENOVO:PS500179-L1-TERMINAL-FAULT-SIDE-CHANNEL-VULNERABILITIES-NOSID", "LENOVO:PS500179-NOSID", "LENOVO:PS500190-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2014-0152", "MGASA-2014-0219", "MGASA-2015-0047", "MGASA-2015-0286", "MGASA-2015-0296", "MGASA-2016-0244", "MGASA-2016-0260", "MGASA-2016-0314", "MGASA-2016-0385", "MGASA-2016-0404", "MGASA-2016-0417", "MGASA-2017-0042", "MGASA-2017-0116", "MGASA-2017-0124", "MGASA-2017-0196", "MGASA-2017-0255", "MGASA-2017-0333", "MGASA-2017-0390", "MGASA-2017-0400", "MGASA-2017-0405", "MGASA-2017-0408", "MGASA-2017-0411", "MGASA-2017-0453", "MGASA-2017-0463", "MGASA-2017-0466", "MGASA-2017-0467", "MGASA-2018-0007", "MGASA-2018-0009", "MGASA-2018-0062", "MGASA-2018-0063", "MGASA-2018-0064", "MGASA-2018-0071", "MGASA-2018-0073", "MGASA-2018-0074", "MGASA-2018-0075", "MGASA-2018-0076", "MGASA-2018-0077", "MGASA-2018-0078", "MGASA-2018-0080", "MGASA-2018-0082", "MGASA-2018-0101", "MGASA-2018-0106", "MGASA-2018-0107", "MGASA-2018-0125", "MGASA-2018-0126", "MGASA-2018-0127", "MGASA-2018-0134", "MGASA-2018-0149", "MGASA-2018-0159", "MGASA-2018-0172", "MGASA-2018-0187", "MGASA-2018-0190", "MGASA-2018-0257", "MGASA-2018-0264", "MGASA-2018-0265", "MGASA-2018-0286", "MGASA-2018-0293", "MGASA-2018-0301", "MGASA-2018-0306", "MGASA-2018-0309", "MGASA-2018-0339", "MGASA-2018-0344", "MGASA-2018-0345", "MGASA-2018-0346", "MGASA-2018-0347", "MGASA-2018-0365", "MGASA-2018-0376", "MGASA-2018-0393", "MGASA-2018-0437", "MGASA-2018-0460", "MGASA-2018-0470", "MGASA-2018-0479", "MGASA-2018-0482", "MGASA-2019-0038", "MGASA-2019-0067", "MGASA-2019-0106", "MGASA-2019-0109", "MGASA-2019-0151", "MGASA-2019-0155", "MGASA-2019-0181", "MGASA-2021-0057", "MGASA-2021-0196", "MGASA-2021-0525"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3DDE32E41BE8356C194673EE3ED7FDBE", "MALWAREBYTES:C47D8F4321BF60FB315B6C46B47DF46F"]}, {"type": "mscve", "idList": ["MS:ADV180002", "MS:ADV180018"]}, {"type": "mskb", "idList": ["KB4073065", "KB4284819", "KB4284826", "KB4284835", "KB4284860", "KB4284867", "KB4284874", "KB4284880", "KB4338815", "KB4338820", "KB4338824", "KB4338830", "KB4340583", "KB4343885", "KB4343887", "KB4343888", "KB4343892", "KB4343896", "KB4343897", "KB4343898", "KB4343899", "KB4343900", "KB4343901", "KB4343909", "KB4457984", "KB4458010", "KB4467680", "KB4467686", "KB4467691", "KB4467696", "KB4467702", "KB4467708", "KB4480957", "KB4480960", "KB4480963", "KB4480964", "KB4480968", "KB4480970", "KB4480972", "KB4480975", "KB4493446", "KB4493448", "KB4493464", "KB4493467", "KB4493472"]}, {"type": "msrc", "idList": ["MSRC:3EC2FAA8CFB89D38DF89D5273501E00C"]}, {"type": "myhack58", "idList": ["MYHACK58:62201672113", "MYHACK58:62201785372", "MYHACK58:62201785395", "MYHACK58:62201786348", "MYHACK58:62201786929", "MYHACK58:62201787046", "MYHACK58:62201788199", "MYHACK58:62201992676", "MYHACK58:62201993737", "MYHACK58:62201996132"]}, {"type": "nessus", "idList": ["700322.PRM", "700325.PRM", "700352.PASL", "700390.PRM", "700391.PRM", "700392.PRM", "700513.PRM", "700518.PRM", "700545.PRM", "700610.PASL", "700623.PRM", "700627.PRM", "700628.PRM", "700629.PRM", "700630.PRM", "700631.PRM", "700632.PRM", "700633.PRM", "700634.PRM", "700660.PRM", "700668.PASL", "700672.PASL", "700675.PASL", "700677.PASL", "700680.PASL", "700681.PASL", "700684.PASL", "700687.PASL", "700689.PASL", "700690.PASL", "700693.PASL", "700695.PASL", "700696.PASL", "700700.PASL", "700701.PASL", "700703.PASL", "700705.PASL", "700707.PASL", "700708.PASL", "700709.PASL", "700715.PRM", "700716.PRM", "700717.PRM", "700718.PRM", "701156.PRM", "701333.PASL", "701334.PASL", "8889.PASL", "8958.PRM", "8979.PRM", "8982.PRM", "9460.PRM", "9580.PRM", "9699.PRM", "9800.PRM", "9904.PRM", "9905.PRM", "9906.PASL", "9933.PRM", "9934.PRM", "9941.PRM", "9971.PRM", "ACTIVEMQ_5_15_5.NASL", "ACTIVEMQ_5_15_6.NASL", "AIX_IJ03029.NASL", "AIX_IJ03030.NASL", "AIX_IJ03032.NASL", "AIX_IJ03033.NASL", "AIX_IJ03034.NASL", "AIX_IJ03035.NASL", "AIX_IJ03036.NASL", "AIX_JAVA_APR2019_ADVISORY.NASL", "AIX_OPENSSL_ADVISORY23.NASL", "AIX_OPENSSL_ADVISORY24.NASL", "AIX_OPENSSL_ADVISORY26.NASL", "AIX_OPENSSL_ADVISORY27.NASL", "AIX_OPENSSL_ADVISORY28.NASL", "AIX_OPENSSL_ADVISORY29.NASL", "AIX_OPENSSL_ADVISORY30.NASL", "AL2_ALAS-2018-1004.NASL", "AL2_ALAS-2018-1038.NASL", "AL2_ALAS-2018-1048.NASL", "AL2_ALAS-2018-1058.NASL", "AL2_ALAS-2018-1095.NASL", "AL2_ALAS-2018-1102.NASL", "AL2_ALAS-2018-1104.NASL", "AL2_ALAS-2018-1131.NASL", "AL2_ALAS-2018-939.NASL", "AL2_ALAS-2018-956.NASL", "AL2_ALAS-2018-992.NASL", "AL2_ALAS-2018-994.NASL", "AL2_ALAS-2018-999.NASL", "AL2_ALAS-2019-1141.NASL", "AL2_ALAS-2019-1153.NASL", "AL2_ALAS-2019-1155.NASL", "AL2_ALAS-2019-1160.NASL", "AL2_ALAS-2019-1162.NASL", "AL2_ALAS-2019-1188.NASL", "AL2_ALAS-2019-1192.NASL", "AL2_ALAS-2019-1197.NASL", "AL2_ALAS-2019-1209.NASL", "AL2_ALAS-2019-1216.NASL", "AL2_ALAS-2019-1228.NASL", "AL2_ALAS-2019-1269.NASL", "AL2_ALAS-2019-1292.NASL", "AL2_ALAS-2019-1305.NASL", "AL2_ALAS-2019-1362.NASL", "AL2_ALAS-2020-1402.NASL", "AL2_ALAS-2020-1519.NASL", "AL2_ALAS-2021-1643.NASL", "AL2_ALAS-2021-1647.NASL", "ALA_ALAS-2014-325.NASL", "ALA_ALAS-2016-736.NASL", "ALA_ALAS-2016-776.NASL", "ALA_ALAS-2016-777.NASL", "ALA_ALAS-2016-778.NASL", "ALA_ALAS-2017-803.NASL", "ALA_ALAS-2017-853.NASL", "ALA_ALAS-2017-854.NASL", "ALA_ALAS-2017-862.NASL", "ALA_ALAS-2017-873.NASL", "ALA_ALAS-2017-896.NASL", "ALA_ALAS-2017-913.NASL", "ALA_ALAS-2017-937.NASL", "ALA_ALAS-2018-1000.NASL", "ALA_ALAS-2018-1016.NASL", "ALA_ALAS-2018-1023.NASL", "ALA_ALAS-2018-1038.NASL", "ALA_ALAS-2018-1055.NASL", "ALA_ALAS-2018-1056.NASL", "ALA_ALAS-2018-1058.NASL", "ALA_ALAS-2018-1065.NASL", "ALA_ALAS-2018-1069.NASL", "ALA_ALAS-2018-1070.NASL", "ALA_ALAS-2018-1095.NASL", "ALA_ALAS-2018-1098.NASL", "ALA_ALAS-2018-1099.NASL", "ALA_ALAS-2018-1102.NASL", "ALA_ALAS-2018-1104.NASL", "ALA_ALAS-2018-1109.NASL", "ALA_ALAS-2018-939.NASL", "ALA_ALAS-2018-956.NASL", "ALA_ALAS-2018-972.NASL", "ALA_ALAS-2018-973.NASL", "ALA_ALAS-2019-1153.NASL", "ALA_ALAS-2019-1166.NASL", "ALA_ALAS-2019-1188.NASL", "ALA_ALAS-2019-1208.NASL", "ALA_ALAS-2019-1266.NASL", "ALA_ALAS-2019-1297.NASL", "ALA_ALAS-2019-1313.NASL", "ALA_ALAS-2020-1355.NASL", "ALA_ALAS-2020-1422.NASL", "ALA_ALAS-2022-1562.NASL", "ALMA_LINUX_ALSA-2019-3708.NASL", "ALMA_LINUX_ALSA-2021-1675.NASL", "APACHE_2_4_28.NASL", "APACHE_2_4_35.NASL", "APACHE_2_4_38.NASL", "APACHE_CASSANDRA_RMI_ID_2020.NASL", "APPLE_IOS_1122_CHECK.NBIN", "APPLE_IOS_112_CHECK.NBIN", "APPLE_IOS_90_CHECK.NBIN", "CENTOS8_RHSA-2019-1518.NASL", "CENTOS8_RHSA-2019-1529.NASL", "CENTOS8_RHSA-2019-2511.NASL", "CENTOS8_RHSA-2019-3700.NASL", "CENTOS8_RHSA-2019-3701.NASL", "CENTOS8_RHSA-2019-3702.NASL", "CENTOS8_RHSA-2019-3708.NASL", "CENTOS8_RHSA-2020-4670.NASL", "CENTOS8_RHSA-2020-4751.NASL", "CENTOS8_RHSA-2020-4847.NASL", "CENTOS8_RHSA-2021-1675.NASL", "CENTOS8_RHSA-2021-1809.NASL", "CENTOS_RHSA-2014-0348.NASL", "CENTOS_RHSA-2014-0474.NASL", "CENTOS_RHSA-2016-2599.NASL", "CENTOS_RHSA-2017-0286.NASL", "CENTOS_RHSA-2017-1809.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-2486.NASL", "CENTOS_RHSA-2017-2882.NASL", "CENTOS_RHSA-2017-2972.NASL", "CENTOS_RHSA-2017-3080.NASL", "CENTOS_RHSA-2017-3081.NASL", "CENTOS_RHSA-2018-0007.NASL", "CENTOS_RHSA-2018-0008.NASL", "CENTOS_RHSA-2018-0151.NASL", "CENTOS_RHSA-2018-0512.NASL", "CENTOS_RHSA-2018-0592.NASL", "CENTOS_RHSA-2018-0998.NASL", "CENTOS_RHSA-2018-1062.NASL", "CENTOS_RHSA-2018-1319.NASL", "CENTOS_RHSA-2018-2384.NASL", "CENTOS_RHSA-2018-2390.NASL", "CENTOS_RHSA-2018-2768.NASL", "CENTOS_RHSA-2018-2898.NASL", "CENTOS_RHSA-2018-3083.NASL", "CENTOS_RHSA-2018-3090.NASL", "CENTOS_RHSA-2018-3092.NASL", "CENTOS_RHSA-2018-3221.NASL", "CENTOS_RHSA-2019-0049.NASL", "CENTOS_RHSA-2019-0201.NASL", "CENTOS_RHSA-2019-0483.NASL", "CENTOS_RHSA-2019-0485.NASL", "CENTOS_RHSA-2019-0774.NASL", "CENTOS_RHSA-2019-0775.NASL", "CENTOS_RHSA-2019-0778.NASL", "CENTOS_RHSA-2019-0790.NASL", "CENTOS_RHSA-2019-0791.NASL", "CENTOS_RHSA-2019-2125.NASL", "CENTOS_RHSA-2019-2205.NASL", "CENTOS_RHSA-2019-2237.NASL", "CENTOS_RHSA-2019-2304.NASL", "CENTOS_RHSA-2019-2327.NASL", "CENTOS_RHSA-2019-2471.NASL", "CENTOS_RHSA-2020-1121.NASL", "CENTOS_RHSA-2020-3936.NASL", "CISCO-SA-20180328-SNMP.NASL", "CITRIX_XENSERVER_CTX231390.NASL", "CITRIX_XENSERVER_CTX234679.NASL", "CITRIX_XENSERVER_CTX236548.NASL", "DEBIAN_DLA-1102.NASL", "DEBIAN_DLA-1157.NASL", "DEBIAN_DLA-1200.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DLA-1301.NASL", "DEBIAN_DLA-1330.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-1385.NASL", "DEBIAN_DLA-1405.NASL", "DEBIAN_DLA-1422.NASL", "DEBIAN_DLA-1423.NASL", "DEBIAN_DLA-1449.NASL", "DEBIAN_DLA-1450.NASL", "DEBIAN_DLA-1453.NASL", "DEBIAN_DLA-1481.NASL", "DEBIAN_DLA-1491.NASL", "DEBIAN_DLA-1506.NASL", "DEBIAN_DLA-1544.NASL", "DEBIAN_DLA-1545.NASL", "DEBIAN_DLA-1586.NASL", "DEBIAN_DLA-1639.NASL", "DEBIAN_DLA-1647.NASL", "DEBIAN_DLA-1672.NASL", "DEBIAN_DLA-1701.NASL", "DEBIAN_DLA-1703.NASL", "DEBIAN_DLA-1704.NASL", "DEBIAN_DLA-1711.NASL", "DEBIAN_DLA-1728.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-1782.NASL", "DEBIAN_DLA-2091.NASL", "DEBIAN_DLA-219.NASL", "DEBIAN_DLA-2342.NASL", "DEBIAN_DLA-2388.NASL", "DEBIAN_DLA-2583.NASL", "DEBIAN_DLA-2635.NASL", "DEBIAN_DLA-274.NASL", "DEBIAN_DLA-2822.NASL", "DEBIAN_DLA-528.NASL", "DEBIAN_DLA-529.NASL", "DEBIAN_DLA-57.NASL", "DEBIAN_DLA-615.NASL", "DEBIAN_DLA-728.NASL", "DEBIAN_DLA-729.NASL", "DEBIAN_DLA-744.NASL", "DEBIAN_DLA-814.NASL", "DEBIAN_DLA-918.NASL", "DEBIAN_DLA-931.NASL", "DEBIAN_DLA-947.NASL", "DEBIAN_DLA-989.NASL", "DEBIAN_DLA-996.NASL", "DEBIAN_DSA-2886.NASL", "DEBIAN_DSA-2940.NASL", "DEBIAN_DSA-3187.NASL", "DEBIAN_DSA-3323.NASL", "DEBIAN_DSA-3609.NASL", "DEBIAN_DSA-3611.NASL", "DEBIAN_DSA-3614.NASL", "DEBIAN_DSA-3725.NASL", "DEBIAN_DSA-3738.NASL", "DEBIAN_DSA-3739.NASL", "DEBIAN_DSA-3773.NASL", "DEBIAN_DSA-3830.NASL", "DEBIAN_DSA-3839.NASL", "DEBIAN_DSA-3891.NASL", "DEBIAN_DSA-3892.NASL", "DEBIAN_DSA-3893.NASL", "DEBIAN_DSA-3980.NASL", "DEBIAN_DSA-4004.NASL", "DEBIAN_DSA-4017.NASL", "DEBIAN_DSA-4018.NASL", "DEBIAN_DSA-4037.NASL", "DEBIAN_DSA-4065.NASL", "DEBIAN_DSA-4078.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4120.NASL", "DEBIAN_DSA-4157.NASL", "DEBIAN_DSA-4158.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4190.NASL", "DEBIAN_DSA-4215.NASL", "DEBIAN_DSA-4230.NASL", "DEBIAN_DSA-4231.NASL", "DEBIAN_DSA-4233.NASL", "DEBIAN_DSA-4274.NASL", "DEBIAN_DSA-4279.NASL", "DEBIAN_DSA-4281.NASL", "DEBIAN_DSA-4348.NASL", "DEBIAN_DSA-4355.NASL", "DEBIAN_DSA-4367.NASL", "DEBIAN_DSA-4386.NASL", "DEBIAN_DSA-4387.NASL", "DEBIAN_DSA-4400.NASL", "DEBIAN_DSA-4422.NASL", "DEBIAN_DSA-4452.NASL", "DEBIAN_DSA-4453.NASL", "DEBIAN_DSA-4469.NASL", "DEBIAN_DSA-4596.NASL", "DOMINO_SWG21992835.NASL", "DRUPAL_9_3_3.NASL", "EULEROS_SA-2016-1054.NASL", "EULEROS_SA-2017-1029.NASL", "EULEROS_SA-2017-1030.NASL", "EULEROS_SA-2017-1110.NASL", "EULEROS_SA-2017-1114.NASL", "EULEROS_SA-2017-1129.NASL", "EULEROS_SA-2017-1191.NASL", "EULEROS_SA-2017-1192.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "EULEROS_SA-2017-1252.NASL", "EULEROS_SA-2017-1253.NASL", "EULEROS_SA-2017-1261.NASL", "EULEROS_SA-2017-1262.NASL", "EULEROS_SA-2017-1271.NASL", "EULEROS_SA-2017-1282.NASL", "EULEROS_SA-2017-1305.NASL", "EULEROS_SA-2017-1306.NASL", "EULEROS_SA-2018-1001.NASL", "EULEROS_SA-2018-1002.NASL", "EULEROS_SA-2018-1031.NASL", "EULEROS_SA-2018-1054.NASL", "EULEROS_SA-2018-1055.NASL", "EULEROS_SA-2018-1092.NASL", "EULEROS_SA-2018-1093.NASL", "EULEROS_SA-2018-1115.NASL", "EULEROS_SA-2018-1132.NASL", "EULEROS_SA-2018-1159.NASL", "EULEROS_SA-2018-1179.NASL", "EULEROS_SA-2018-1214.NASL", "EULEROS_SA-2018-1236.NASL", "EULEROS_SA-2018-1245.NASL", "EULEROS_SA-2018-1260.NASL", "EULEROS_SA-2018-1278.NASL", "EULEROS_SA-2018-1279.NASL", "EULEROS_SA-2018-1289.NASL", "EULEROS_SA-2018-1296.NASL", "EULEROS_SA-2018-1306.NASL", "EULEROS_SA-2018-1323.NASL", "EULEROS_SA-2018-1332.NASL", "EULEROS_SA-2018-1339.NASL", "EULEROS_SA-2018-1344.NASL", "EULEROS_SA-2018-1345.NASL", "EULEROS_SA-2018-1350.NASL", "EULEROS_SA-2018-1358.NASL", "EULEROS_SA-2018-1366.NASL", "EULEROS_SA-2018-1381.NASL", "EULEROS_SA-2018-1383.NASL", "EULEROS_SA-2018-1392.NASL", "EULEROS_SA-2018-1420.NASL", "EULEROS_SA-2018-1434.NASL", "EULEROS_SA-2019-1009.NASL", "EULEROS_SA-2019-1024.NASL", "EULEROS_SA-2019-1025.NASL", "EULEROS_SA-2019-1038.NASL", "EULEROS_SA-2019-1045.NASL", "EULEROS_SA-2019-1050.NASL", "EULEROS_SA-2019-1060.NASL", "EULEROS_SA-2019-1084.NASL", "EULEROS_SA-2019-1086.NASL", "EULEROS_SA-2019-1097.NASL", "EULEROS_SA-2019-1107.NASL", "EULEROS_SA-2019-1113.NASL", "EULEROS_SA-2019-1128.NASL", "EULEROS_SA-2019-1137.NASL", "EULEROS_SA-2019-1145.NASL", "EULEROS_SA-2019-1164.NASL", "EULEROS_SA-2019-1166.NASL", "EULEROS_SA-2019-1169.NASL", "EULEROS_SA-2019-1185.NASL", "EULEROS_SA-2019-1201.NASL", "EULEROS_SA-2019-1225.NASL", "EULEROS_SA-2019-1227.NASL", "EULEROS_SA-2019-1228.NASL", "EULEROS_SA-2019-1233.NASL", "EULEROS_SA-2019-1235.NASL", "EULEROS_SA-2019-1242.NASL", "EULEROS_SA-2019-1252.NASL", "EULEROS_SA-2019-1258.NASL", "EULEROS_SA-2019-1267.NASL", "EULEROS_SA-2019-1271.NASL", "EULEROS_SA-2019-1294.NASL", "EULEROS_SA-2019-1301.NASL", "EULEROS_SA-2019-1325.NASL", "EULEROS_SA-2019-1326.NASL", "EULEROS_SA-2019-1386.NASL", "EULEROS_SA-2019-1389.NASL", "EULEROS_SA-2019-1397.NASL", "EULEROS_SA-2019-1399.NASL", "EULEROS_SA-2019-1400.NASL", "EULEROS_SA-2019-1412.NASL", "EULEROS_SA-2019-1416.NASL", "EULEROS_SA-2019-1419.NASL", "EULEROS_SA-2019-1426.NASL", "EULEROS_SA-2019-1453.NASL", "EULEROS_SA-2019-1499.NASL", "EULEROS_SA-2019-1504.NASL", "EULEROS_SA-2019-1514.NASL", "EULEROS_SA-2019-1515.NASL", "EULEROS_SA-2019-1528.NASL", "EULEROS_SA-2019-1538.NASL", "EULEROS_SA-2019-1539.NASL", "EULEROS_SA-2019-1546.NASL", "EULEROS_SA-2019-1547.NASL", "EULEROS_SA-2019-1548.NASL", "EULEROS_SA-2019-1551.NASL", "EULEROS_SA-2019-1584.NASL", "EULEROS_SA-2019-1585.NASL", "EULEROS_SA-2019-1602.NASL", "EULEROS_SA-2019-1637.NASL", "EULEROS_SA-2019-1638.NASL", "EULEROS_SA-2019-1643.NASL", "EULEROS_SA-2019-1654.NASL", "EULEROS_SA-2019-1667.NASL", "EULEROS_SA-2019-1732.NASL", "EULEROS_SA-2019-1745.NASL", "EULEROS_SA-2019-1755.NASL", "EULEROS_SA-2019-1759.NASL", "EULEROS_SA-2019-1772.NASL", "EULEROS_SA-2019-1828.NASL", "EULEROS_SA-2019-1835.NASL", "EULEROS_SA-2019-1903.NASL", "EULEROS_SA-2019-1943.NASL", "EULEROS_SA-2019-1969.NASL", "EULEROS_SA-2019-1979.NASL", "EULEROS_SA-2019-1981.NASL", "EULEROS_SA-2019-1992.NASL", "EULEROS_SA-2019-2007.NASL", "EULEROS_SA-2019-2008.NASL", "EULEROS_SA-2019-2030.NASL", "EULEROS_SA-2019-2047.NASL", "EULEROS_SA-2019-2159.NASL", "EULEROS_SA-2019-2174.NASL", "EULEROS_SA-2019-2175.NASL", "EULEROS_SA-2019-2218.NASL", "EULEROS_SA-2019-2246.NASL", "EULEROS_SA-2019-2248.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2311.NASL", "EULEROS_SA-2019-2312.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2361.NASL", "EULEROS_SA-2019-2390.NASL", "EULEROS_SA-2019-2430.NASL", "EULEROS_SA-2019-2438.NASL", "EULEROS_SA-2019-2467.NASL", "EULEROS_SA-2019-2476.NASL", "EULEROS_SA-2019-2483.NASL", "EULEROS_SA-2019-2509.NASL", "EULEROS_SA-2019-2543.NASL", "EULEROS_SA-2019-2594.NASL", "EULEROS_SA-2019-2599.NASL", "EULEROS_SA-2019-2675.NASL", "EULEROS_SA-2020-1155.NASL", "EULEROS_SA-2020-1214.NASL", "EULEROS_SA-2020-1252.NASL", "EULEROS_SA-2020-1261.NASL", "EULEROS_SA-2020-1359.NASL", "EULEROS_SA-2020-1454.NASL", "EULEROS_SA-2020-1629.NASL", "EULEROS_SA-2020-1651.NASL", "EULEROS_SA-2020-1718.NASL", "EULEROS_SA-2020-1754.NASL", "EULEROS_SA-2020-2025.NASL", "EULEROS_SA-2020-2100.NASL", "EULEROS_SA-2020-2205.NASL", "EULEROS_SA-2021-1150.NASL", "EULEROS_SA-2021-1221.NASL", "EULEROS_SA-2021-1506.NASL", "EULEROS_SA-2021-1555.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2758.NASL", "EULEROS_SA-2021-2785.NASL", "EULEROS_SA-2022-1949.NASL", "F5_BIGIP_SOL06044762.NASL", "F5_BIGIP_SOL14363514.NASL", "F5_BIGIP_SOL21665601.NASL", "F5_BIGIP_SOL22040951.NASL", "F5_BIGIP_SOL31085564.NASL", "F5_BIGIP_SOL31300402.NASL", "F5_BIGIP_SOL37526132.NASL", "F5_BIGIP_SOL43570545.NASL", "F5_BIGIP_SOL44512851.NASL", "F5_BIGIP_SOL49711130.NASL", "F5_BIGIP_SOL54252492.NASL", "F5_BIGIP_SOL91229003.NASL", "F5_BIGIP_SOL95275140.NASL", "FEDORA_2014-4426.NASL", "FEDORA_2014-4443.NASL", "FEDORA_2014-9380.NASL", "FEDORA_2015-15899.NASL", "FEDORA_2015-15907.NASL", "FEDORA_2015-16314.NASL", "FEDORA_2015-16315.NASL", "FEDORA_2015-6084.NASL", "FEDORA_2015-6087.NASL", "FEDORA_2016-0A4DCCDD23.NASL", "FEDORA_2016-21BD6A33AF.NASL", "FEDORA_2016-2B0C16FD82.NASL", "FEDORA_2016-81613D042D.NASL", "FEDORA_2016-98CCA07999.NASL", "FEDORA_2016-9C33466FBB.NASL", "FEDORA_2016-A0DC2C43D0.NASL", "FEDORA_2016-A2B9ADCD5C.NASL", "FEDORA_2016-A98C560116.NASL", "FEDORA_2016-D717FDCF74.NASL", "FEDORA_2016-DB6EA7F449.NASL", "FEDORA_2016-F4A443888B.NASL", "FEDORA_2017-11EDC0D6C3.NASL", "FEDORA_2017-1AA946D52B.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-3451DBEC48.NASL", "FEDORA_2017-3C893719F4.NASL", "FEDORA_2017-4CF72E2C11.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-512A6C5AAE.NASL", "FEDORA_2017-55A3247CFD.NASL", "FEDORA_2017-5760B80676.NASL", "FEDORA_2017-63789C8C29.NASL", "FEDORA_2017-6A0389A6A7.NASL", "FEDORA_2017-6A75C816FA.NASL", "FEDORA_2017-71B9A2EF5F.NASL", "FEDORA_2017-794C18B62D.NASL", "FEDORA_2017-7E0FF7F73A.NASL", "FEDORA_2017-7F30914972.NASL", "FEDORA_2017-8348115ACD.NASL", "FEDORA_2017-856E8F657D.NASL", "FEDORA_2017-8DF9EFED5F.NASL", "FEDORA_2017-950CC68400.NASL", "FEDORA_2017-9899ABA20E.NASL", "FEDORA_2017-A19B28F8CE.NASL", "FEDORA_2017-A52F252521.NASL", "FEDORA_2017-AA9927961F.NASL", "FEDORA_2017-B8358CDA24.NASL", "FEDORA_2017-C110AC0EB1.NASL", "FEDORA_2017-C2CEFCC2B3.NASL", "FEDORA_2017-CAFCDBDDE5.NASL", "FEDORA_2017-DBEC196DD8.NASL", "FEDORA_2017-E4638A345C.NASL", "FEDORA_2017-E853B4144F.NASL", "FEDORA_2017-EBB76FC3C9.NASL", "FEDORA_2017-EF7C118DBC.NASL", "FEDORA_2017-F452765E1E.NASL", "FEDORA_2017-F499EE7B12.NASL", "FEDORA_2017-FDD3A98E8F.NASL", "FEDORA_2018-02A38AF202.NASL", "FEDORA_2018-0590E4AF13.NASL", "FEDORA_2018-168AF81706.NASL", "FEDORA_2018-1A7A5C54C2.NASL", "FEDORA_2018-1B4F1158E2.NASL", "FEDORA_2018-1C80FEA1CD.NASL", "FEDORA_2018-1CBDC8CBB8.NASL", "FEDORA_2018-1EA5BEB4CF.NASL", "FEDORA_2018-2575EDF8D3.NASL", "FEDORA_2018-2F696A3BE3.NASL", "FEDORA_2018-39E0872379.NASL", "FEDORA_2018-40DC8B8B16.NASL", "FEDORA_2018-49651B2236.NASL", "FEDORA_2018-4A21A8CA59.NASL", "FEDORA_2018-50F0DA5D38.NASL", "FEDORA_2018-520E4C5B4E.NASL", "FEDORA_2018-633ACF0ED6.NASL", "FEDORA_2018-6788454AB6.NASL", "FEDORA_2018-683DFDE81A.NASL", "FEDORA_2018-690989736A.NASL", "FEDORA_2018-6FFB18592F.NASL", "FEDORA_2018-76AFAF1961.NASL", "FEDORA_2018-79792E0C64.NASL", "FEDORA_2018-8B0AD602BE.NASL", "FEDORA_2018-915602DF63.NASL", "FEDORA_2018-916DFE0D86.NASL", "FEDORA_2018-9490B422E7.NASL", "FEDORA_2018-98AB6B4E56.NASL", "FEDORA_2018-9CDBB641F9.NASL", "FEDORA_2018-9D667BDFF8.NASL", "FEDORA_2018-A233DAE4AB.NASL", "FEDORA_2018-A4353F97DB.NASL", "FEDORA_2018-A46B358764.NASL", "FEDORA_2018-A78B2EF820.NASL", "FEDORA_2018-B1832101B8.NASL", "FEDORA_2018-BB9D24C82D.NASL", "FEDORA_2018-C1EF35A4F9.NASL", "FEDORA_2018-C72D2D89EC.NASL", "FEDORA_2018-CECED55C5E.NASL", "FEDORA_2018-D09A73CE72.NASL", "FEDORA_2018-D82B617D6C.NASL", "FEDORA_2018-DA9FE79871.NASL", "FEDORA_2018-E6894349C9.NASL", "FEDORA_2018-EAA7DE17AE.NASL", "FEDORA_2018-F8CBA144AE.NASL", "FEDORA_2019-00C25B9379.NASL", "FEDORA_2019-0300C36537.NASL", "FEDORA_2019-133A8A7CB5.NASL", "FEDORA_2019-18B3A10C7F.NASL", "FEDORA_2019-43489941FF.NASL", "FEDORA_2019-75B4A34D4F.NASL", "FEDORA_2019-96516CE0AC.NASL", "FEDORA_2019-9A0A7C0986.NASL", "FEDORA_2019-9EB0AE6296.NASL", "FEDORA_2019-A8FFCFF7EE.NASL", "FEDORA_2019-C106E46A95.NASL", "FEDORA_2019-DB06EFDEA1.NASL", "FEDORA_2019-DF57551F6D.NASL", "FEDORA_2019-F6FF819834.NASL", "FEDORA_2020-62D2FF9FA8.NASL", "FREEBSD_PKG_0904E81FA89D11E8AFBBBC5FF4F77B71.NASL", "FREEBSD_PKG_0B9AF110D52911E6AE1B002590263BF5.NASL", "FREEBSD_PKG_198E6220AC8B11E9A1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_1A802BA9F44411E69940B499BAEBFEAF.NASL", "FREEBSD_PKG_1CE95BC7327811E8B52700012E582166.NASL", "FREEBSD_PKG_2310B814A65211E8805BA4BADB2F4699.NASL", "FREEBSD_PKG_238AE7DEDBA211E8B713B499BAEBFEAF.NASL", "FREEBSD_PKG_2A86F45AFC3C11E8A41400155D006B02.NASL", "FREEBSD_PKG_3BB451FCDB6411E7AC58B499BAEBFEAF.NASL", "FREEBSD_PKG_416CA0F43FE011E9BBDD6805CA0B3D42.NASL", "FREEBSD_PKG_4A088D673AF211E79D75C86000169601.NASL", "FREEBSD_PKG_4AF92A40DB3311E6AE1B002590263BF5.NASL", "FREEBSD_PKG_50751310A76311E6A881B499BAEBFEAF.NASL", "FREEBSD_PKG_55C4233E184411E8A7120025908740C2.NASL", "FREEBSD_PKG_607F8B57745442C6A88A8706F327076D.NASL", "FREEBSD_PKG_61B8C3594AAB11E6A7BD14DAE9D210B8.NASL", "FREEBSD_PKG_67B3FEF22BEA11E586FF14DAE9D210B8.NASL", "FREEBSD_PKG_6F170CF2E6B711E8A9A8B499BAEBFEAF.NASL", "FREEBSD_PKG_714B033A2B0911E98BC3610FD6E6CD05.NASL", "FREEBSD_PKG_71C71CE0080511EBA3A40019DBB15B3F.NASL", "FREEBSD_PKG_74DAA370279711E895ECA4BADB2F4699.NASL", "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "FREEBSD_PKG_7700061F34F711E9B95CB499BAEBFEAF.NASL", "FREEBSD_PKG_8F353420419711E88777B499BAEBFEAF.NASL", "FREEBSD_PKG_909BE51B9B3B11E8ADD2B499BAEBFEAF.NASL", "FREEBSD_PKG_93F8E0FFF33D11E8BE460019DBB15B3F.NASL", "FREEBSD_PKG_9442A811DAB311E7B5AFA4BADB2F4699.NASL", "FREEBSD_PKG_9B5162DE6F3911E8818EE8E0B747A45A.NASL", "FREEBSD_PKG_9F7A0F39DDC011E7B5AFA4BADB2F4699.NASL", "FREEBSD_PKG_B71D71933C5411E9A3F900155D006B02.NASL", "FREEBSD_PKG_B7CFF5A931CC11E88F07B499BAEBFEAF.NASL", "FREEBSD_PKG_BEA84A7AE0C911E7B4F311BAA0C2DF21.NASL", "FREEBSD_PKG_C0DAE63448204505850DB1C975D0F67D.NASL", "FREEBSD_PKG_C1265E857C9511E793AF005056925DB4.NASL", "FREEBSD_PKG_C82ECAC56E3F11E88777B499BAEBFEAF.NASL", "FREEBSD_PKG_CBCEEB493BC711E68E82002590263BF5.NASL", "FREEBSD_PKG_D455708AE3D311E69940B499BAEBFEAF.NASL", "FREEBSD_PKG_D70C9E18F34011E8BE460019DBB15B3F.NASL", "FREEBSD_PKG_E182C076C18911E8A6D2B499BAEBFEAF.NASL", "FREEBSD_PKG_E30E0C99A1B711E4B85C00262D5ED8EE.NASL", "FREEBSD_PKG_EB888CE51F1911E9BE054C72B94353B5.NASL", "FREEBSD_PKG_ED8D5535CA7811E9980B999FF59C22EA.NASL", "FREEBSD_PKG_F40F07AAC00F11E7AC58B499BAEBFEAF.NASL", "FREEBSD_PKG_FE93803C883F11E89F0C001B216D295B.NASL", "GENTOO_GLSA-201502-13.NASL", "GENTOO_GLSA-201503-06.NASL", "GENTOO_GLSA-201507-04.NASL", "GENTOO_GLSA-201604-02.NASL", "GENTOO_GLSA-201607-09.NASL", "GENTOO_GLSA-201610-01.NASL", "GENTOO_GLSA-201701-58.NASL", "GENTOO_GLSA-201702-07.NASL", "GENTOO_GLSA-201705-09.NASL", "GENTOO_GLSA-201706-14.NASL", "GENTOO_GLSA-201710-03.NASL", "GENTOO_GLSA-201710-28.NASL", "GENTOO_GLSA-201710-32.NASL", "GENTOO_GLSA-201712-03.NASL", "GENTOO_GLSA-201802-04.NASL", "GENTOO_GLSA-201804-02.NASL", "GENTOO_GLSA-201810-06.NASL", "GENTOO_GLSA-201811-03.NASL", "GENTOO_GLSA-201811-21.NASL", "GENTOO_GLSA-201903-03.NASL", "GENTOO_GLSA-201903-07.NASL", "GENTOO_GLSA-201903-10.NASL", "GENTOO_GLSA-201903-16.NASL", "GENTOO_GLSA-201903-21.NASL", "GENTOO_GLSA-201908-04.NASL", "GENTOO_GLSA-201908-10.NASL", "GENTOO_GLSA-202007-53.NASL", "GENTOO_GLSA-202107-39.NASL", "GLASSFISH_CPU_OCT_2017.NASL", "GOOGLE_CHROME_40_0_2214_91.NASL", "GOOGLE_CHROME_64_0_3282_119.NASL", "HP_IMC_73_E0504P04.NASL", "HP_INTELLIGENT_MANAGEMENT_CENTER_7_3_E0504P04.NASL", "IBM_HTTP_SERVER_298437.NASL", "IBM_HTTP_SERVER_569301.NASL", "IBM_HTTP_SERVER_869064.NASL", "IBM_JAVA_2018_08_01.NASL", "IBM_JAVA_2019_04_16.NASL", "IBM_TEM_9_5_10.NASL", "IBM_TEM_9_5_12.NASL", "ITUNES_12_3_0.NASL", "ITUNES_12_3_0_BANNER.NASL", "JBOSS_EAP_RHSA-2019-1162.NASL", "JFROG_ARTIFACTORY_6_1.NASL", "JFROG_ARTIFACTORY_7_8_1.NASL", "JQUERY_3_0_0.NASL", "JUNIPER_JSA10775.NASL", "JUNIPER_JSA10919.NASL", "JUNIPER_JSA10949.NASL", "JUNIPER_NSM_JSA10851.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "JUNIPER_SPACE_JSA_10838.NASL", "LCE_5_1_1.NASL", "LINUX_KERNEL_SPECULATIVE_EXECUTION_DETECT.NBIN", "MACOSX_10_11.NASL", "MACOSX_FIREFOX_57_0_4.NASL", "MACOSX_FUSION_VMSA_2017_0021.NASL", "MACOSX_FUSION_VMSA_2018_0020.NASL", "MACOSX_GOOGLE_CHROME_40_0_2214_91.NASL", "MACOSX_SAFARI11_0_2_PATCH_2018_01_08.NASL", "MACOSX_SECUPD2017-005.NASL", "MACOSX_SECUPD2018-001.NASL", "MACOSX_SECUPD2018-005.NASL", "MACOSX_SECUPD_10_13_6_2018-002.NASL", "MACOS_10_13_2.NASL", "MACOS_10_14.NASL", "MANDRIVA_MDVSA-2014-095.NASL", "MANDRIVA_MDVSA-2015-161.NASL", "MARIADB_10_1_39.NASL", "MARIADB_10_2_24.NASL", "MARIADB_10_3_15.NASL", "MARIADB_10_4_5.NASL", "MARIADB_5_5_64.NASL", "MICROSOFT_WINDOWS_SPEC_EXECUTION.NBIN", "MOZILLA_FIREFOX_57_0_4.NASL", "MYSQL_5_6_36.NASL", "MYSQL_5_6_36_RPM.NASL", "MYSQL_5_6_37.NASL", "MYSQL_5_6_37_RPM.NASL", "MYSQL_5_6_41_RPM.NASL", "MYSQL_5_6_43.NASL", "MYSQL_5_6_44.NASL", "MYSQL_5_7_18.NASL", "MYSQL_5_7_18_RPM.NASL", "MYSQL_5_7_19.NASL", "MYSQL_5_7_19_RPM.NASL", "MYSQL_5_7_23.NASL", "MYSQL_5_7_23_RPM.NASL", "MYSQL_5_7_25.NASL", "MYSQL_5_7_27.NASL", "MYSQL_5_7_27_JULY.NASL", "MYSQL_8_0_12.NASL", "MYSQL_8_0_12_RPM.NASL", "MYSQL_8_0_14.NASL", "MYSQL_8_0_16.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_5_7958.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_2_1075.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_3_1199.NASL", "MYSQL_ENTERPRISE_MONITOR_3_4_3_4225.NASL", "MYSQL_ENTERPRISE_MONITOR_3_4_8.NASL", "MYSQL_ENTERPRISE_MONITOR_4_0_2_5168.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_14.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_15.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_16.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_3.NASL", "NESSUS_TNS_2018_14.NASL", "NESSUS_TNS_2018_16.NASL", "NESSUS_TNS_2018_17.NASL", "NESSUS_TNS_2019_02.NASL", "NEWSTART_CGSL_NS-SA-2019-0007_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0015_SLF4J.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0040_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2019-0044_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0049_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0051_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0057_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0059_TOMCAT.NASL", "NEWSTART_CGSL_NS-SA-2019-0060_OPENSSH.NASL", "NEWSTART_CGSL_NS-SA-2019-0065_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0066_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2019-0070_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0074_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0076_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0090_JAVA-1.7.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0093_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0094_OPENSSH-LATEST.NASL", "NEWSTART_CGSL_NS-SA-2019-0117_TOMCAT6.NASL", "NEWSTART_CGSL_NS-SA-2019-0118_HTTPD.NASL", "NEWSTART_CGSL_NS-SA-2019-0131_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0152_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0154_JAVA-1.7.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0157_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0157_OPENSSH-LATEST.NASL", "NEWSTART_CGSL_NS-SA-2019-0176_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0193_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0197_MARIADB.NASL", "NEWSTART_CGSL_NS-SA-2019-0206_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0218_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2019-0236_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0239_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2019-0243_MARIADB.NASL", "NEWSTART_CGSL_NS-SA-2019-0254_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2020-0019_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2020-0066_HTTPD.NASL", "NEWSTART_CGSL_NS-SA-2020-0110_HTTPD.NASL", "NEWSTART_CGSL_NS-SA-2021-0045_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0053_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2021-0171_IPA.NASL", "NEWSTART_CGSL_NS-SA-2021-0180_OVMF.NASL", "NEWSTART_CGSL_NS-SA-2022-0009_OVMF.NASL", "NODEJS_2018_AUG.NASL", "NODEJS_2018_NOV.NASL", "NVIDIA_UNIX_CVE_2017_5753.NASL", "NVIDIA_WIN_CVE_2017_5753.NASL", "OPENJDK_2019-04-16.NASL", "OPENSSH_80.NASL", "OPENSSL_1_0_2K.NASL", "OPENSSL_1_0_2M.NASL", "OPENSSL_1_0_2N.NASL", "OPENSSL_1_0_2O.NASL", "OPENSSL_1_0_2P.NASL", "OPENSSL_1_0_2Q.NASL", "OPENSSL_1_0_2R.NASL", "OPENSSL_1_1_0C.NASL", "OPENSSL_1_1_0D.NASL", "OPENSSL_1_1_0E.NASL", "OPENSSL_1_1_0G.NASL", "OPENSSL_1_1_0H.NASL", "OPENSSL_1_1_0I.NASL", "OPENSSL_1_1_0J.NASL", "OPENSSL_1_1_1A.NASL", "OPENSUSE-2014-445.NASL", "OPENSUSE-2015-204.NASL", "OPENSUSE-2015-953.NASL", "OPENSUSE-2016-1056.NASL", "OPENSUSE-2016-1191.NASL", "OPENSUSE-2016-1455.NASL", "OPENSUSE-2016-1456.NASL", "OPENSUSE-2016-273.NASL", "OPENSUSE-2017-1011.NASL", "OPENSUSE-2017-1083.NASL", "OPENSUSE-2017-1194.NASL", "OPENSUSE-2017-1196.NASL", "OPENSUSE-2017-1224.NASL", "OPENSUSE-2017-1299.NASL", "OPENSUSE-2017-1324.NASL", "OPENSUSE-2017-1381.NASL", "OPENSUSE-2017-255.NASL", "OPENSUSE-2017-256.NASL", "OPENSUSE-2017-284.NASL", "OPENSUSE-2017-442.NASL", "OPENSUSE-2017-866.NASL", "OPENSUSE-2018-1019.NASL", "OPENSUSE-2018-1041.NASL", "OPENSUSE-2018-1043.NASL", "OPENSUSE-2018-1047.NASL", "OPENSUSE-2018-1091.NASL", "OPENSUSE-2018-1109.NASL", "OPENSUSE-2018-1110.NASL", "OPENSUSE-2018-1129.NASL", "OPENSUSE-2018-116.NASL", "OPENSUSE-2018-1178.NASL", "OPENSUSE-2018-118.NASL", "OPENSUSE-2018-1276.NASL", "OPENSUSE-2018-1330.NASL", "OPENSUSE-2018-1331.NASL", "OPENSUSE-2018-1378.NASL", "OPENSUSE-2018-1464.NASL", "OPENSUSE-2018-1465.NASL", "OPENSUSE-2018-1504.NASL", "OPENSUSE-2018-1518.NASL", "OPENSUSE-2018-1529.NASL", "OPENSUSE-2018-153.NASL", "OPENSUSE-2018-1540.NASL", "OPENSUSE-2018-156.NASL", "OPENSUSE-2018-1618.NASL", "OPENSUSE-2018-1624.NASL", "OPENSUSE-2018-168.NASL", "OPENSUSE-2018-169.NASL", "OPENSUSE-2018-184.NASL", "OPENSUSE-2018-2.NASL", "OPENSUSE-2018-3.NASL", "OPENSUSE-2018-32.NASL", "OPENSUSE-2018-325.NASL", "OPENSUSE-2018-361.NASL", "OPENSUSE-2018-389.NASL", "OPENSUSE-2018-454.NASL", "OPENSUSE-2018-5.NASL", "OPENSUSE-2018-517.NASL", "OPENSUSE-2018-567.NASL", "OPENSUSE-2018-599.NASL", "OPENSUSE-2018-600.NASL", "OPENSUSE-2018-601.NASL", "OPENSUSE-2018-667.NASL", "OPENSUSE-2018-704.NASL", "OPENSUSE-2018-762.NASL", "OPENSUSE-2018-763.NASL", "OPENSUSE-2018-769.NASL", "OPENSUSE-2018-776.NASL", "OPENSUSE-2018-777.NASL", "OPENSUSE-2018-788.NASL", "OPENSUSE-2018-794.NASL", "OPENSUSE-2018-795.NASL", "OPENSUSE-2018-807.NASL", "OPENSUSE-2018-823.NASL", "OPENSUSE-2018-844.NASL", "OPENSUSE-2018-885.NASL", "OPENSUSE-2018-886.NASL", "OPENSUSE-2018-887.NASL", "OPENSUSE-2018-910.NASL", "OPENSUSE-2018-911.NASL", "OPENSUSE-2018-938.NASL", "OPENSUSE-2018-991.NASL", "OPENSUSE-2018-997.NASL", "OPENSUSE-2019-1039.NASL", "OPENSUSE-2019-1046.NASL", "OPENSUSE-2019-1076.NASL", "OPENSUSE-2019-1105.NASL", "OPENSUSE-2019-1173.NASL", "OPENSUSE-2019-1175.NASL", "OPENSUSE-2019-1327.NASL", "OPENSUSE-2019-138.NASL", "OPENSUSE-2019-1399.NASL", "OPENSUSE-2019-1432.NASL", "OPENSUSE-2019-1438.NASL", "OPENSUSE-2019-1439.NASL", "OPENSUSE-2019-1500.NASL", "OPENSUSE-2019-152.NASL", "OPENSUSE-2019-1547.NASL", "OPENSUSE-2019-1637.NASL", "OPENSUSE-2019-173.NASL", "OPENSUSE-2019-174.NASL", "OPENSUSE-2019-1758.NASL", "OPENSUSE-2019-1814.NASL", "OPENSUSE-2019-183.NASL", "OPENSUSE-2019-1913.NASL", "OPENSUSE-2019-1915.NASL", "OPENSUSE-2019-234.NASL", "OPENSUSE-2019-296.NASL", "OPENSUSE-2019-305.NASL", "OPENSUSE-2019-418.NASL", "OPENSUSE-2019-422.NASL", "OPENSUSE-2019-423.NASL", "OPENSUSE-2019-481.NASL", "OPENSUSE-2019-536.NASL", "OPENSUSE-2019-539.NASL", "OPENSUSE-2019-540.NASL", "OPENSUSE-2019-546.NASL", "OPENSUSE-2019-549.NASL", "OPENSUSE-2019-550.NASL", "OPENSUSE-2019-563.NASL", "OPENSUSE-2019-618.NASL", "OPENSUSE-2019-622.NASL", "OPENSUSE-2019-631.NASL", "OPENSUSE-2019-718.NASL", "OPENSUSE-2019-751.NASL", "OPENSUSE-2019-753.NASL", "OPENSUSE-2019-770.NASL", "OPENSUSE-2019-791.NASL", "OPENSUSE-2019-84.NASL", "OPENSUSE-2019-863.NASL", "OPENSUSE-2019-88.NASL", "OPENSUSE-2019-91.NASL", "OPENSUSE-2019-93.NASL", "OPENSUSE-2019-956.NASL", "OPENSUSE-2019-97.NASL", "OPENSUSE-2019-972.NASL", "OPENSUSE-2019-98.NASL", "OPENSUSE-2019-985.NASL", "OPENSUSE-2019-998.NASL", "OPENSUSE-2020-395.NASL", "OPENSUSE-2020-607.NASL", "OPENSUSE-2021-1212.NASL", "OPENSUSE-2021-2861.NASL", "ORACLELINUX_ELSA-2014-0348.NASL", "ORACLELINUX_ELSA-2014-0474.NASL", "ORACLELINUX_ELSA-2016-2599.NASL", "ORACLELINUX_ELSA-2017-0286.NASL", "ORACLELINUX_ELSA-2017-1809.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2017-2486.NASL", "ORACLELINUX_ELSA-2017-2882.NASL", "ORACLELINUX_ELSA-2017-2972.NASL", "ORACLELINUX_ELSA-2017-3080.NASL", "ORACLELINUX_ELSA-2017-3081.NASL", "ORACLELINUX_ELSA-2018-0007.NASL", "ORACLELINUX_ELSA-2018-0008.NASL", "ORACLELINUX_ELSA-2018-0151.NASL", "ORACLELINUX_ELSA-2018-0512.NASL", "ORACLELINUX_ELSA-2018-0592.NASL", "ORACLELINUX_ELSA-2018-0998.NASL", "ORACLELINUX_ELSA-2018-1062.NASL", "ORACLELINUX_ELSA-2018-1319.NASL", "ORACLELINUX_ELSA-2018-2384.NASL", "ORACLELINUX_ELSA-2018-2390.NASL", "ORACLELINUX_ELSA-2018-2768.NASL", "ORACLELINUX_ELSA-2018-2898.NASL", "ORACLELINUX_ELSA-2018-3083.NASL", "ORACLELINUX_ELSA-2018-3090.NASL", "ORACLELINUX_ELSA-2018-3221.NASL", "ORACLELINUX_ELSA-2018-4004.NASL", "ORACLELINUX_ELSA-2018-4006.NASL", "ORACLELINUX_ELSA-2018-4011.NASL", "ORACLELINUX_ELSA-2018-4017.NASL", "ORACLELINUX_ELSA-2018-4020.NASL", "ORACLELINUX_ELSA-2018-4022.NASL", "ORACLELINUX_ELSA-2018-4025.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4088.NASL", "ORACLELINUX_ELSA-2018-4089.NASL", "ORACLELINUX_ELSA-2018-4109.NASL", "ORACLELINUX_ELSA-2018-4110.NASL", "ORACLELINUX_ELSA-2018-4195.NASL", "ORACLELINUX_ELSA-2018-4196.NASL", "ORACLELINUX_ELSA-2018-4200.NASL", "ORACLELINUX_ELSA-2018-4210.NASL", "ORACLELINUX_ELSA-2018-4211.NASL", "ORACLELINUX_ELSA-2018-4214.NASL", "ORACLELINUX_ELSA-2018-4215.NASL", "ORACLELINUX_ELSA-2018-4228.NASL", "ORACLELINUX_ELSA-2018-4242.NASL", "ORACLELINUX_ELSA-2018-4245.NASL", "ORACLELINUX_ELSA-2018-4248.NASL", "ORACLELINUX_ELSA-2018-4249.NASL", "ORACLELINUX_ELSA-2018-4250.NASL", "ORACLELINUX_ELSA-2018-4301.NASL", "ORACLELINUX_ELSA-2018-4307.NASL", "ORACLELINUX_ELSA-2019-0049.NASL", "ORACLELINUX_ELSA-2019-0201.NASL", "ORACLELINUX_ELSA-2019-0483.NASL", "ORACLELINUX_ELSA-2019-0485.NASL", "ORACLELINUX_ELSA-2019-0774.NASL", "ORACLELINUX_ELSA-2019-0775.NASL", "ORACLELINUX_ELSA-2019-0778.NASL", "ORACLELINUX_ELSA-2019-0790.NASL", "ORACLELINUX_ELSA-2019-0791.NASL", "ORACLELINUX_ELSA-2019-1146.NASL", "ORACLELINUX_ELSA-2019-1518.NASL", "ORACLELINUX_ELSA-2019-1529.NASL", "ORACLELINUX_ELSA-2019-2471.NASL", "ORACLELINUX_ELSA-2019-2511.NASL", "ORACLELINUX_ELSA-2019-4316.NASL", "ORACLELINUX_ELSA-2020-4751.NASL", "ORACLELINUX_ELSA-2021-1675.NASL", "ORACLELINUX_ELSA-2021-1809.NASL", "ORACLELINUX_ELSA-2022-9419.NASL", "ORACLEVM_OVMSA-2017-0042.NASL", "ORACLEVM_OVMSA-2018-0005.NASL", "ORACLEVM_OVMSA-2018-0006.NASL", "ORACLEVM_OVMSA-2018-0007.NASL", "ORACLEVM_OVMSA-2018-0008.NASL", "ORACLEVM_OVMSA-2018-0010.NASL", "ORACLEVM_OVMSA-2018-0012.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0016.NASL", "ORACLEVM_OVMSA-2018-0017.NASL", "ORACLEVM_OVMSA-2018-0020.NASL", "ORACLEVM_OVMSA-2018-0021.NASL", "ORACLEVM_OVMSA-2018-0029.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "ORACLEVM_OVMSA-2018-0218.NASL", "ORACLEVM_OVMSA-2018-0224.NASL", "ORACLEVM_OVMSA-2018-0246.NASL", "ORACLEVM_OVMSA-2018-0247.NASL", "ORACLEVM_OVMSA-2018-0248.NASL", "ORACLEVM_OVMSA-2018-0251.NASL", "ORACLEVM_OVMSA-2018-0254.NASL", "ORACLEVM_OVMSA-2018-0264.NASL", "ORACLEVM_OVMSA-2018-0271.NASL", "ORACLEVM_OVMSA-2018-0272.NASL", "ORACLEVM_OVMSA-2018-0282.NASL", "ORACLEVM_OVMSA-2019-0040.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "ORACLE_ACCESS_MANAGER_CPU_JAN_2018.NASL", "ORACLE_BI_PUBLISHER_APR_2019_CPU.NASL", "ORACLE_BI_PUBLISHER_APR_2020_CPU.NASL", "ORACLE_BI_PUBLISHER_JAN_2020_CPU.NASL", "ORACLE_BI_PUBLISHER_JUL_2017_CPU.NASL", "ORACLE_BI_PUBLISHER_JUL_2019_CPU.NASL", "ORACLE_BI_PUBLISHER_OCT_2018_CPU.NASL", "ORACLE_BI_PUBLISHER_OCT_2019_CPU.NASL", "ORACLE_E-BUSINESS_CPU_APR_2019.NASL", "ORACLE_E-BUSINESS_CPU_JAN_2018.NASL", "ORACLE_EDQ_OCT_2014_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_JAN_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_JAN_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OCT_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OCT_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2019_CPU.NASL", "ORACLE_GOLDENGATE_CPU_OCT_2021.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_JAN_2019.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_OCT_2018.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_OCT_2019.NASL", "ORACLE_HTTP_SERVER_CPU_APR_2019.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_APR_2020.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_OCT_2014.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_OCT_2018.NASL", "ORACLE_JAVA_CPU_APR_2019.NASL", "ORACLE_JAVA_CPU_APR_2019_UNIX.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_APR_2019.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JAN_2018.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JUL_2018.NASL", "ORACLE_NOSQL_CPU_OCT_2019.NASL", "ORACLE_OAAM_CPU_OCT_2014.NASL", "ORACLE_OATS_CPU_JAN_2019.NASL", "ORACLE_OATS_CPU_JAN_2020.NASL", "ORACLE_OATS_CPU_JUL_2018.NASL", "ORACLE_OATS_CPU_JUL_2019.NASL", "ORACLE_OATS_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JAN_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2019.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_OCT_2018.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_JAN_2019.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_OCT_2018.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2018.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2018.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2018.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2020.NASL", "ORACLE_RDBMS_CPU_APR_2019.NASL", "ORACLE_RDBMS_CPU_APR_2020.NASL", "ORACLE_RDBMS_CPU_JAN_2018.NASL", "ORACLE_RDBMS_CPU_JUL_2020.NASL", "ORACLE_RDBMS_CPU_OCT_2017.NASL", "ORACLE_RDBMS_CPU_OCT_2018.NASL", "ORACLE_RDBMS_CPU_OCT_2019.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2017_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2019_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2018_CPU.NASL", "ORACLE_TUXEDO_CPU_APR_2018.NASL", "ORACLE_TUXEDO_CPU_APR_2019.NASL", "ORACLE_TUXEDO_CPU_JUL_2018.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2018.NBIN", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2019.NBIN", "ORACLE_WEBCENTER_PORTAL_CPU_JAN_2018.NBIN", "ORACLE_WEBCENTER_PORTAL_CPU_JAN_2019.NBIN", "ORACLE_WEBCENTER_PORTAL_CPU_JUL_2018.NBIN", "ORACLE_WEBCENTER_SITES_APR_2018_CPU.NASL", "ORACLE_WEBCENTER_SITES_APR_2019_CPU.NASL", "ORACLE_WEBCENTER_SITES_JAN_2016_CPU.NASL", "ORACLE_WEBCENTER_SITES_JUL_2019_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2017.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2016.NBIN", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2014.NBIN", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2021.NASL", "PALO_ALTO_PAN-OS_7_0_15.NASL", "PALO_ALTO_PAN-SA-2018-0015.NASL", "PALO_ALTO_PAN-SA-2019-0039.NASL", "PALO_ALTO_PAN-SA-2020-0002.NASL", "PFSENSE_SA-17_07.NASL", "PFSENSE_SA-17_11.NASL", "PFSENSE_SA-18_03.NASL", "PFSENSE_SA-18_08.NASL", "PHOTONOS_PHSA-2017-0017.NASL", "PHOTONOS_PHSA-2017-0017_FREETYPE2.NASL", "PHOTONOS_PHSA-2017-0041.NASL", "PHOTONOS_PHSA-2017-0041_FREETYPE2.NASL", "PHOTONOS_PHSA-2017-0042.NASL", "PHOTONOS_PHSA-2017-0042_LINUX.NASL", "PHOTONOS_PHSA-2017-0042_OPENSSL.NASL", "PHOTONOS_PHSA-2017-0043.NASL", "PHOTONOS_PHSA-2017-0043_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0097-A.NASL", "PHOTONOS_PHSA-2018-1_0-0097-A_OPENSSL.NASL", "PHOTONOS_PHSA-2018-1_0-0097.NASL", "PHOTONOS_PHSA-2018-1_0-0097_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0098.NASL", "PHOTONOS_PHSA-2018-1_0-0098_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0111.NASL", "PHOTONOS_PHSA-2018-1_0-0111_GLIBC.NASL", "PHOTONOS_PHSA-2018-1_0-0149.NASL", "PHOTONOS_PHSA-2018-1_0-0149_OPENSSL.NASL", "PHOTONOS_PHSA-2018-1_0-0156.NASL", "PHOTONOS_PHSA-2018-1_0-0156_REDIS.NASL", "PHOTONOS_PHSA-2018-1_0-0159.NASL", "PHOTONOS_PHSA-2018-1_0-0159_GLIBC.NASL", "PHOTONOS_PHSA-2018-1_0-0175_OPENSSL.NASL", "PHOTONOS_PHSA-2018-1_0-0180.NASL", "PHOTONOS_PHSA-2018-1_0-0180_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0182.NASL", "PHOTONOS_PHSA-2018-1_0-0182_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2018-1_0-0199_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0010-A.NASL", "PHOTONOS_PHSA-2018-2_0-0010-A_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0010.NASL", "PHOTONOS_PHSA-2018-2_0-0010_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0011.NASL", "PHOTONOS_PHSA-2018-2_0-0011_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0020.NASL", "PHOTONOS_PHSA-2018-2_0-0020_GLIBC.NASL", "PHOTONOS_PHSA-2018-2_0-0066.NASL", "PHOTONOS_PHSA-2018-2_0-0066_GLIBC.NASL", "PHOTONOS_PHSA-2018-2_0-0070.NASL", "PHOTONOS_PHSA-2018-2_0-0070_REDIS.NASL", "PHOTONOS_PHSA-2018-2_0-0078.NASL", "PHOTONOS_PHSA-2018-2_0-0078_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0084.NASL", "PHOTONOS_PHSA-2018-2_0-0084_OPENSSL.NASL", "PHOTONOS_PHSA-2018-2_0-0088.NASL", "PHOTONOS_PHSA-2018-2_0-0088_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0091.NASL", "PHOTONOS_PHSA-2018-2_0-0091_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2019-1_0-0203_HTTPD.NASL", "PHOTONOS_PHSA-2019-1_0-0205_SYSTEMD.NASL", "PHOTONOS_PHSA-2019-1_0-0209_CURL.NASL", "PHOTONOS_PHSA-2019-1_0-0230_HTTPD.NASL", "PHOTONOS_PHSA-2019-1_0-0239_NSS.NASL", "PHOTONOS_PHSA-2019-2_0-0131_CURL.NASL", "PHOTONOS_PHSA-2019-2_0-0152_MYSQL.NASL", "PHOTONOS_PHSA-2019-2_0-0157_HTTPD.NASL", "PHOTONOS_PHSA-2019-2_0-0160_MYSQL.NASL", "PHOTONOS_PHSA-2019-2_0-0164_NSS.NASL", "PHOTONOS_PHSA-2019-2_0-0171_CURL.NASL", "PHOTONOS_PHSA-2019-3_0-0015_MYSQL.NASL", "PHOTONOS_PHSA-2019-3_0-0020_NSS.NASL", "PHOTONOS_PHSA-2020-1_0-0290_OPENJDK11.NASL", "PHOTONOS_PHSA-2020-1_0-0298_NODEJS.NASL", "PHOTONOS_PHSA-2020-2_0-0210_NODEJS.NASL", "PHOTONOS_PHSA-2020-2_0-0235_OPENJDK11.NASL", "PHOTONOS_PHSA-2020-2_0-0288_ICU.NASL", "PHOTONOS_PHSA-2020-3_0-0084_OPENJDK11.NASL", "PHP_5_5_38.NASL", "PHP_5_6_24.NASL", "PHP_7_0_9.NASL", "PULSE_CONNECT_SECURE-SA44601.NASL", "PULSE_POLICY_SECURE-SA44601.NASL", "PVS_5_2_0.NASL", "RANCHEROS_1_1_3.NASL", "RANCHEROS_1_4_0.NASL", "RANCHEROS_1_4_1.NASL", "REDHAT-RHSA-2014-0348.NASL", "REDHAT-RHSA-2014-0453.NASL", "REDHAT-RHSA-2014-0474.NASL", "REDHAT-RHSA-2014-0500.NASL", "REDHAT-RHSA-2014-0591.NASL", "REDHAT-RHSA-2015-0093.NASL", "REDHAT-RHSA-2016-1328.NASL", "REDHAT-RHSA-2016-1330.NASL", "REDHAT-RHSA-2016-1332.NASL", "REDHAT-RHSA-2016-1432.NASL", "REDHAT-RHSA-2016-1433.NASL", "REDHAT-RHSA-2016-1434.NASL", "REDHAT-RHSA-2016-2069.NASL", "REDHAT-RHSA-2016-2072.NASL", "REDHAT-RHSA-2016-2599.NASL", "REDHAT-RHSA-2016-2807.NASL", "REDHAT-RHSA-2017-0286.NASL", "REDHAT-RHSA-2017-0455.NASL", "REDHAT-RHSA-2017-0456.NASL", "REDHAT-RHSA-2017-1801.NASL", "REDHAT-RHSA-2017-1809.NASL", "REDHAT-RHSA-2017-1834.NASL", "REDHAT-RHSA-2017-1835.NASL", "REDHAT-RHSA-2017-1837.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2017-2486.NASL", "REDHAT-RHSA-2017-2493.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2808.NASL", "REDHAT-RHSA-2017-2809.NASL", "REDHAT-RHSA-2017-2811.NASL", "REDHAT-RHSA-2017-2882.NASL", "REDHAT-RHSA-2017-2972.NASL", "REDHAT-RHSA-2017-3080.NASL", "REDHAT-RHSA-2017-3081.NASL", "REDHAT-RHSA-2017-3113.NASL", "REDHAT-RHSA-2017-3141.NASL", "REDHAT-RHSA-2017-3189.NASL", "REDHAT-RHSA-2017-3193.NASL", "REDHAT-RHSA-2017-3194.NASL", "REDHAT-RHSA-2017-3195.NASL", "REDHAT-RHSA-2017-3240.NASL", "REDHAT-RHSA-2017-3399.NASL", "REDHAT-RHSA-2017-3454.NASL", "REDHAT-RHSA-2017-3455.NASL", "REDHAT-RHSA-2017-3458.NASL", "REDHAT-RHSA-2017-3476.NASL", "REDHAT-RHSA-2017-3477.NASL", "REDHAT-RHSA-2018-0007.NASL", "REDHAT-RHSA-2018-0008.NASL", "REDHAT-RHSA-2018-0009.NASL", "REDHAT-RHSA-2018-0010.NASL", "REDHAT-RHSA-2018-0011.NASL", "REDHAT-RHSA-2018-0016.NASL", "REDHAT-RHSA-2018-0017.NASL", "REDHAT-RHSA-2018-0018.NASL", "REDHAT-RHSA-2018-0020.NASL", "REDHAT-RHSA-2018-0021.NASL", "REDHAT-RHSA-2018-0022.NASL", "REDHAT-RHSA-2018-0044.NASL", "REDHAT-RHSA-2018-0045.NASL", "REDHAT-RHSA-2018-0046.NASL", "REDHAT-RHSA-2018-0047.NASL", "REDHAT-RHSA-2018-0116.NASL", "REDHAT-RHSA-2018-0151.NASL", "REDHAT-RHSA-2018-0182.NASL", "REDHAT-RHSA-2018-0268.NASL", "REDHAT-RHSA-2018-0270.NASL", "REDHAT-RHSA-2018-0275.NASL", "REDHAT-RHSA-2018-0292.NASL", "REDHAT-RHSA-2018-0342.NASL", "REDHAT-RHSA-2018-0466.NASL", "REDHAT-RHSA-2018-0479.NASL", "REDHAT-RHSA-2018-0480.NASL", "REDHAT-RHSA-2018-0481.NASL", "REDHAT-RHSA-2018-0496.NASL", "REDHAT-RHSA-2018-0512.NASL", "REDHAT-RHSA-2018-0592.NASL", "REDHAT-RHSA-2018-0627.NASL", "REDHAT-RHSA-2018-0628.NASL", "REDHAT-RHSA-2018-0654.NASL", "REDHAT-RHSA-2018-0676.NASL", "REDHAT-RHSA-2018-0998.NASL", "REDHAT-RHSA-2018-1062.NASL", "REDHAT-RHSA-2018-1129.NASL", "REDHAT-RHSA-2018-1130.NASL", "REDHAT-RHSA-2018-1170.NASL", "REDHAT-RHSA-2018-1247.NASL", "REDHAT-RHSA-2018-1248.NASL", "REDHAT-RHSA-2018-1249.NASL", "REDHAT-RHSA-2018-1319.NASL", "REDHAT-RHSA-2018-1346.NASL", "REDHAT-RHSA-2018-1349.NASL", "REDHAT-RHSA-2018-1350.NASL", "REDHAT-RHSA-2018-1351.NASL", "REDHAT-RHSA-2018-1374.NASL", "REDHAT-RHSA-2018-1448.NASL", "REDHAT-RHSA-2018-1449.NASL", "REDHAT-RHSA-2018-1451.NASL", "REDHAT-RHSA-2018-1525.NASL", "REDHAT-RHSA-2018-2089.NASL", "REDHAT-RHSA-2018-2090.NASL", "REDHAT-RHSA-2018-2185.NASL", "REDHAT-RHSA-2018-2186.NASL", "REDHAT-RHSA-2018-2384.NASL", "REDHAT-RHSA-2018-2387.NASL", "REDHAT-RHSA-2018-2388.NASL", "REDHAT-RHSA-2018-2389.NASL", "REDHAT-RHSA-2018-2390.NASL", "REDHAT-RHSA-2018-2391.NASL", "REDHAT-RHSA-2018-2392.NASL", "REDHAT-RHSA-2018-2393.NASL", "REDHAT-RHSA-2018-2394.NASL", "REDHAT-RHSA-2018-2395.NASL", "REDHAT-RHSA-2018-2396.NASL", "REDHAT-RHSA-2018-2402.NASL", "REDHAT-RHSA-2018-2403.NASL", "REDHAT-RHSA-2018-2404.NASL", "REDHAT-RHSA-2018-2423.NASL", "REDHAT-RHSA-2018-2424.NASL", "REDHAT-RHSA-2018-2552.NASL", "REDHAT-RHSA-2018-2553.NASL", "REDHAT-RHSA-2018-2568.NASL", "REDHAT-RHSA-2018-2569.NASL", "REDHAT-RHSA-2018-2575.NASL", "REDHAT-RHSA-2018-2576.NASL", "REDHAT-RHSA-2018-2643.NASL", "REDHAT-RHSA-2018-2712.NASL", "REDHAT-RHSA-2018-2713.NASL", "REDHAT-RHSA-2018-2768.NASL", "REDHAT-RHSA-2018-2868.NASL", "REDHAT-RHSA-2018-2898.NASL", "REDHAT-RHSA-2018-2927.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2018-3083.NASL", "REDHAT-RHSA-2018-3090.NASL", "REDHAT-RHSA-2018-3092.NASL", "REDHAT-RHSA-2018-3096.NASL", "REDHAT-RHSA-2018-3221.NASL", "REDHAT-RHSA-2019-0049.NASL", "REDHAT-RHSA-2019-0131.NASL", "REDHAT-RHSA-2019-0201.NASL", "REDHAT-RHSA-2019-0204.NASL", "REDHAT-RHSA-2019-0271.NASL", "REDHAT-RHSA-2019-0342.NASL", "REDHAT-RHSA-2019-0361.NASL", "REDHAT-RHSA-2019-0367.NASL", "REDHAT-RHSA-2019-0451.NASL", "REDHAT-RHSA-2019-0483.NASL", "REDHAT-RHSA-2019-0485.NASL", "REDHAT-RHSA-2019-0774.NASL", "REDHAT-RHSA-2019-0775.NASL", "REDHAT-RHSA-2019-0778.NASL", "REDHAT-RHSA-2019-0790.NASL", "REDHAT-RHSA-2019-0791.NASL", "REDHAT-RHSA-2019-1107.NASL", "REDHAT-RHSA-2019-1108.NASL", "REDHAT-RHSA-2019-1146.NASL", "REDHAT-RHSA-2019-1160.NASL", "REDHAT-RHSA-2019-1161.NASL", "REDHAT-RHSA-2019-1163.NASL", "REDHAT-RHSA-2019-1164.NASL", "REDHAT-RHSA-2019-1165.NASL", "REDHAT-RHSA-2019-1166.NASL", "REDHAT-RHSA-2019-1238.NASL", "REDHAT-RHSA-2019-1297.NASL", "REDHAT-RHSA-2019-1325.NASL", "REDHAT-RHSA-2019-1483.NASL", "REDHAT-RHSA-2019-1487.NASL", "REDHAT-RHSA-2019-1518.NASL", "REDHAT-RHSA-2019-1529.NASL", "REDHAT-RHSA-2019-1711.NASL", "REDHAT-RHSA-2019-1946.NASL", "REDHAT-RHSA-2019-2125.NASL", "REDHAT-RHSA-2019-2205.NASL", "REDHAT-RHSA-2019-2237.NASL", "REDHAT-RHSA-2019-2304.NASL", "REDHAT-RHSA-2019-2327.NASL", "REDHAT-RHSA-2019-2402.NASL", "REDHAT-RHSA-2019-2437.NASL", "REDHAT-RHSA-2019-2439.NASL", "REDHAT-RHSA-2019-2471.NASL", "REDHAT-RHSA-2019-2511.NASL", "REDHAT-RHSA-2019-3700.NASL", "REDHAT-RHSA-2019-3701.NASL", "REDHAT-RHSA-2019-3702.NASL", "REDHAT-RHSA-2019-3708.NASL", "REDHAT-RHSA-2019-3929.NASL", "REDHAT-RHSA-2019-3932.NASL", "REDHAT-RHSA-2019-3933.NASL", "REDHAT-RHSA-2020-0036.NASL", "REDHAT-RHSA-2020-0174.NASL", "REDHAT-RHSA-2020-1121.NASL", "REDHAT-RHSA-2020-1267.NASL", "REDHAT-RHSA-2020-1345.NASL", "REDHAT-RHSA-2020-1461.NASL", "REDHAT-RHSA-2020-3936.NASL", "REDHAT-RHSA-2020-4670.NASL", "REDHAT-RHSA-2020-4751.NASL", "REDHAT-RHSA-2020-4847.NASL", "REDHAT-RHSA-2020-5663.NASL", "REDHAT-RHSA-2021-1675.NASL", "REDHAT-RHSA-2021-1809.NASL", "REDIS_4_0_10.NASL", "SECURITYCENTER_5_4_1.NASL", "SECURITYCENTER_5_4_3_TNS_2017_04.NASL", "SECURITYCENTER_5_7_1_TNS_2018_12.NASL", "SECURITYCENTER_5_8_0_TNS_2018_15.NASL", "SECURITYCENTER_OPENSSL_1_0_2K.NASL", "SECURITYCENTER_OPENSSL_1_0_2M.NASL", "SECURITYCENTER_OPENSSL_1_0_2N.NASL", "SLACKWARE_SSA_2017-041-02.NASL", "SLACKWARE_SSA_2017-136-01.NASL", "SLACKWARE_SSA_2017-261-01.NASL", "SLACKWARE_SSA_2017-306-02.NASL", "SLACKWARE_SSA_2017-342-01.NASL", "SLACKWARE_SSA_2018-016-01.NASL", "SLACKWARE_SSA_2018-057-01.NASL", "SLACKWARE_SSA_2018-087-01.NASL", "SLACKWARE_SSA_2018-142-01.NASL", "SLACKWARE_SSA_2018-164-01.NASL", "SLACKWARE_SSA_2018-226-01.NASL", "SLACKWARE_SSA_2018-240-01.NASL", "SLACKWARE_SSA_2018-325-01.NASL", "SLACKWARE_SSA_2018-337-01.NASL", "SLACKWARE_SSA_2019-022-01.NASL", "SLACKWARE_SSA_2019-037-01.NASL", "SLACKWARE_SSA_2019-057-01.NASL", "SL_20140401_XALAN_J2_ON_SL5_X.NASL", "SL_20140507_STRUTS_ON_SL5_X.NASL", "SL_20161103_TOMCAT_ON_SL7_X.NASL", "SL_20170220_OPENSSL_ON_SL6_X.NASL", "SL_20170727_TOMCAT_ON_SL7_X.NASL", "SL_20170807_LOG4J_ON_SL7_X.NASL", "SL_20171011_HTTPD_ON_SL7_X.NASL", "SL_20171019_HTTPD_ON_SL6_X.NASL", "SL_20171030_TOMCAT6_ON_SL6_X.NASL", "SL_20171030_TOMCAT_ON_SL7_X.NASL", "SL_20180103_KERNEL_ON_SL6_X.NASL", "SL_20180103_KERNEL_ON_SL7_X.NASL", "SL_20180125_KERNEL_ON_SL7_X.NASL", "SL_20180313_KERNEL_ON_SL6_X.NASL", "SL_20180326_SLF4J_ON_SL7_X.NASL", "SL_20180410_KERNEL_ON_SL7_X.NASL", "SL_20180410_OPENSSL_ON_SL7_X.NASL", "SL_20180508_KERNEL_ON_SL6_X.NASL", "SL_20180814_KERNEL_ON_SL6_X.NASL", "SL_20180814_KERNEL_ON_SL7_X.NASL", "SL_20180925_NSS_ON_SL7_X.NASL", "SL_20181009_NSS_ON_SL6_X.NASL", "SL_20181030_GLIBC_ON_SL7_X.NASL", "SL_20181030_KERNEL_ON_SL7_X.NASL", "SL_20181030_OPENSSL_ON_SL7_X.NASL", "SL_20181030_OVMF_ON_ON_SL7_X.NASL", "SL_20190114_SYSTEMD_ON_SL7_X.NASL", "SL_20190129_SYSTEMD_ON_SL7_X.NASL", "SL_20190313_OPENSSL_ON_SL7_X.NASL", "SL_20190313_TOMCAT_ON_SL7_X.NASL", "SL_20190417_JAVA_11_OPENJDK_ON_SL7_X.NASL", "SL_20190417_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20190417_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SL_20190422_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "SL_20190422_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL", "SL_20190806_MARIADB_ON_SL7_X.NASL", "SL_20190806_NSS__NSS_SOFTOKN__NSS_UTIL__AND_NSPR_ON_SL7_X.NASL", "SL_20190806_OPENSSL_ON_SL7_X.NASL", "SL_20190806_OVMF_ON_SL7_X.NASL", "SL_20190806_TOMCAT_ON_SL7_X.NASL", "SL_20190813_OPENSSL_ON_SL6_X.NASL", "SL_20200407_HTTPD_ON_SL7_X.NASL", "SL_20201001_IPA_ON_SL7_X.NASL", "SMB_ADV180002_MSSQL.NASL", "SMB_NT_MS18_APR_4093112.NASL", "SMB_NT_MS18_AUG_4343885.NASL", "SMB_NT_MS18_AUG_4343887.NASL", "SMB_NT_MS18_AUG_4343892.NASL", "SMB_NT_MS18_AUG_4343897.NASL", "SMB_NT_MS18_AUG_4343898.NASL", "SMB_NT_MS18_AUG_4343900.NASL", "SMB_NT_MS18_AUG_4343901.NASL", "SMB_NT_MS18_AUG_4343909.NASL", "SMB_NT_MS18_AUG_MICROCODE.NASL", "SMB_NT_MS18_AUG_WIN2008.NASL", "SMB_NT_MS18_FEB_4074590.NASL", "SMB_NT_MS18_FEB_4074591.NASL", "SMB_NT_MS18_FEB_4074592.NASL", "SMB_NT_MS18_FEB_4074596.NASL", "SMB_NT_MS18_JAN_4056888.NASL", "SMB_NT_MS18_JAN_4056890.NASL", "SMB_NT_MS18_JAN_4056891.NASL", "SMB_NT_MS18_JAN_4056892.NASL", "SMB_NT_MS18_JAN_4056893.NASL", "SMB_NT_MS18_JAN_4056897.NASL", "SMB_NT_MS18_JAN_4056898.NASL", "SMB_NT_MS18_MAR_4088875.NASL", "SMB_NT_MS18_MAR_4088876.NASL", "SMB_NT_MS18_MAR_4088877.NASL", "SMB_NT_MS19_FEB_OOB_MICROCODE.NASL", "SMB_NT_MS19_MAR_OOB_MICROCODE.NASL", "SOLARIS10_148104-29.NASL", "SOLARIS10_X86_148105-29.NASL", "SOLARIS_APR2018_SRU11_3_31_6_0.NASL", "SOLARIS_APR2019_SRU11_4_6_4_0.NASL", "SOLARIS_APR2019_SRU11_4_8_5_0.NASL", "SOLARIS_JAN2019_SRU11_4_3_5_0.NASL", "STRUTS_2_3_36_FILEUPLOAD.NASL", "STRUTS_2_5_12.NASL", "STRUTS_2_5_14_1.NASL", "STRUTS_CLASSLOADER_MANIPULATION.NASL", "SUN_JAVA_WEB_SERVER_7_0_27.NASL", "SUSE_11_XALAN-J2-140623.NASL", "SUSE_SU-2015-0458-1.NASL", "SUSE_SU-2015-1144-1.NASL", "SUSE_SU-2015-1790-1.NASL", "SUSE_SU-2015-1915-1.NASL", "SUSE_SU-2016-0324-1.NASL", "SUSE_SU-2016-1090-1.NASL", "SUSE_SU-2017-0256-1.NASL", "SUSE_SU-2017-0431-1.NASL", "SUSE_SU-2017-0441-1.NASL", "SUSE_SU-2017-0461-1.NASL", "SUSE_SU-2017-0855-1.NASL", "SUSE_SU-2017-2318-1.NASL", "SUSE_SU-2017-2542-1.NASL", "SUSE_SU-2017-2718-1.NASL", "SUSE_SU-2017-2756-1.NASL", "SUSE_SU-2017-2847-1.NASL", "SUSE_SU-2017-2907-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2017-2981-1.NASL", "SUSE_SU-2017-3169-1.NASL", "SUSE_SU-2017-3265-1.NASL", "SUSE_SU-2017-3343-1.NASL", "SUSE_SU-2017-3410-1.NASL", "SUSE_SU-2018-0002-1.NASL", "SUSE_SU-2018-0010-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0012-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0053-1.NASL", "SUSE_SU-2018-0069-1.NASL", "SUSE_SU-2018-0112-1.NASL", "SUSE_SU-2018-0113-1.NASL", "SUSE_SU-2018-0114-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-0131-1.NASL", "SUSE_SU-2018-0171-1.NASL", "SUSE_SU-2018-0179-1.NASL", "SUSE_SU-2018-0191-1.NASL", "SUSE_SU-2018-0219-1.NASL", "SUSE_SU-2018-0293-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0414-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0437-1.NASL", "SUSE_SU-2018-0438-1.NASL", "SUSE_SU-2018-0451-1.NASL", "SUSE_SU-2018-0462-1.NASL", "SUSE_SU-2018-0472-1.NASL", "SUSE_SU-2018-0525-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0565-1.NASL", "SUSE_SU-2018-0601-1.NASL", "SUSE_SU-2018-0609-1.NASL", "SUSE_SU-2018-0638-1.NASL", "SUSE_SU-2018-0660-1.NASL", "SUSE_SU-2018-0678-1.NASL", "SUSE_SU-2018-0834-1.NASL", "SUSE_SU-2018-0848-1.NASL", "SUSE_SU-2018-0902-1.NASL", "SUSE_SU-2018-0906-1.NASL", "SUSE_SU-2018-0909-1.NASL", "SUSE_SU-2018-0925-1.NASL", "SUSE_SU-2018-0975-1.NASL", "SUSE_SU-2018-0988-1.NASL", "SUSE_SU-2018-0989-1.NASL", "SUSE_SU-2018-0990-1.NASL", "SUSE_SU-2018-0991-1.NASL", "SUSE_SU-2018-0992-1.NASL", "SUSE_SU-2018-0993-1.NASL", "SUSE_SU-2018-0994-1.NASL", "SUSE_SU-2018-0995-1.NASL", "SUSE_SU-2018-0996-1.NASL", "SUSE_SU-2018-0999-1.NASL", "SUSE_SU-2018-1000-1.NASL", "SUSE_SU-2018-1001-1.NASL", "SUSE_SU-2018-1003-1.NASL", "SUSE_SU-2018-1004-1.NASL", "SUSE_SU-2018-1005-1.NASL", "SUSE_SU-2018-1006-1.NASL", "SUSE_SU-2018-1007-1.NASL", "SUSE_SU-2018-1008-1.NASL", "SUSE_SU-2018-1009-1.NASL", "SUSE_SU-2018-1010-1.NASL", "SUSE_SU-2018-1011-1.NASL", "SUSE_SU-2018-1012-1.NASL", "SUSE_SU-2018-1014-1.NASL", "SUSE_SU-2018-1015-1.NASL", "SUSE_SU-2018-1016-1.NASL", "SUSE_SU-2018-1018-1.NASL", "SUSE_SU-2018-1019-1.NASL", "SUSE_SU-2018-1021-1.NASL", "SUSE_SU-2018-1023-1.NASL", "SUSE_SU-2018-1025-1.NASL", "SUSE_SU-2018-1026-1.NASL", "SUSE_SU-2018-1029-1.NASL", "SUSE_SU-2018-1030-1.NASL", "SUSE_SU-2018-1031-1.NASL", "SUSE_SU-2018-1032-1.NASL", "SUSE_SU-2018-1033-1.NASL", "SUSE_SU-2018-1034-1.NASL", "SUSE_SU-2018-1035-1.NASL", "SUSE_SU-2018-1080-1.NASL", "SUSE_SU-2018-1172-1.NASL", "SUSE_SU-2018-1177-1.NASL", "SUSE_SU-2018-1181-1.NASL", "SUSE_SU-2018-1184-1.NASL", "SUSE_SU-2018-1202-1.NASL", "SUSE_SU-2018-1203-1.NASL", "SUSE_SU-2018-1216-1.NASL", "SUSE_SU-2018-1220-1.NASL", "SUSE_SU-2018-1221-1.NASL", "SUSE_SU-2018-1222-1.NASL", "SUSE_SU-2018-1224-1.NASL", "SUSE_SU-2018-1226-1.NASL", "SUSE_SU-2018-1227-1.NASL", "SUSE_SU-2018-1229-1.NASL", "SUSE_SU-2018-1230-1.NASL", "SUSE_SU-2018-1231-1.NASL", "SUSE_SU-2018-1232-1.NASL", "SUSE_SU-2018-1233-1.NASL", "SUSE_SU-2018-1234-1.NASL", "SUSE_SU-2018-1235-1.NASL", "SUSE_SU-2018-1236-1.NASL", "SUSE_SU-2018-1237-1.NASL", "SUSE_SU-2018-1241-1.NASL", "SUSE_SU-2018-1242-1.NASL", "SUSE_SU-2018-1243-1.NASL", "SUSE_SU-2018-1244-1.NASL", "SUSE_SU-2018-1245-1.NASL", "SUSE_SU-2018-1247-1.NASL", "SUSE_SU-2018-1250-1.NASL", "SUSE_SU-2018-1251-1.NASL", "SUSE_SU-2018-1253-1.NASL", "SUSE_SU-2018-1254-1.NASL", "SUSE_SU-2018-1255-1.NASL", "SUSE_SU-2018-1256-1.NASL", "SUSE_SU-2018-1257-1.NASL", "SUSE_SU-2018-1259-1.NASL", "SUSE_SU-2018-1261-1.NASL", "SUSE_SU-2018-1262-1.NASL", "SUSE_SU-2018-1264-1.NASL", "SUSE_SU-2018-1266-1.NASL", "SUSE_SU-2018-1267-1.NASL", "SUSE_SU-2018-1268-1.NASL", "SUSE_SU-2018-1269-1.NASL", "SUSE_SU-2018-1272-1.NASL", "SUSE_SU-2018-1273-1.NASL", "SUSE_SU-2018-1368-1.NASL", "SUSE_SU-2018-1376-1.NASL", "SUSE_SU-2018-1401-1.NASL", "SUSE_SU-2018-1401-2.NASL", "SUSE_SU-2018-1562-1.NASL", "SUSE_SU-2018-1562-2.NASL", "SUSE_SU-2018-1602-1.NASL", "SUSE_SU-2018-1603-1.NASL", "SUSE_SU-2018-1658-1.NASL", "SUSE_SU-2018-1699-1.NASL", "SUSE_SU-2018-1699-2.NASL", "SUSE_SU-2018-1887-1.NASL", "SUSE_SU-2018-1887-2.NASL", "SUSE_SU-2018-1968-1.NASL", "SUSE_SU-2018-1991-1.NASL", "SUSE_SU-2018-1993-1.NASL", "SUSE_SU-2018-2036-1.NASL", "SUSE_SU-2018-2041-1.NASL", "SUSE_SU-2018-2072-1.NASL", "SUSE_SU-2018-2089-1.NASL", "SUSE_SU-2018-2092-1.NASL", "SUSE_SU-2018-2158-1.NASL", "SUSE_SU-2018-2185-1.NASL", "SUSE_SU-2018-2187-1.NASL", "SUSE_SU-2018-2207-1.NASL", "SUSE_SU-2018-2302-1.NASL", "SUSE_SU-2018-2328-1.NASL", "SUSE_SU-2018-2331-1.NASL", "SUSE_SU-2018-2331-2.NASL", "SUSE_SU-2018-2332-1.NASL", "SUSE_SU-2018-2335-1.NASL", "SUSE_SU-2018-2338-1.NASL", "SUSE_SU-2018-2341-1.NASL", "SUSE_SU-2018-2342-1.NASL", "SUSE_SU-2018-2344-1.NASL", "SUSE_SU-2018-2344-2.NASL", "SUSE_SU-2018-2345-1.NASL", "SUSE_SU-2018-2346-1.NASL", "SUSE_SU-2018-2347-1.NASL", "SUSE_SU-2018-2348-1.NASL", "SUSE_SU-2018-2349-1.NASL", "SUSE_SU-2018-2350-1.NASL", "SUSE_SU-2018-2351-1.NASL", "SUSE_SU-2018-2352-1.NASL", "SUSE_SU-2018-2353-1.NASL", "SUSE_SU-2018-2354-1.NASL", "SUSE_SU-2018-2355-1.NASL", "SUSE_SU-2018-2356-1.NASL", "SUSE_SU-2018-2358-1.NASL", "SUSE_SU-2018-2359-1.NASL", "SUSE_SU-2018-2362-1.NASL", "SUSE_SU-2018-2363-1.NASL", "SUSE_SU-2018-2364-1.NASL", "SUSE_SU-2018-2366-1.NASL", "SUSE_SU-2018-2367-1.NASL", "SUSE_SU-2018-2368-1.NASL", "SUSE_SU-2018-2369-1.NASL", "SUSE_SU-2018-2374-1.NASL", "SUSE_SU-2018-2380-1.NASL", "SUSE_SU-2018-2384-1.NASL", "SUSE_SU-2018-2387-1.NASL", "SUSE_SU-2018-2389-1.NASL", "SUSE_SU-2018-2391-1.NASL", "SUSE_SU-2018-2401-1.NASL", "SUSE_SU-2018-2409-1.NASL", "SUSE_SU-2018-2410-1.NASL", "SUSE_SU-2018-2410-2.NASL", "SUSE_SU-2018-2416-1.NASL", "SUSE_SU-2018-2452-2.NASL", "SUSE_SU-2018-2480-1.NASL", "SUSE_SU-2018-2482-1.NASL", "SUSE_SU-2018-2483-1.NASL", "SUSE_SU-2018-2486-1.NASL", "SUSE_SU-2018-2492-1.NASL", "SUSE_SU-2018-2528-1.NASL", "SUSE_SU-2018-2574-1.NASL", "SUSE_SU-2018-2583-1.NASL", "SUSE_SU-2018-2647-1.NASL", "SUSE_SU-2018-2649-1.NASL", "SUSE_SU-2018-2649-2.NASL", "SUSE_SU-2018-2683-1.NASL", "SUSE_SU-2018-2796-1.NASL", "SUSE_SU-2018-2812-1.NASL", "SUSE_SU-2018-2839-1.NASL", "SUSE_SU-2018-2839-2.NASL", "SUSE_SU-2018-2928-1.NASL", "SUSE_SU-2018-2928-2.NASL", "SUSE_SU-2018-2956-1.NASL", "SUSE_SU-2018-2965-1.NASL", "SUSE_SU-2018-3082-1.NASL", "SUSE_SU-2018-3101-1.NASL", "SUSE_SU-2018-3230-1.NASL", "SUSE_SU-2018-3490-1.NASL", "SUSE_SU-2018-3582-1.NASL", "SUSE_SU-2018-3582-2.NASL", "SUSE_SU-2018-3863-1.NASL", "SUSE_SU-2018-3864-1.NASL", "SUSE_SU-2018-3866-1.NASL", "SUSE_SU-2018-3945-1.NASL", "SUSE_SU-2018-3989-1.NASL", "SUSE_SU-2018-4001-1.NASL", "SUSE_SU-2018-4068-1.NASL", "SUSE_SU-2018-4235-1.NASL", "SUSE_SU-2018-4236-1.NASL", "SUSE_SU-2018-4274-1.NASL", "SUSE_SU-2018-4300-1.NASL", "SUSE_SU-2019-0053-1.NASL", "SUSE_SU-2019-0054-1.NASL", "SUSE_SU-2019-0117-1.NASL", "SUSE_SU-2019-0125-1.NASL", "SUSE_SU-2019-0126-1.NASL", "SUSE_SU-2019-0132-1.NASL", "SUSE_SU-2019-0135-1.NASL", "SUSE_SU-2019-0137-1.NASL", "SUSE_SU-2019-0197-1.NASL", "SUSE_SU-2019-0222-1.NASL", "SUSE_SU-2019-0248-1.NASL", "SUSE_SU-2019-0249-1.NASL", "SUSE_SU-2019-0273-1.NASL", "SUSE_SU-2019-0339-1.NASL", "SUSE_SU-2019-0395-1.NASL", "SUSE_SU-2019-0498-1.NASL", "SUSE_SU-2019-0504-1.NASL", "SUSE_SU-2019-0572-1.NASL", "SUSE_SU-2019-0600-1.NASL", "SUSE_SU-2019-0658-1.NASL", "SUSE_SU-2019-0765-1.NASL", "SUSE_SU-2019-0803-1.NASL", "SUSE_SU-2019-0818-1.NASL", "SUSE_SU-2019-0888-1.NASL", "SUSE_SU-2019-0889-1.NASL", "SUSE_SU-2019-1052-1.NASL", "SUSE_SU-2019-1211-1.NASL", "SUSE_SU-2019-1211-2.NASL", "SUSE_SU-2019-1219-1.NASL", "SUSE_SU-2019-1308-1.NASL", "SUSE_SU-2019-1308-2.NASL", "SUSE_SU-2019-1345-1.NASL", "SUSE_SU-2019-1362-1.NASL", "SUSE_SU-2019-1392-1.NASL", "SUSE_SU-2019-13931-1.NASL", "SUSE_SU-2019-14044-1.NASL", "SUSE_SU-2019-14059-1.NASL", "SUSE_SU-2019-14091-1.NASL", "SUSE_SU-2019-14092-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1553-1.NASL", "SUSE_SU-2019-1608-1.NASL", "SUSE_SU-2019-1644-1.NASL", "SUSE_SU-2019-2020-1.NASL", "SUSE_SU-2019-2330-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2687-1.NASL", "SUSE_SU-2020-0495-1.NASL", "SUSE_SU-2020-0737-1.NASL", "SUSE_SU-2021-14705-1.NASL", "SUSE_SU-2021-2861-1.NASL", "SUSE_SU-2021-2862-1.NASL", "SUSE_SU-2021-3929-1.NASL", "SYMANTEC_CONTENT_ANALYSIS_SYMSA1419.NASL", "SYMANTEC_CONTENT_ANALYSIS_SYMSA1463.NASL", "SYMANTEC_PROXY_SG_SA1462.NASL", "TENABLE_NESSUS_AGENT_TNS_2019_03.NASL", "TOMCAT_6_0_24.NASL", "TOMCAT_7_0_70.NASL", "TOMCAT_7_0_81.NASL", "TOMCAT_7_0_82.NASL", "TOMCAT_7_0_85.NASL", "TOMCAT_7_0_89.NASL", "TOMCAT_7_0_91.NASL", "TOMCAT_8_0_47.NASL", "TOMCAT_8_0_50.NASL", "TOMCAT_8_0_53.NASL", "TOMCAT_8_5_15.NASL", "TOMCAT_8_5_23.NASL", "TOMCAT_8_5_28.NASL", "TOMCAT_8_5_32.NASL", "TOMCAT_8_5_34.NASL", "TOMCAT_8_5_8.NASL", "TOMCAT_9_0_1.NASL", "TOMCAT_9_0_11.NASL", "TOMCAT_9_0_5.NASL", "TOMCAT_9_0_9.NASL", "TOMCAT_PUT_JSP.NASL", "UBUNTU_USN-2218-1.NASL", "UBUNTU_USN-2476-1.NASL", "UBUNTU_USN-2522-1.NASL", "UBUNTU_USN-2522-2.NASL", "UBUNTU_USN-2522-3.NASL", "UBUNTU_USN-2605-1.NASL", "UBUNTU_USN-3024-1.NASL", "UBUNTU_USN-3027-1.NASL", "UBUNTU_USN-3177-1.NASL", "UBUNTU_USN-3177-2.NASL", "UBUNTU_USN-3181-1.NASL", "UBUNTU_USN-3227-1.NASL", "UBUNTU_USN-3274-1.NASL", "UBUNTU_USN-3282-1.NASL", "UBUNTU_USN-3282-2.NASL", "UBUNTU_USN-3425-1.NASL", "UBUNTU_USN-3458-1.NASL", "UBUNTU_USN-3475-1.NASL", "UBUNTU_USN-3485-1.NASL", "UBUNTU_USN-3485-2.NASL", "UBUNTU_USN-3485-3.NASL", "UBUNTU_USN-3487-1.NASL", "UBUNTU_USN-3512-1.NASL", "UBUNTU_USN-3516-1.NASL", "UBUNTU_USN-3519-1.NASL", "UBUNTU_USN-3521-1.NASL", "UBUNTU_USN-3522-1.NASL", "UBUNTU_USN-3522-2.NASL", "UBUNTU_USN-3522-3.NASL", "UBUNTU_USN-3522-4.NASL", "UBUNTU_USN-3523-1.NASL", "UBUNTU_USN-3523-2.NASL", "UBUNTU_USN-3524-1.NASL", "UBUNTU_USN-3530-1.NASL", "UBUNTU_USN-3540-1.NASL", "UBUNTU_USN-3540-2.NASL", "UBUNTU_USN-3541-1.NASL", "UBUNTU_USN-3541-2.NASL", "UBUNTU_USN-3542-1.NASL", "UBUNTU_USN-3549-1.NASL", "UBUNTU_USN-3583-1.NASL", "UBUNTU_USN-3597-1.NASL", "UBUNTU_USN-3597-2.NASL", "UBUNTU_USN-3611-1.NASL", "UBUNTU_USN-3617-1.NASL", "UBUNTU_USN-3617-2.NASL", "UBUNTU_USN-3617-3.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3628-1.NASL", "UBUNTU_USN-3631-1.NASL", "UBUNTU_USN-3631-2.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3661-1.NASL", "UBUNTU_USN-3665-1.NASL", "UBUNTU_USN-3689-1.NASL", "UBUNTU_USN-3692-1.NASL", "UBUNTU_USN-3698-1.NASL", "UBUNTU_USN-3723-1.NASL", "UBUNTU_USN-3740-1.NASL", "UBUNTU_USN-3740-2.NASL", "UBUNTU_USN-3741-1.NASL", "UBUNTU_USN-3741-2.NASL", "UBUNTU_USN-3741-3.NASL", "UBUNTU_USN-3742-1.NASL", "UBUNTU_USN-3756-1.NASL", "UBUNTU_USN-3783-1.NASL", "UBUNTU_USN-3787-1.NASL", "UBUNTU_USN-3798-1.NASL", "UBUNTU_USN-3840-1.NASL", "UBUNTU_USN-3850-1.NASL", "UBUNTU_USN-3855-1.NASL", "UBUNTU_USN-3882-1.NASL", "UBUNTU_USN-3885-1.NASL", "UBUNTU_USN-3899-1.NASL", "UBUNTU_USN-3937-1.NASL", "UBUNTU_USN-3957-1.NASL", "UBUNTU_USN-3957-2.NASL", "UBUNTU_USN-3957-3.NASL", "UBUNTU_USN-3975-1.NASL", "UBUNTU_USN-4070-3.NASL", "UBUNTU_USN-4416-1.NASL", "UBUNTU_USN-4557-1.NASL", "UBUNTU_USN-4741-1.NASL", "UBUNTU_USN-5327-1.NASL", "VIRTUALBOX_5_1_30.NASL", "VIRTUALBOX_5_2_10.NASL", "VIRTUALBOX_5_2_20.NASL", "VIRTUALBOX_5_2_6.NASL", "VIRTUALBOX_APR_2019_CPU.NASL", "VIRTUALBOX_JAN_2019_CPU.NASL", "VIRTUOZZO_VZA-2017-107.NASL", "VIRTUOZZO_VZA-2018-002.NASL", "VIRTUOZZO_VZA-2018-003.NASL", "VIRTUOZZO_VZA-2018-006.NASL", "VIRTUOZZO_VZA-2018-029.NASL", "VIRTUOZZO_VZA-2018-055.NASL", "VIRTUOZZO_VZA-2018-063.NASL", "VIRTUOZZO_VZLSA-2017-0286.NASL", "VIRTUOZZO_VZLSA-2017-2972.NASL", "VIRTUOZZO_VZLSA-2017-3080.NASL", "VIRTUOZZO_VZLSA-2018-2898.NASL", "VIRTUOZZO_VZLSA-2019-0774.NASL", "VIRTUOZZO_VZLSA-2019-2471.NASL", "VMWARE_ESXI_6_0_BUILD_5485776_REMOTE.NASL", "VMWARE_ESXI_VMSA-2017-0021.NASL", "VMWARE_ESXI_VMSA-2018-0020.NASL", "VMWARE_PLAYER_WIN_VMSA_2017_0021.NASL", "VMWARE_VCENTER_VMSA-2014-0008.NASL", "VMWARE_VCENTER_VMSA-2018-0007.NASL", "VMWARE_VCENTER_VMSA-2018-0020.NASL", "VMWARE_VCENTER_VMSA-2018-0021.NASL", "VMWARE_VMSA-2014-0008.NASL", "VMWARE_VMSA-2018-0002.NASL", "VMWARE_VSPHERE_DATA_PROTECTION_VMSA-2018-0021.NASL", "VMWARE_VSPHERE_VREALIZE_AUTOMATION_VMSA-2018-0021.NASL", "VMWARE_WORKSTATION_LINUX_VMSA_2018_0020.NASL", "VMWARE_WORKSTATION_WIN_VMSA_2017_0021.NASL", "VMWARE_WORKSTATION_WIN_VMSA_2018_0020.NASL", "WEBSPHERE_301027.NASL", "WEBSPHERE_547999.NASL", "WEBSPHERE_711865.NASL", "WEBSPHERE_7_0_0_33.NASL", "WEBSPHERE_PORTAL_7_0_0_2_CF29.NASL", "WEBSPHERE_PORTAL_8_5_0_0_CF02.NASL", "WEBSPHERE_PORTAL_CVE-2014-0114.NASL", "WEB_APPLICATION_SCANNING_112290", "WEB_APPLICATION_SCANNING_112292", "WEB_APPLICATION_SCANNING_112294", "WEB_APPLICATION_SCANNING_112296", "WEB_APPLICATION_SCANNING_112298", "WEB_APPLICATION_SCANNING_112300", "WEB_APPLICATION_SCANNING_112302", "WEB_APPLICATION_SCANNING_112303", "WEB_APPLICATION_SCANNING_112305", "WEB_APPLICATION_SCANNING_112307", "WEB_APPLICATION_SCANNING_112309", "WEB_APPLICATION_SCANNING_112310", "WEB_APPLICATION_SCANNING_112313", "WEB_APPLICATION_SCANNING_112315", "WEB_APPLICATION_SCANNING_112316", "WEB_APPLICATION_SCANNING_112434", "WEB_APPLICATION_SCANNING_112435", "WEB_APPLICATION_SCANNING_113120", "WEB_APPLICATION_SCANNING_113121", "WEB_APPLICATION_SCANNING_113122", "WEB_APPLICATION_SCANNING_98393", "WEB_APPLICATION_SCANNING_98537", "WEB_APPLICATION_SCANNING_98814", "WEB_APPLICATION_SCANNING_98855", "WEB_APPLICATION_SCANNING_98913", "WEB_APPLICATION_SCANNING_98916", "XEN_SERVER_XSA-254.NASL", "XEN_SERVER_XSA-273.NASL"]}, {"type": "nodejs", "idList": ["NODEJS:127"]}, {"type": "nvidia", "idList": ["NVIDIA:4609", "NVIDIA:4610", "NVIDIA:4611", "NVIDIA:4613", "NVIDIA:4614", "NVIDIA:4616", "NVIDIA:4617"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-7055", "OPENSSL:CVE-2017-3730", "OPENSSL:CVE-2017-3731", "OPENSSL:CVE-2017-3732", "OPENSSL:CVE-2017-3733", "OPENSSL:CVE-2017-3735", "OPENSSL:CVE-2017-3736", "OPENSSL:CVE-2017-3738", "OPENSSL:CVE-2018-0732", "OPENSSL:CVE-2018-0733", "OPENSSL:CVE-2018-0734", "OPENSSL:CVE-2018-0735", "OPENSSL:CVE-2018-0737", "OPENSSL:CVE-2018-0739", "OPENSSL:CVE-2018-5407", "OPENSSL:CVE-2019-1559"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105086", "OPENVAS:1361412562310105087", "OPENVAS:1361412562310105088", "OPENVAS:1361412562310106828", "OPENVAS:1361412562310106949", "OPENVAS:1361412562310107028", "OPENVAS:1361412562310107203", "OPENVAS:1361412562310107204", "OPENVAS:1361412562310107269", "OPENVAS:1361412562310107270", "OPENVAS:1361412562310107358", "OPENVAS:1361412562310107443", "OPENVAS:1361412562310107444", "OPENVAS:1361412562310107633", "OPENVAS:1361412562310107824", "OPENVAS:1361412562310107830", "OPENVAS:1361412562310107831", "OPENVAS:1361412562310107834", "OPENVAS:1361412562310107838", "OPENVAS:1361412562310108252", "OPENVAS:1361412562310108483", "OPENVAS:1361412562310108484", "OPENVAS:1361412562310108555", "OPENVAS:1361412562310108556", "OPENVAS:1361412562310108766", "OPENVAS:1361412562310108767", "OPENVAS:1361412562310108773", "OPENVAS:1361412562310112048", "OPENVAS:1361412562310112386", "OPENVAS:1361412562310112387", "OPENVAS:1361412562310112408", "OPENVAS:1361412562310112409", "OPENVAS:1361412562310112410", "OPENVAS:1361412562310112411", "OPENVAS:1361412562310112488", "OPENVAS:1361412562310112489", "OPENVAS:1361412562310120214", "OPENVAS:1361412562310120725", "OPENVAS:1361412562310121352", "OPENVAS:1361412562310121360", "OPENVAS:1361412562310121385", "OPENVAS:1361412562310121459", "OPENVAS:1361412562310123417", "OPENVAS:1361412562310123433", "OPENVAS:1361412562310130082", "OPENVAS:1361412562310140168", "OPENVAS:1361412562310140528", "OPENVAS:1361412562310141568", "OPENVAS:1361412562310141569", "OPENVAS:1361412562310141635", "OPENVAS:1361412562310141668", "OPENVAS:1361412562310141961", "OPENVAS:1361412562310141962", "OPENVAS:1361412562310141963", "OPENVAS:1361412562310141964", "OPENVAS:1361412562310141965", "OPENVAS:1361412562310141966", "OPENVAS:1361412562310142398", "OPENVAS:1361412562310142399", "OPENVAS:1361412562310142400", "OPENVAS:1361412562310142401", "OPENVAS:1361412562310142402", "OPENVAS:1361412562310142403", "OPENVAS:1361412562310142404", "OPENVAS:1361412562310142405", "OPENVAS:1361412562310142650", "OPENVAS:1361412562310142651", "OPENVAS:1361412562310143949", "OPENVAS:1361412562310702886", "OPENVAS:1361412562310702940", "OPENVAS:1361412562310703187", "OPENVAS:1361412562310703323", "OPENVAS:1361412562310703609", "OPENVAS:1361412562310703611", "OPENVAS:1361412562310703614", "OPENVAS:1361412562310703725", "OPENVAS:1361412562310703738", "OPENVAS:1361412562310703739", "OPENVAS:1361412562310703773", "OPENVAS:1361412562310703830", "OPENVAS:1361412562310703839", "OPENVAS:1361412562310703891", "OPENVAS:1361412562310703892", "OPENVAS:1361412562310703893", "OPENVAS:1361412562310703980", "OPENVAS:1361412562310704004", "OPENVAS:1361412562310704017", "OPENVAS:1361412562310704018", "OPENVAS:1361412562310704037", "OPENVAS:1361412562310704065", "OPENVAS:1361412562310704078", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704120", "OPENVAS:1361412562310704157", "OPENVAS:1361412562310704158", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704190", "OPENVAS:1361412562310704215", "OPENVAS:1361412562310704230", "OPENVAS:1361412562310704231", "OPENVAS:1361412562310704233", "OPENVAS:1361412562310704274", "OPENVAS:1361412562310704279", "OPENVAS:1361412562310704281", "OPENVAS:1361412562310704348", "OPENVAS:1361412562310704355", "OPENVAS:1361412562310704367", "OPENVAS:1361412562310704386", "OPENVAS:1361412562310704387", "OPENVAS:1361412562310704400", "OPENVAS:1361412562310704422", "OPENVAS:1361412562310704452", "OPENVAS:1361412562310704453", "OPENVAS:1361412562310704469", "OPENVAS:1361412562310704596", "OPENVAS:1361412562310805421", "OPENVAS:1361412562310805422", "OPENVAS:1361412562310805423", "OPENVAS:1361412562310806063", "OPENVAS:1361412562310806130", "OPENVAS:1361412562310806154", "OPENVAS:1361412562310808197", "OPENVAS:1361412562310808523", "OPENVAS:1361412562310808530", "OPENVAS:1361412562310808538", "OPENVAS:1361412562310808618", "OPENVAS:1361412562310809211", "OPENVAS:1361412562310809213", "OPENVAS:1361412562310809478", "OPENVAS:1361412562310810141", "OPENVAS:1361412562310810164", "OPENVAS:1361412562310810542", "OPENVAS:1361412562310810543", "OPENVAS:1361412562310810544", "OPENVAS:1361412562310810545", "OPENVAS:1361412562310810546", "OPENVAS:1361412562310810701", "OPENVAS:1361412562310810702", "OPENVAS:1361412562310810747", "OPENVAS:1361412562310810748", "OPENVAS:1361412562310810966", "OPENVAS:1361412562310811140", "OPENVAS:1361412562310811141", "OPENVAS:1361412562310811250", "OPENVAS:1361412562310811305", "OPENVAS:1361412562310811306", "OPENVAS:1361412562310811440", "OPENVAS:1361412562310811441", "OPENVAS:1361412562310811719", "OPENVAS:1361412562310811720", "OPENVAS:1361412562310811854", "OPENVAS:1361412562310811871", "OPENVAS:1361412562310811980", "OPENVAS:1361412562310811981", "OPENVAS:1361412562310811982", "OPENVAS:1361412562310811989", "OPENVAS:1361412562310811990", "OPENVAS:1361412562310812035", "OPENVAS:1361412562310812045", "OPENVAS:1361412562310812057", "OPENVAS:1361412562310812058", "OPENVAS:1361412562310812284", "OPENVAS:1361412562310812289", "OPENVAS:1361412562310812290", "OPENVAS:1361412562310812291", "OPENVAS:1361412562310812292", "OPENVAS:1361412562310812293", "OPENVAS:1361412562310812294", "OPENVAS:1361412562310812295", "OPENVAS:1361412562310812296", "OPENVAS:1361412562310812320", "OPENVAS:1361412562310812321", "OPENVAS:1361412562310812384", "OPENVAS:1361412562310812386", "OPENVAS:1361412562310812397", "OPENVAS:1361412562310812398", "OPENVAS:1361412562310812400", "OPENVAS:1361412562310812401", "OPENVAS:1361412562310812629", "OPENVAS:1361412562310812641", "OPENVAS:1361412562310812642", "OPENVAS:1361412562310812643", "OPENVAS:1361412562310812662", "OPENVAS:1361412562310812740", "OPENVAS:1361412562310812784", "OPENVAS:1361412562310812785", "OPENVAS:1361412562310813153", "OPENVAS:1361412562310813154", "OPENVAS:1361412562310813302", "OPENVAS:1361412562310813303", "OPENVAS:1361412562310813304", "OPENVAS:1361412562310813438", "OPENVAS:1361412562310813652", "OPENVAS:1361412562310813712", "OPENVAS:1361412562310813713", "OPENVAS:1361412562310813742", "OPENVAS:1361412562310813743", "OPENVAS:1361412562310813840", "OPENVAS:1361412562310813841", "OPENVAS:1361412562310813842", "OPENVAS:1361412562310813843", "OPENVAS:1361412562310813844", "OPENVAS:1361412562310813845", "OPENVAS:1361412562310813846", "OPENVAS:1361412562310814014", "OPENVAS:1361412562310814054", "OPENVAS:1361412562310814056", "OPENVAS:1361412562310814057", "OPENVAS:1361412562310814143", "OPENVAS:1361412562310814264", "OPENVAS:1361412562310814265", "OPENVAS:1361412562310814266", "OPENVAS:1361412562310814409", "OPENVAS:1361412562310814426", "OPENVAS:1361412562310814658", "OPENVAS:1361412562310814659", "OPENVAS:1361412562310814660", "OPENVAS:1361412562310814798", "OPENVAS:1361412562310814799", "OPENVAS:1361412562310815020", "OPENVAS:1361412562310815033", "OPENVAS:1361412562310815034", "OPENVAS:1361412562310815100", "OPENVAS:1361412562310815101", "OPENVAS:1361412562310815102", "OPENVAS:1361412562310815103", "OPENVAS:1361412562310815104", "OPENVAS:1361412562310815105", "OPENVAS:1361412562310815106", "OPENVAS:1361412562310841827", "OPENVAS:1361412562310842073", "OPENVAS:1361412562310842117", "OPENVAS:1361412562310842118", "OPENVAS:1361412562310842122", "OPENVAS:1361412562310842206", "OPENVAS:1361412562310842823", "OPENVAS:1361412562310842824", "OPENVAS:1361412562310843024", "OPENVAS:1361412562310843029", "OPENVAS:1361412562310843035", "OPENVAS:1361412562310843092", "OPENVAS:1361412562310843150", "OPENVAS:1361412562310843153", "OPENVAS:1361412562310843313", "OPENVAS:1361412562310843360", "OPENVAS:1361412562310843369", "OPENVAS:1361412562310843373", "OPENVAS:1361412562310843376", "OPENVAS:1361412562310843377", "OPENVAS:1361412562310843401", "OPENVAS:1361412562310843405", "OPENVAS:1361412562310843407", "OPENVAS:1361412562310843409", "OPENVAS:1361412562310843410", "OPENVAS:1361412562310843411", "OPENVAS:1361412562310843412", "OPENVAS:1361412562310843413", "OPENVAS:1361412562310843414", "OPENVAS:1361412562310843415", "OPENVAS:1361412562310843418", "OPENVAS:1361412562310843419", "OPENVAS:1361412562310843423", "OPENVAS:1361412562310843424", "OPENVAS:1361412562310843427", "OPENVAS:1361412562310843428", "OPENVAS:1361412562310843429", "OPENVAS:1361412562310843436", "OPENVAS:1361412562310843461", "OPENVAS:1361412562310843473", "OPENVAS:1361412562310843474", "OPENVAS:1361412562310843487", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843506", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843511", "OPENVAS:1361412562310843539", "OPENVAS:1361412562310843565", "OPENVAS:1361412562310843569", "OPENVAS:1361412562310843572", "OPENVAS:1361412562310843599", "OPENVAS:1361412562310843612", "OPENVAS:1361412562310843613", "OPENVAS:1361412562310843614", "OPENVAS:1361412562310843616", "OPENVAS:1361412562310843617", "OPENVAS:1361412562310843620", "OPENVAS:1361412562310843629", "OPENVAS:1361412562310843652", "OPENVAS:1361412562310843656", "OPENVAS:1361412562310843665", "OPENVAS:1361412562310843673", "OPENVAS:1361412562310843737", "OPENVAS:1361412562310843764", "OPENVAS:1361412562310843796", "OPENVAS:1361412562310843848", "OPENVAS:1361412562310843868", "OPENVAS:1361412562310843899", "OPENVAS:1361412562310843902", "OPENVAS:1361412562310843920", "OPENVAS:1361412562310843965", "OPENVAS:1361412562310844002", "OPENVAS:1361412562310844042", "OPENVAS:1361412562310844137", "OPENVAS:1361412562310844490", "OPENVAS:1361412562310850639", "OPENVAS:1361412562310850772", "OPENVAS:1361412562310851455", "OPENVAS:1361412562310851503", "OPENVAS:1361412562310851632", "OPENVAS:1361412562310851633", "OPENVAS:1361412562310851638", "OPENVAS:1361412562310851651", "OPENVAS:1361412562310851665", "OPENVAS:1361412562310851677", "OPENVAS:1361412562310851678", "OPENVAS:1361412562310851693", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310851700", "OPENVAS:1361412562310851703", "OPENVAS:1361412562310851704", "OPENVAS:1361412562310851708", "OPENVAS:1361412562310851734", "OPENVAS:1361412562310851742", "OPENVAS:1361412562310851765", "OPENVAS:1361412562310851778", "OPENVAS:1361412562310851796", "OPENVAS:1361412562310851810", "OPENVAS:1361412562310851830", "OPENVAS:1361412562310851831", "OPENVAS:1361412562310851840", "OPENVAS:1361412562310851845", "OPENVAS:1361412562310851858", "OPENVAS:1361412562310851863", "OPENVAS:1361412562310851864", "OPENVAS:1361412562310851869", "OPENVAS:1361412562310851885", "OPENVAS:1361412562310851888", "OPENVAS:1361412562310851897", "OPENVAS:1361412562310851907", "OPENVAS:1361412562310851908", "OPENVAS:1361412562310851920", "OPENVAS:1361412562310851952", "OPENVAS:1361412562310851953", "OPENVAS:1361412562310851962", "OPENVAS:1361412562310851964", "OPENVAS:1361412562310851978", "OPENVAS:1361412562310851987", "OPENVAS:1361412562310851991", "OPENVAS:1361412562310851992", "OPENVAS:1361412562310852013", "OPENVAS:1361412562310852017", "OPENVAS:1361412562310852023", "OPENVAS:1361412562310852032", "OPENVAS:1361412562310852045", "OPENVAS:1361412562310852049", "OPENVAS:1361412562310852053", "OPENVAS:1361412562310852061", "OPENVAS:1361412562310852086", "OPENVAS:1361412562310852090", "OPENVAS:1361412562310852123", "OPENVAS:1361412562310852142", "OPENVAS:1361412562310852145", "OPENVAS:1361412562310852155", "OPENVAS:1361412562310852172", "OPENVAS:1361412562310852178", "OPENVAS:1361412562310852179", "OPENVAS:1361412562310852216", "OPENVAS:1361412562310852221", "OPENVAS:1361412562310852251", "OPENVAS:1361412562310852253", "OPENVAS:1361412562310852256", "OPENVAS:1361412562310852259", "OPENVAS:1361412562310852260", "OPENVAS:1361412562310852264", "OPENVAS:1361412562310852272", "OPENVAS:1361412562310852279", "OPENVAS:1361412562310852287", "OPENVAS:1361412562310852289", "OPENVAS:1361412562310852290", "OPENVAS:1361412562310852311", "OPENVAS:1361412562310852334", "OPENVAS:1361412562310852336", "OPENVAS:1361412562310852363", "OPENVAS:1361412562310852378", "OPENVAS:1361412562310852411", "OPENVAS:1361412562310852412", "OPENVAS:1361412562310852473", "OPENVAS:1361412562310852501", "OPENVAS:1361412562310852515", "OPENVAS:1361412562310852516", "OPENVAS:1361412562310852541", "OPENVAS:1361412562310852554", "OPENVAS:1361412562310852592", "OPENVAS:1361412562310852618", "OPENVAS:1361412562310852640", "OPENVAS:1361412562310852654", "OPENVAS:1361412562310852878", "OPENVAS:1361412562310852946", "OPENVAS:1361412562310853086", "OPENVAS:1361412562310853141", "OPENVAS:1361412562310867670", "OPENVAS:1361412562310867674", "OPENVAS:1361412562310868112", "OPENVAS:1361412562310869313", "OPENVAS:1361412562310869314", "OPENVAS:1361412562310869959", "OPENVAS:1361412562310871148", "OPENVAS:1361412562310871164", "OPENVAS:1361412562310871701", "OPENVAS:1361412562310871760", "OPENVAS:1361412562310871847", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310871919", "OPENVAS:1361412562310871961", "OPENVAS:1361412562310872092", "OPENVAS:1361412562310872149", "OPENVAS:1361412562310872150", "OPENVAS:1361412562310872157", "OPENVAS:1361412562310872342", "OPENVAS:1361412562310872359", "OPENVAS:1361412562310872610", "OPENVAS:1361412562310872637", "OPENVAS:1361412562310872638", "OPENVAS:1361412562310872644", "OPENVAS:1361412562310872645", "OPENVAS:1361412562310872646", "OPENVAS:1361412562310872757", "OPENVAS:1361412562310872759", "OPENVAS:1361412562310873202", "OPENVAS:1361412562310873247", "OPENVAS:1361412562310873261", "OPENVAS:1361412562310873323", "OPENVAS:1361412562310873333", "OPENVAS:1361412562310873446", "OPENVAS:1361412562310873537", "OPENVAS:1361412562310873543", "OPENVAS:1361412562310873627", "OPENVAS:1361412562310873673", "OPENVAS:1361412562310873687", "OPENVAS:1361412562310873711", "OPENVAS:1361412562310873728", "OPENVAS:1361412562310873748", "OPENVAS:1361412562310873766", "OPENVAS:1361412562310873774", "OPENVAS:1361412562310873784", "OPENVAS:1361412562310873785", "OPENVAS:1361412562310873797", "OPENVAS:1361412562310873829", "OPENVAS:1361412562310873837", "OPENVAS:1361412562310874007", "OPENVAS:1361412562310874035", "OPENVAS:1361412562310874089", "OPENVAS:1361412562310874090", "OPENVAS:1361412562310874108", "OPENVAS:1361412562310874109", "OPENVAS:1361412562310874190", "OPENVAS:1361412562310874309", "OPENVAS:1361412562310874310", "OPENVAS:1361412562310874313", "OPENVAS:1361412562310874318", "OPENVAS:1361412562310874329", "OPENVAS:1361412562310874333", "OPENVAS:1361412562310874349", "OPENVAS:1361412562310874356", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874436", "OPENVAS:1361412562310874599", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874618", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874668", "OPENVAS:1361412562310874669", "OPENVAS:1361412562310874692", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874699", "OPENVAS:1361412562310874701", "OPENVAS:1361412562310874704", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874787", "OPENVAS:1361412562310874794", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310874832", "OPENVAS:1361412562310874838", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874959", "OPENVAS:1361412562310874963", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874965", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875005", "OPENVAS:1361412562310875010", "OPENVAS:1361412562310875011", "OPENVAS:1361412562310875012", "OPENVAS:1361412562310875025", "OPENVAS:1361412562310875045", "OPENVAS:1361412562310875064", "OPENVAS:1361412562310875065", "OPENVAS:1361412562310875066", "OPENVAS:1361412562310875068", "OPENVAS:1361412562310875074", "OPENVAS:1361412562310875080", "OPENVAS:1361412562310875081", "OPENVAS:1361412562310875082", "OPENVAS:1361412562310875084", "OPENVAS:1361412562310875085", "OPENVAS:1361412562310875092", "OPENVAS:1361412562310875095", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875128", "OPENVAS:1361412562310875131", "OPENVAS:1361412562310875133", "OPENVAS:1361412562310875162", "OPENVAS:1361412562310875170", "OPENVAS:1361412562310875189", "OPENVAS:1361412562310875197", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875212", "OPENVAS:1361412562310875247", "OPENVAS:1361412562310875255", "OPENVAS:1361412562310875287", "OPENVAS:1361412562310875303", "OPENVAS:1361412562310875304", "OPENVAS:1361412562310875330", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875358", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875424", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875464", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875502", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875523", "OPENVAS:1361412562310875528", "OPENVAS:1361412562310875539", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875653", "OPENVAS:1361412562310875658", "OPENVAS:1361412562310875679", "OPENVAS:1361412562310875689", "OPENVAS:1361412562310875705", "OPENVAS:1361412562310875714", "OPENVAS:1361412562310875739", "OPENVAS:1361412562310875780", "OPENVAS:1361412562310875785", "OPENVAS:1361412562310875809", "OPENVAS:1361412562310875836", "OPENVAS:1361412562310875894", "OPENVAS:1361412562310875944", "OPENVAS:1361412562310875964", "OPENVAS:1361412562310875998", "OPENVAS:1361412562310876032", "OPENVAS:1361412562310876042", "OPENVAS:1361412562310876132", "OPENVAS:1361412562310876185", "OPENVAS:1361412562310876215", "OPENVAS:1361412562310876220", "OPENVAS:1361412562310876248", "OPENVAS:1361412562310876257", "OPENVAS:1361412562310876270", "OPENVAS:1361412562310876291", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876475", "OPENVAS:1361412562310876519", "OPENVAS:1361412562310876540", "OPENVAS:1361412562310876556", "OPENVAS:1361412562310876685", "OPENVAS:1361412562310876690", "OPENVAS:1361412562310876730", "OPENVAS:1361412562310876745", "OPENVAS:1361412562310876754", "OPENVAS:1361412562310876816", "OPENVAS:1361412562310876830", "OPENVAS:1361412562310876840", "OPENVAS:1361412562310876846", "OPENVAS:1361412562310876863", "OPENVAS:1361412562310877283", "OPENVAS:1361412562310881911", "OPENVAS:1361412562310881914", "OPENVAS:1361412562310881933", "OPENVAS:1361412562310882659", "OPENVAS:1361412562310882660", "OPENVAS:1361412562310882757", "OPENVAS:1361412562310882784", "OPENVAS:1361412562310882791", "OPENVAS:1361412562310882795", "OPENVAS:1361412562310882796", "OPENVAS:1361412562310882822", "OPENVAS:1361412562310882836", "OPENVAS:1361412562310882855", "OPENVAS:1361412562310882865", "OPENVAS:1361412562310882875", "OPENVAS:1361412562310882935", "OPENVAS:1361412562310882936", "OPENVAS:1361412562310882953", "OPENVAS:1361412562310882961", "OPENVAS:1361412562310882992", "OPENVAS:1361412562310882996", "OPENVAS:1361412562310883021", "OPENVAS:1361412562310883022", "OPENVAS:1361412562310883039", "OPENVAS:1361412562310883040", "OPENVAS:1361412562310883041", "OPENVAS:1361412562310883042", "OPENVAS:1361412562310883043", "OPENVAS:1361412562310883097", "OPENVAS:1361412562310890814", "OPENVAS:1361412562310890918", "OPENVAS:1361412562310890931", "OPENVAS:1361412562310890947", "OPENVAS:1361412562310890989", "OPENVAS:1361412562310890996", "OPENVAS:1361412562310891102", "OPENVAS:1361412562310891232", "OPENVAS:1361412562310891301", "OPENVAS:1361412562310891330", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891385", "OPENVAS:1361412562310891396", "OPENVAS:1361412562310891405", "OPENVAS:1361412562310891422", "OPENVAS:1361412562310891449", "OPENVAS:1361412562310891450", "OPENVAS:1361412562310891453", "OPENVAS:1361412562310891481", "OPENVAS:1361412562310891491", "OPENVAS:1361412562310891506", "OPENVAS:1361412562310891544", "OPENVAS:1361412562310891545", "OPENVAS:1361412562310891586", "OPENVAS:1361412562310891639", "OPENVAS:1361412562310891647", "OPENVAS:1361412562310891672", "OPENVAS:1361412562310891701", "OPENVAS:1361412562310891703", "OPENVAS:1361412562310891704", "OPENVAS:1361412562310891711", "OPENVAS:1361412562310891728", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891782", "OPENVAS:1361412562310892091", "OPENVAS:1361412562311220161054", "OPENVAS:1361412562311220171029", "OPENVAS:1361412562311220171030", "OPENVAS:1361412562311220171110", "OPENVAS:1361412562311220171114", "OPENVAS:1361412562311220171129", "OPENVAS:1361412562311220171191", "OPENVAS:1361412562311220171192", "OPENVAS:1361412562311220171213", "OPENVAS:1361412562311220171214", "OPENVAS:1361412562311220171252", "OPENVAS:1361412562311220171253", "OPENVAS:1361412562311220171261", "OPENVAS:1361412562311220171262", "OPENVAS:1361412562311220171271", "OPENVAS:1361412562311220171282", "OPENVAS:1361412562311220171305", "OPENVAS:1361412562311220171306", "OPENVAS:1361412562311220181001", "OPENVAS:1361412562311220181002", "OPENVAS:1361412562311220181031", "OPENVAS:1361412562311220181054", "OPENVAS:1361412562311220181055", "OPENVAS:1361412562311220181092", "OPENVAS:1361412562311220181093", "OPENVAS:1361412562311220181115", "OPENVAS:1361412562311220181132", "OPENVAS:1361412562311220181159", "OPENVAS:1361412562311220181179", "OPENVAS:1361412562311220181214", "OPENVAS:1361412562311220181236", "OPENVAS:1361412562311220181245", "OPENVAS:1361412562311220181260", "OPENVAS:1361412562311220181278", "OPENVAS:1361412562311220181279", "OPENVAS:1361412562311220181289", "OPENVAS:1361412562311220181296", "OPENVAS:1361412562311220181306", "OPENVAS:1361412562311220181323", "OPENVAS:1361412562311220181332", "OPENVAS:1361412562311220181339", "OPENVAS:1361412562311220181344", "OPENVAS:1361412562311220181345", "OPENVAS:1361412562311220181350", "OPENVAS:1361412562311220181358", "OPENVAS:1361412562311220181366", "OPENVAS:1361412562311220181381", "OPENVAS:1361412562311220181383", "OPENVAS:1361412562311220181392", "OPENVAS:1361412562311220181420", "OPENVAS:1361412562311220181434", "OPENVAS:1361412562311220191009", "OPENVAS:1361412562311220191024", "OPENVAS:1361412562311220191025", "OPENVAS:1361412562311220191038", "OPENVAS:1361412562311220191045", "OPENVAS:1361412562311220191050", "OPENVAS:1361412562311220191060", "OPENVAS:1361412562311220191084", "OPENVAS:1361412562311220191086", "OPENVAS:1361412562311220191097", "OPENVAS:1361412562311220191107", "OPENVAS:1361412562311220191113", "OPENVAS:1361412562311220191128", "OPENVAS:1361412562311220191137", "OPENVAS:1361412562311220191145", "OPENVAS:1361412562311220191164", "OPENVAS:1361412562311220191166", "OPENVAS:1361412562311220191169", "OPENVAS:1361412562311220191185", "OPENVAS:1361412562311220191201", "OPENVAS:1361412562311220191225", "OPENVAS:1361412562311220191227", "OPENVAS:1361412562311220191228", "OPENVAS:1361412562311220191233", "OPENVAS:1361412562311220191235", "OPENVAS:1361412562311220191242", "OPENVAS:1361412562311220191252", "OPENVAS:1361412562311220191258", "OPENVAS:1361412562311220191267", "OPENVAS:1361412562311220191271", "OPENVAS:1361412562311220191294", "OPENVAS:1361412562311220191301", "OPENVAS:1361412562311220191325", "OPENVAS:1361412562311220191326", "OPENVAS:1361412562311220191345", "OPENVAS:1361412562311220191386", "OPENVAS:1361412562311220191389", "OPENVAS:1361412562311220191397", "OPENVAS:1361412562311220191399", "OPENVAS:1361412562311220191400", "OPENVAS:1361412562311220191412", "OPENVAS:1361412562311220191416", "OPENVAS:1361412562311220191419", "OPENVAS:1361412562311220191426", "OPENVAS:1361412562311220191453", "OPENVAS:1361412562311220191499", "OPENVAS:1361412562311220191504", "OPENVAS:1361412562311220191514", "OPENVAS:1361412562311220191515", "OPENVAS:1361412562311220191528", "OPENVAS:1361412562311220191538", "OPENVAS:1361412562311220191539", "OPENVAS:1361412562311220191546", "OPENVAS:1361412562311220191547", "OPENVAS:1361412562311220191548", "OPENVAS:1361412562311220191551", "OPENVAS:1361412562311220191584", "OPENVAS:1361412562311220191585", "OPENVAS:1361412562311220191602", "OPENVAS:1361412562311220191637", "OPENVAS:1361412562311220191638", "OPENVAS:1361412562311220191643", "OPENVAS:1361412562311220191654", "OPENVAS:1361412562311220191667", "OPENVAS:1361412562311220191732", "OPENVAS:1361412562311220191745", "OPENVAS:1361412562311220191755", "OPENVAS:1361412562311220191759", "OPENVAS:1361412562311220191772", "OPENVAS:1361412562311220191828", "OPENVAS:1361412562311220191835", "OPENVAS:1361412562311220191903", "OPENVAS:1361412562311220191943", "OPENVAS:1361412562311220191969", "OPENVAS:1361412562311220191979", "OPENVAS:1361412562311220191981", "OPENVAS:1361412562311220191992", "OPENVAS:1361412562311220192007", "OPENVAS:1361412562311220192008", "OPENVAS:1361412562311220192030", "OPENVAS:1361412562311220192047", "OPENVAS:1361412562311220192159", "OPENVAS:1361412562311220192174", "OPENVAS:1361412562311220192175", "OPENVAS:1361412562311220192218", "OPENVAS:1361412562311220192246", "OPENVAS:1361412562311220192248", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192311", "OPENVAS:1361412562311220192312", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192361", "OPENVAS:1361412562311220192390", "OPENVAS:1361412562311220192430", "OPENVAS:1361412562311220192438", "OPENVAS:1361412562311220192467", "OPENVAS:1361412562311220192476", "OPENVAS:1361412562311220192483", "OPENVAS:1361412562311220192509", "OPENVAS:1361412562311220192543", "OPENVAS:1361412562311220192594", "OPENVAS:1361412562311220192599", "OPENVAS:1361412562311220192675", "OPENVAS:1361412562311220201155", "OPENVAS:1361412562311220201214", "OPENVAS:1361412562311220201252", "OPENVAS:1361412562311220201261", "OPENVAS:1361412562311220201359", "OPENVAS:1361412562311220201454", "OPENVAS:1361412562311220201629", "OPENVAS:1361412562311220201651", "OPENVAS:1361412562311220201718", "OPENVAS:1361412562311220201754", "OPENVAS:702886", "OPENVAS:702940", "OPENVAS:703187", "OPENVAS:703323", "OPENVAS:703609", "OPENVAS:703611", "OPENVAS:703614", "OPENVAS:703725", "OPENVAS:703738", "OPENVAS:703739", "OPENVAS:703773", "OPENVAS:703830", "OPENVAS:703839", "OPENVAS:703891", "OPENVAS:703892", "OPENVAS:703893", "OPENVAS:867670", "OPENVAS:867674", "OPENVAS:871148", "OPENVAS:871164", "OPENVAS:881911", "OPENVAS:881914", "OPENVAS:881933"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2016V3-2985753", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2017-3236618", "ORACLE:CPUAPR2018", "ORACLE:CPUAPR2018-3678067", "ORACLE:CPUAPR2019-5072813", "ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUJAN2015", "ORACLE:CPUJAN2015-1972971", "ORACLE:CPUJAN2016", "ORACLE:CPUJAN2016-2367955", "ORACLE:CPUJAN2017", "ORACLE:CPUJAN2017-2881727", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2018-3236628", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2019-5072801", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2014-1972956", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2016-2881720", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2017-3236622", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2019-5072835", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2014-1972960", "ORACLE:CPUOCT2015", "ORACLE:CPUOCT2015-2367953", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2016-2881722", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2017-3236626", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2019-5072832", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0348", "ELSA-2014-0474", "ELSA-2016-2599", "ELSA-2017-0286", "ELSA-2017-1809", "ELSA-2017-2247", "ELSA-2017-2423", "ELSA-2017-2882", "ELSA-2017-2972", "ELSA-2017-3080", "ELSA-2017-3081", "ELSA-2017-3518", "ELSA-2017-3519", "ELSA-2018-0007", "ELSA-2018-0008", "ELSA-2018-0151", "ELSA-2018-0169", "ELSA-2018-0292", "ELSA-2018-0592", "ELSA-2018-0998", "ELSA-2018-1062", "ELSA-2018-1319", "ELSA-2018-1854", "ELSA-2018-2384", "ELSA-2018-2390", "ELSA-2018-2748", "ELSA-2018-2768", "ELSA-2018-2846", "ELSA-2018-2898", "ELSA-2018-3083", "ELSA-2018-3090", "ELSA-2018-3092", "ELSA-2018-3221", "ELSA-2018-4004", "ELSA-2018-4006", "ELSA-2018-4011", "ELSA-2018-4012", "ELSA-2018-4017", "ELSA-2018-4020", "ELSA-2018-4021", "ELSA-2018-4022", "ELSA-2018-4025", "ELSA-2018-4071", "ELSA-2018-4077", "ELSA-2018-4088", "ELSA-2018-4089", "ELSA-2018-4109", "ELSA-2018-4110", "ELSA-2018-4187", "ELSA-2018-4195", "ELSA-2018-4196", "ELSA-2018-4200", "ELSA-2018-4210", "ELSA-2018-4211", "ELSA-2018-4214", "ELSA-2018-4215", "ELSA-2018-4228", "ELSA-2018-4229", "ELSA-2018-4235", "ELSA-2018-4242", "ELSA-2018-4245", "ELSA-2018-4246", "ELSA-2018-4248", "ELSA-2018-4249", "ELSA-2018-4250", "ELSA-2018-4253", "ELSA-2018-4254", "ELSA-2018-4266", "ELSA-2018-4267", "ELSA-2018-4285", "ELSA-2018-4289", "ELSA-2018-4301", "ELSA-2018-4307", "ELSA-2019-0049", "ELSA-2019-0483", "ELSA-2019-0485", "ELSA-2019-0774", "ELSA-2019-0775", "ELSA-2019-0778", "ELSA-2019-0790", "ELSA-2019-0791", "ELSA-2019-1146", "ELSA-2019-1518", "ELSA-2019-1529", "ELSA-2019-2125", "ELSA-2019-2205", "ELSA-2019-2237", "ELSA-2019-2304", "ELSA-2019-2327", "ELSA-2019-2471", "ELSA-2019-2511", "ELSA-2019-3700", "ELSA-2019-3701", "ELSA-2019-3702", "ELSA-2019-3708", "ELSA-2019-4316", "ELSA-2019-4317", "ELSA-2019-4581", "ELSA-2019-4585", "ELSA-2019-4630", "ELSA-2019-4668", "ELSA-2019-4702", "ELSA-2019-4732", "ELSA-2019-4747", "ELSA-2019-4754", "ELSA-2019-4785", "ELSA-2020-0194", "ELSA-2020-1121", "ELSA-2020-3936", "ELSA-2020-4670", "ELSA-2020-4751", "ELSA-2020-4847", "ELSA-2020-5861", "ELSA-2021-1675", "ELSA-2021-1809", "ELSA-2021-9034", "ELSA-2021-9121", "ELSA-2021-9150", "ELSA-2022-9419"]}, {"type": "osv", "idList": ["OSV:DLA-1102-1", "OSV:DLA-1157-1", "OSV:DLA-1166-1", "OSV:DLA-1200-1", "OSV:DLA-1232-1", "OSV:DLA-1301-1", "OSV:DLA-1330-1", "OSV:DLA-1369-1", "OSV:DLA-1385-1", "OSV:DLA-1396-1", "OSV:DLA-1400-1", "OSV:DLA-1400-2", "OSV:DLA-1405-1", "OSV:DLA-1422-1", "OSV:DLA-1422-2", "OSV:DLA-1423-1", "OSV:DLA-1449-1", "OSV:DLA-1450-1", "OSV:DLA-1453-1", "OSV:DLA-1481-1", "OSV:DLA-1491-1", "OSV:DLA-1529-1", "OSV:DLA-1544-1", "OSV:DLA-1545-1", "OSV:DLA-1586-1", "OSV:DLA-1639-1", "OSV:DLA-1647-1", "OSV:DLA-1672-1", "OSV:DLA-1701-1", "OSV:DLA-1703-1", "OSV:DLA-1704-1", "OSV:DLA-1711-1", "OSV:DLA-1728-1", "OSV:DLA-1731-1", "OSV:DLA-1782-1", "OSV:DLA-2091-1", "OSV:DLA-219-1", "OSV:DLA-2342-1", "OSV:DLA-2388-1", "OSV:DLA-2583-1", "OSV:DLA-2635-1", "OSV:DLA-274-1", "OSV:DLA-2889-1", "OSV:DLA-528-1", "OSV:DLA-529-1", "OSV:DLA-57-1", "OSV:DLA-615-1", "OSV:DLA-728-1", "OSV:DLA-729-1", "OSV:DLA-744-1", "OSV:DLA-814-1", "OSV:DLA-918-1", "OSV:DLA-931-1", "OSV:DLA-947-1", "OSV:DLA-989-1", "OSV:DLA-996-1", "OSV:DSA-2886-1", "OSV:DSA-2940-1", "OSV:DSA-3187-1", "OSV:DSA-3323-1", "OSV:DSA-3609-1", "OSV:DSA-3611-1", "OSV:DSA-3614-1", "OSV:DSA-3725-1", "OSV:DSA-3738-1", "OSV:DSA-3739-1", "OSV:DSA-3773-1", "OSV:DSA-3830-1", "OSV:DSA-3839-1", "OSV:DSA-3891-1", "OSV:DSA-3892-1", "OSV:DSA-3893-1", "OSV:DSA-3980-1", "OSV:DSA-4004-1", "OSV:DSA-4017-1", "OSV:DSA-4018-1", "OSV:DSA-4037-1", "OSV:DSA-4065-1", "OSV:DSA-4078-1", "OSV:DSA-4082-1", "OSV:DSA-4120-1", "OSV:DSA-4120-2", "OSV:DSA-4157-1", "OSV:DSA-4158-1", "OSV:DSA-4187-1", "OSV:DSA-4188-1", "OSV:DSA-4190-1", "OSV:DSA-4215-1", "OSV:DSA-4230-1", "OSV:DSA-4231-1", "OSV:DSA-4233-1", "OSV:DSA-4274-1", "OSV:DSA-4279-1", "OSV:DSA-4281-1", "OSV:DSA-4348-1", "OSV:DSA-4355-1", "OSV:DSA-4367-1", "OSV:DSA-4367-2", "OSV:DSA-4386-1", "OSV:DSA-4387-1", "OSV:DSA-4387-2", "OSV:DSA-4400-1", "OSV:DSA-4422-1", "OSV:DSA-4452-1", "OSV:DSA-4453-1", "OSV:DSA-4469-1", "OSV:DSA-4596-1", "OSV:GHSA-24WW-MC5X-XC43", "OSV:GHSA-25GW-4PCC-45CF", "OSV:GHSA-4446-656P-F54G", "OSV:GHSA-46J3-R4PJ-4835", "OSV:GHSA-4GQ5-CH57-C2MG", "OSV:GHSA-4R8Q-GV9J-3XX6", "OSV:GHSA-5GGR-MPGW-3MGX", "OSV:GHSA-5Q99-F34M-67GC", "OSV:GHSA-645P-88QH-W398", "OSV:GHSA-6JQ2-789Q-FFF2", "OSV:GHSA-6R7R-JJ8H-PQ6V", "OSV:GHSA-6RXJ-58JH-436R", "OSV:GHSA-6WQP-V4V6-C87C", "OSV:GHSA-7JW3-5Q4W-89QG", "OSV:GHSA-7X9J-7223-RG5M", "OSV:GHSA-9GCM-F4X3-8JPW", "OSV:GHSA-9MXF-G3X6-WV74", "OSV:GHSA-C8HM-7HPQ-7JHG", "OSV:GHSA-CGGJ-FVV3-CQWV", "OSV:GHSA-CJJF-94FF-43W7", "OSV:GHSA-CXRJ-66C5-9FMH", "OSV:GHSA-F26X-PR96-VW86", "OSV:GHSA-F7F6-XRWC-9C57", "OSV:GHSA-F9HV-MG5H-XCW9", "OSV:GHSA-FFVQ-7W96-97P7", "OSV:GHSA-FVM3-CFVJ-GXQQ", "OSV:GHSA-FXPH-Q3J8-MV87", "OSV:GHSA-H592-38CM-4GGP", "OSV:GHSA-H8Q5-G2CJ-QR5H", "OSV:GHSA-HPCF-8VF9-Q4GJ", "OSV:GHSA-JCQ3-CPRP-M333", "OSV:GHSA-JMVV-524F-HJ5J", "OSV:GHSA-JX6H-3FJX-CGV5", "OSV:GHSA-M9W8-V359-9FFR", "OSV:GHSA-MX9V-GMH4-MGQW", "OSV:GHSA-P66X-2CV9-QQ3V", "OSV:GHSA-QG25-HGJV-CG9Q", "OSV:GHSA-QR7J-H6GG-JMGC", "OSV:GHSA-QXXX-2PP7-5HMX", "OSV:GHSA-RC2W-R4JQ-7PFX", "OSV:GHSA-RC7H-X6CQ-988Q", "OSV:GHSA-RCPF-VJ53-7H2M", "OSV:GHSA-RFX6-VP9G-RH7V", "OSV:GHSA-RMXG-73GG-4P98", "OSV:GHSA-W3F4-3Q6J-RH82", "OSV:GHSA-W77P-8CFG-2X43", "OSV:GHSA-WR5R-M8PC-85J9", "OSV:GHSA-WR69-G62G-2R9H", "OSV:GHSA-X2W5-5M2G-7H5M", "OSV:GHSA-XJGH-84HX-56C5", "OSV:GHSA-XQJ7-J8J5-F2XR"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:140804", "PACKETSTORM:143369", "PACKETSTORM:144557", "PACKETSTORM:144591", "PACKETSTORM:145645", "PACKETSTORM:147870", "PACKETSTORM:149050", "PACKETSTORM:152571", "PACKETSTORM:152572", "PACKETSTORM:163456"]}, {"type": "paloalto", "idList": ["PAN-SA-2017-0012", "PAN-SA-2018-0001", "PAN-SA-2018-0011", "PAN-SA-2018-0015", "PAN-SA-2019-0039"]}, {"type": "pentestit", "idList": ["PENTESTIT:C47AA6D1808026ACA45B1AD1CF25CA3B"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:1C6EAE3D0C10C1B56BD63325DEB012A1"]}, {"type": "photon", "idList": ["PHSA-2017-0001", "PHSA-2017-0017", "PHSA-2017-0043", "PHSA-2017-0077", "PHSA-2017-0078", "PHSA-2017-0083", "PHSA-2018-0010", "PHSA-2018-0010-A", "PHSA-2018-0011", "PHSA-2018-0015", "PHSA-2018-0020", "PHSA-2018-0031", "PHSA-2018-0058", "PHSA-2018-0066", "PHSA-2018-0070", "PHSA-2018-0078", "PHSA-2018-0084", "PHSA-2018-0088", "PHSA-2018-0091", "PHSA-2018-0097", "PHSA-2018-0098", "PHSA-2018-0107", "PHSA-2018-0111", "PHSA-2018-0113", "PHSA-2018-0122", "PHSA-2018-0149", "PHSA-2018-0156", "PHSA-2018-0159", "PHSA-2018-0175", "PHSA-2018-0180", "PHSA-2018-0182", "PHSA-2018-0199", "PHSA-2018-1.0-0097", "PHSA-2018-1.0-0097-A", "PHSA-2018-1.0-0098", "PHSA-2018-1.0-0111", "PHSA-2018-1.0-0122", "PHSA-2018-1.0-0149", "PHSA-2018-1.0-0156", "PHSA-2018-1.0-0159", "PHSA-2018-1.0-0175", "PHSA-2018-1.0-0180", "PHSA-2018-1.0-0182", "PHSA-2018-1.0-0199", "PHSA-2018-2.0-0020", "PHSA-2018-2.0-0066", "PHSA-2018-2.0-0070", "PHSA-2018-2.0-0078", "PHSA-2018-2.0-0085", "PHSA-2018-2.0-0088", "PHSA-2018-2.0-0091", "PHSA-2018-2.0-0116", "PHSA-2019-0002", "PHSA-2019-0003", "PHSA-2019-0013", "PHSA-2019-0014", "PHSA-2019-0015", "PHSA-2019-0020", "PHSA-2019-0122", "PHSA-2019-0128", "PHSA-2019-0131", "PHSA-2019-0137", "PHSA-2019-0139", "PHSA-2019-0152", "PHSA-2019-0157", "PHSA-2019-0159", "PHSA-2019-0160", "PHSA-2019-0171", "PHSA-2019-0172", "PHSA-2019-0203", "PHSA-2019-0205", "PHSA-2019-0209", "PHSA-2019-0212", "PHSA-2019-0214", "PHSA-2019-0216", "PHSA-2019-0230", "PHSA-2019-0232", "PHSA-2019-0234", "PHSA-2019-0236", "PHSA-2019-0239", "PHSA-2019-1.0-0203", "PHSA-2019-1.0-0205", "PHSA-2019-1.0-0209", "PHSA-2019-1.0-0212", "PHSA-2019-1.0-0214", "PHSA-2019-1.0-0216", "PHSA-2019-1.0-0230", "PHSA-2019-1.0-0234", "PHSA-2019-1.0-0236", "PHSA-2019-1.0-0239", "PHSA-2019-2.0-0131", "PHSA-2019-2.0-0137", "PHSA-2019-2.0-0139", "PHSA-2019-2.0-0152", "PHSA-2019-2.0-0157", "PHSA-2019-2.0-0159", "PHSA-2019-2.0-0160", "PHSA-2019-2.0-0164", "PHSA-2019-2.0-0171", "PHSA-2019-3.0-0002", "PHSA-2019-3.0-0003", "PHSA-2019-3.0-0013", "PHSA-2019-3.0-0014", "PHSA-2019-3.0-0015", "PHSA-2019-3.0-0020", "PHSA-2020-0084", "PHSA-2020-0210", "PHSA-2020-0235", "PHSA-2020-0288", "PHSA-2020-0290", "PHSA-2020-0298", "PHSA-2020-1.0-0290", "PHSA-2020-1.0-0298", "PHSA-2020-2.0-0210", "PHSA-2020-2.0-0235", "PHSA-2020-2.0-0288", "PHSA-2020-3.0-0084", "PHSA-2022-0373"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:02EAB5AF6104A4960F7E3B105CD50FA1", "QUALYSBLOG:3ACE52E54FF5FE3EF1B0FC328181FA66", "QUALYSBLOG:78FF70CE4BB196D19E90B71797AD8A5A", "QUALYSBLOG:832B33D45F45271E91CA6542BC9CFD59", "QUALYSBLOG:BD020D07BF02B0790C62701D997BFD4D", "QUALYSBLOG:C9F2432F760D960CF69CDC55D87263A8", "QUALYSBLOG:D893D4DFB7141FDAD0BE869440074392", "QUALYSBLOG:E761CF659F35F9F5C29FB50D76B98C3E", "QUALYSBLOG:F7C32BA5E6651A8CE3584BB84A88A0C0", "QUALYSBLOG:F8AA5B21D90BCDD30391A24D6FD47892"]}, {"type": "redhat", "idList": ["RHSA-2014:0348", "RHSA-2014:0453", "RHSA-2014:0454", "RHSA-2014:0474", "RHSA-2014:0497", "RHSA-2014:0498", "RHSA-2014:0500", "RHSA-2014:0511", "RHSA-2014:0590", "RHSA-2014:0591", "RHSA-2014:0818", "RHSA-2014:0819", "RHSA-2014:1007", "RHSA-2014:1059", "RHSA-2014:1290", "RHSA-2014:1291", "RHSA-2014:1351", "RHSA-2014:1369", "RHSA-2014:1995", "RHSA-2015:0093", "RHSA-2015:1009", "RHSA-2015:1888", "RHSA-2015:2556", "RHSA-2015:2557", "RHSA-2015:2558", "RHSA-2016:0066", "RHSA-2016:0118", "RHSA-2016:1328", "RHSA-2016:1330", "RHSA-2016:1332", "RHSA-2016:1334", "RHSA-2016:1345", "RHSA-2016:1346", "RHSA-2016:1347", "RHSA-2016:1374", "RHSA-2016:1376", "RHSA-2016:1389", "RHSA-2016:1432", "RHSA-2016:1433", "RHSA-2016:1434", "RHSA-2016:1435", "RHSA-2016:1439", "RHSA-2016:2035", "RHSA-2016:2068", "RHSA-2016:2069", "RHSA-2016:2070", "RHSA-2016:2071", "RHSA-2016:2072", "RHSA-2016:2599", "RHSA-2016:2807", "RHSA-2016:2808", "RHSA-2016:2932", "RHSA-2016:2933", "RHSA-2017:0161", "RHSA-2017:0286", "RHSA-2017:0455", "RHSA-2017:0456", "RHSA-2017:0457", "RHSA-2017:1417", "RHSA-2017:1801", "RHSA-2017:1802", "RHSA-2017:1809", "RHSA-2017:1834", "RHSA-2017:1835", "RHSA-2017:1836", "RHSA-2017:1837", "RHSA-2017:1839", "RHSA-2017:1840", "RHSA-2017:2423", "RHSA-2017:2477", "RHSA-2017:2486", "RHSA-2017:2493", "RHSA-2017:2494", "RHSA-2017:2546", "RHSA-2017:2547", "RHSA-2017:2596", "RHSA-2017:2633", "RHSA-2017:2635", "RHSA-2017:2636", "RHSA-2017:2637", "RHSA-2017:2638", "RHSA-2017:2808", "RHSA-2017:2809", "RHSA-2017:2810", "RHSA-2017:2811", "RHSA-2017:2882", "RHSA-2017:2888", "RHSA-2017:2889", "RHSA-2017:2972", "RHSA-2017:3018", "RHSA-2017:3080", "RHSA-2017:3081", "RHSA-2017:3113", "RHSA-2017:3114", "RHSA-2017:3141", "RHSA-2017:3189", "RHSA-2017:3190", "RHSA-2017:3193", "RHSA-2017:3194", "RHSA-2017:3195", "RHSA-2017:3239", "RHSA-2017:3240", "RHSA-2017:3244", "RHSA-2017:3399", "RHSA-2017:3400", "RHSA-2017:3454", "RHSA-2017:3455", "RHSA-2017:3456", "RHSA-2017:3458", "RHSA-2017:3475", "RHSA-2017:3476", "RHSA-2017:3477", "RHSA-2018:0007", "RHSA-2018:0008", "RHSA-2018:0009", "RHSA-2018:0010", "RHSA-2018:0011", "RHSA-2018:0016", "RHSA-2018:0017", "RHSA-2018:0018", "RHSA-2018:0020", "RHSA-2018:0021", "RHSA-2018:0022", "RHSA-2018:0044", "RHSA-2018:0045", "RHSA-2018:0046", "RHSA-2018:0047", "RHSA-2018:0089", "RHSA-2018:0090", "RHSA-2018:0091", "RHSA-2018:0092", "RHSA-2018:0116", "RHSA-2018:0151", "RHSA-2018:0182", "RHSA-2018:0268", "RHSA-2018:0269", "RHSA-2018:0270", "RHSA-2018:0271", "RHSA-2018:0275", "RHSA-2018:0292", "RHSA-2018:0294", "RHSA-2018:0342", "RHSA-2018:0464", "RHSA-2018:0465", "RHSA-2018:0466", "RHSA-2018:0478", "RHSA-2018:0479", "RHSA-2018:0480", "RHSA-2018:0481", "RHSA-2018:0496", "RHSA-2018:0502", "RHSA-2018:0512", "RHSA-2018:0576", "RHSA-2018:0577", "RHSA-2018:0582", "RHSA-2018:0592", "RHSA-2018:0627", "RHSA-2018:0628", "RHSA-2018:0629", "RHSA-2018:0630", "RHSA-2018:0654", "RHSA-2018:0676", "RHSA-2018:0998", "RHSA-2018:1062", "RHSA-2018:1129", "RHSA-2018:1130", "RHSA-2018:1170", "RHSA-2018:1247", "RHSA-2018:1248", "RHSA-2018:1249", "RHSA-2018:1251", "RHSA-2018:1319", "RHSA-2018:1320", "RHSA-2018:1323", "RHSA-2018:1346", "RHSA-2018:1374", "RHSA-2018:1447", "RHSA-2018:1448", "RHSA-2018:1449", "RHSA-2018:1450", "RHSA-2018:1451", "RHSA-2018:1525", "RHSA-2018:1575", "RHSA-2018:1786", "RHSA-2018:1809", "RHSA-2018:2088", "RHSA-2018:2089", "RHSA-2018:2090", "RHSA-2018:2143", "RHSA-2018:2185", "RHSA-2018:2186", "RHSA-2018:2187", "RHSA-2018:2384", "RHSA-2018:2387", "RHSA-2018:2388", "RHSA-2018:2389", "RHSA-2018:2390", "RHSA-2018:2391", "RHSA-2018:2392", "RHSA-2018:2393", "RHSA-2018:2394", "RHSA-2018:2395", "RHSA-2018:2396", "RHSA-2018:2402", "RHSA-2018:2403", "RHSA-2018:2404", "RHSA-2018:2419", "RHSA-2018:2420", "RHSA-2018:2423", "RHSA-2018:2424", "RHSA-2018:2425", "RHSA-2018:2428", "RHSA-2018:2552", "RHSA-2018:2553", "RHSA-2018:2568", "RHSA-2018:2569", "RHSA-2018:2575", "RHSA-2018:2576", "RHSA-2018:2602", "RHSA-2018:2603", "RHSA-2018:2643", "RHSA-2018:2669", "RHSA-2018:2712", "RHSA-2018:2713", "RHSA-2018:2768", "RHSA-2018:2867", "RHSA-2018:2868", "RHSA-2018:2898", "RHSA-2018:2927", "RHSA-2018:2930", "RHSA-2018:2938", "RHSA-2018:2939", "RHSA-2018:2948", "RHSA-2018:3083", "RHSA-2018:3090", "RHSA-2018:3092", "RHSA-2018:3096", "RHSA-2018:3221", "RHSA-2018:3505", "RHSA-2018:3558", "RHSA-2018:3768", "RHSA-2018:3822", "RHSA-2018:3823", "RHSA-2019:0049", "RHSA-2019:0052", "RHSA-2019:0094", "RHSA-2019:0130", "RHSA-2019:0131", "RHSA-2019:0201", "RHSA-2019:0204", "RHSA-2019:0271", "RHSA-2019:0342", "RHSA-2019:0361", "RHSA-2019:0366", "RHSA-2019:0367", "RHSA-2019:0450", "RHSA-2019:0451", "RHSA-2019:0483", "RHSA-2019:0485", "RHSA-2019:0651", "RHSA-2019:0652", "RHSA-2019:0774", "RHSA-2019:0775", "RHSA-2019:0778", "RHSA-2019:0782", "RHSA-2019:0790", "RHSA-2019:0791", "RHSA-2019:0877", "RHSA-2019:0910", "RHSA-2019:1046", "RHSA-2019:1106", "RHSA-2019:1107", "RHSA-2019:1108", "RHSA-2019:1140", "RHSA-2019:1146", "RHSA-2019:1159", "RHSA-2019:1160", "RHSA-2019:1161", "RHSA-2019:1162", "RHSA-2019:1163", "RHSA-2019:1164", "RHSA-2019:1165", "RHSA-2019:1166", "RHSA-2019:1238", "RHSA-2019:1296", "RHSA-2019:1297", "RHSA-2019:1325", "RHSA-2019:1483", "RHSA-2019:1487", "RHSA-2019:1518", "RHSA-2019:1529", "RHSA-2019:1543", "RHSA-2019:1545", "RHSA-2019:1711", "RHSA-2019:1712", "RHSA-2019:1782", "RHSA-2019:1797", "RHSA-2019:1822", "RHSA-2019:1823", "RHSA-2019:1860", "RHSA-2019:1946", "RHSA-2019:2125", "RHSA-2019:2205", "RHSA-2019:2237", "RHSA-2019:2304", "RHSA-2019:2327", "RHSA-2019:2402", "RHSA-2019:2413", "RHSA-2019:2437", "RHSA-2019:2439", "RHSA-2019:2471", "RHSA-2019:2484", "RHSA-2019:2511", "RHSA-2019:2804", "RHSA-2019:2858", "RHSA-2019:2995", "RHSA-2019:3002", "RHSA-2019:3140", "RHSA-2019:3149", "RHSA-2019:3700", "RHSA-2019:3701", "RHSA-2019:3702", "RHSA-2019:3708", "RHSA-2019:3892", "RHSA-2019:3929", "RHSA-2019:3931", "RHSA-2019:3932", "RHSA-2019:3933", "RHSA-2019:3935", "RHSA-2019:4037", "RHSA-2019:4126", "RHSA-2020:0036", "RHSA-2020:0174", "RHSA-2020:0481", "RHSA-2020:0729", "RHSA-2020:0983", "RHSA-2020:1121", "RHSA-2020:1267", "RHSA-2020:1345", "RHSA-2020:1461", "RHSA-2020:2561", "RHSA-2020:2562", "RHSA-2020:2564", "RHSA-2020:3133", "RHSA-2020:3936", "RHSA-2020:4174", "RHSA-2020:4298", "RHSA-2020:4670", "RHSA-2020:4751", "RHSA-2020:4847", "RHSA-2020:5246", "RHSA-2020:5568", "RHSA-2020:5663", "RHSA-2021:1230", "RHSA-2021:1515", "RHSA-2021:1675", "RHSA-2021:1809", "RHSA-2021:2121", "RHSA-2021:2130", "RHSA-2021:2136", "RHSA-2021:2461", "RHSA-2021:2479", "RHSA-2021:2532", "RHSA-2021:2543", "RHSA-2021:2705", "RHSA-2021:2920", "RHSA-2021:3016", "RHSA-2021:3119", "RHSA-2021:3140", "RHSA-2021:3556"]}, {"type": "redhatcve", "idList": ["RH:CVE-2014-9911", "RH:CVE-2016-1181", "RH:CVE-2016-1182", "RH:CVE-2016-2141", "RH:CVE-2016-6293", "RH:CVE-2016-7055", "RH:CVE-2016-7103", "RH:CVE-2016-7415", "RH:CVE-2016-8735", "RH:CVE-2017-0861", "RH:CVE-2017-1000394", "RH:CVE-2017-12617", "RH:CVE-2017-14952", "RH:CVE-2017-15095", "RH:CVE-2017-15265", "RH:CVE-2017-17484", "RH:CVE-2017-17485", "RH:CVE-2017-3730", "RH:CVE-2017-3733", "RH:CVE-2017-3735", "RH:CVE-2017-3736", "RH:CVE-2017-3738", "RH:CVE-2017-5645", "RH:CVE-2017-5664", "RH:CVE-2017-5715", "RH:CVE-2017-5753", "RH:CVE-2017-5754", "RH:CVE-2017-7525", "RH:CVE-2017-7867", "RH:CVE-2017-7868", "RH:CVE-2017-8105", "RH:CVE-2017-8287", "RH:CVE-2017-9798", "RH:CVE-2018-0495", "RH:CVE-2018-0732", "RH:CVE-2018-0733", "RH:CVE-2018-0734", "RH:CVE-2018-0735", "RH:CVE-2018-0737", "RH:CVE-2018-0739", "RH:CVE-2018-1000004", "RH:CVE-2018-1000180", "RH:CVE-2018-1000613", "RH:CVE-2018-11039", "RH:CVE-2018-11040", "RH:CVE-2018-11218", "RH:CVE-2018-11219", "RH:CVE-2018-11236", "RH:CVE-2018-11237", "RH:CVE-2018-11307", "RH:CVE-2018-11761", "RH:CVE-2018-11763", "RH:CVE-2018-11775", "RH:CVE-2018-11784", "RH:CVE-2018-11796", "RH:CVE-2018-12022", "RH:CVE-2018-12023", "RH:CVE-2018-12384", "RH:CVE-2018-12404", "RH:CVE-2018-12437", "RH:CVE-2018-12539", "RH:CVE-2018-1257", "RH:CVE-2018-1258", "RH:CVE-2018-1304", "RH:CVE-2018-1305", "RH:CVE-2018-14718", "RH:CVE-2018-14719", "RH:CVE-2018-14720", "RH:CVE-2018-14721", "RH:CVE-2018-15756", "RH:CVE-2018-1656", "RH:CVE-2018-16864", "RH:CVE-2018-16865", "RH:CVE-2018-16890", "RH:CVE-2018-17189", "RH:CVE-2018-17199", "RH:CVE-2018-19360", "RH:CVE-2018-19361", "RH:CVE-2018-19362", "RH:CVE-2018-19965", "RH:CVE-2018-20685", "RH:CVE-2018-3123", "RH:CVE-2018-3620", "RH:CVE-2018-3639", "RH:CVE-2018-3646", "RH:CVE-2018-3693", "RH:CVE-2018-5407", "RH:CVE-2018-5968", "RH:CVE-2018-6485", "RH:CVE-2018-7489", "RH:CVE-2018-7566", "RH:CVE-2018-8013", "RH:CVE-2018-8034", "RH:CVE-2018-8088", "RH:CVE-2019-0190", "RH:CVE-2019-10202", "RH:CVE-2019-1559", "RH:CVE-2019-17571", "RH:CVE-2019-25018", "RH:CVE-2019-2566", "RH:CVE-2019-2580", "RH:CVE-2019-2581", "RH:CVE-2019-2584", "RH:CVE-2019-2585", "RH:CVE-2019-2587", "RH:CVE-2019-2589", "RH:CVE-2019-2592", "RH:CVE-2019-2593", "RH:CVE-2019-2596", "RH:CVE-2019-2602", "RH:CVE-2019-2606", "RH:CVE-2019-2607", "RH:CVE-2019-2614", "RH:CVE-2019-2617", "RH:CVE-2019-2620", "RH:CVE-2019-2623", "RH:CVE-2019-2624", "RH:CVE-2019-2625", "RH:CVE-2019-2626", "RH:CVE-2019-2627", "RH:CVE-2019-2628", "RH:CVE-2019-2630", "RH:CVE-2019-2631", "RH:CVE-2019-2632", "RH:CVE-2019-2634", "RH:CVE-2019-2635", "RH:CVE-2019-2636", "RH:CVE-2019-2644", "RH:CVE-2019-2681", "RH:CVE-2019-2683", "RH:CVE-2019-2684", "RH:CVE-2019-2685", "RH:CVE-2019-2686", "RH:CVE-2019-2687", "RH:CVE-2019-2688", "RH:CVE-2019-2689", "RH:CVE-2019-2691", "RH:CVE-2019-2692", "RH:CVE-2019-2693", "RH:CVE-2019-2694", "RH:CVE-2019-2695", "RH:CVE-2019-2697", "RH:CVE-2019-2698", "RH:CVE-2019-2708", "RH:CVE-2019-3772", "RH:CVE-2019-3815", "RH:CVE-2019-3822", "RH:CVE-2019-3823", "RH:CVE-2019-3834", "RH:CVE-2020-13946", "RH:CVE-2020-36254"]}, {"type": "securelist", "idList": ["SECURELIST:7CF4DDEB1B5407DAA24EC25BAA7A9654", "SECURELIST:FC1216FC2096CBEE31E247C19D68BEC5"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30388", "SECURITYVULNS:DOC:30394", "SECURITYVULNS:DOC:30528", "SECURITYVULNS:DOC:30529", "SECURITYVULNS:DOC:30865", "SECURITYVULNS:DOC:30881", "SECURITYVULNS:DOC:31688", "SECURITYVULNS:DOC:31765", "SECURITYVULNS:DOC:32019", "SECURITYVULNS:DOC:32343", "SECURITYVULNS:DOC:32514", "SECURITYVULNS:DOC:32517", "SECURITYVULNS:DOC:32518", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:VULN:13630", "SECURITYVULNS:VULN:13701", "SECURITYVULNS:VULN:13836", "SECURITYVULNS:VULN:13845", "SECURITYVULNS:VULN:13868", "SECURITYVULNS:VULN:14031", "SECURITYVULNS:VULN:14233", "SECURITYVULNS:VULN:14251", "SECURITYVULNS:VULN:14291", "SECURITYVULNS:VULN:14455", "SECURITYVULNS:VULN:14696", "SECURITYVULNS:VULN:14698", "SECURITYVULNS:VULN:14699", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14755"]}, {"type": "seebug", "idList": ["SSV:61951", "SSV:62048", "SSV:90854", "SSV:90860", "SSV:92553", "SSV:92962", "SSV:92965", "SSV:96537", "SSV:96562", "SSV:96624", "SSV:96913", "SSV:97059", "SSV:97076", "SSV:97149"]}, {"type": "slackware", "idList": ["SSA-2017-041-02", "SSA-2017-136-01", "SSA-2017-261-01", "SSA-2017-306-02", "SSA-2017-342-01", "SSA-2018-016-01", "SSA-2018-057-01", "SSA-2018-087-01", "SSA-2018-142-01", "SSA-2018-164-01", "SSA-2018-226-01", "SSA-2018-240-01", "SSA-2018-325-01", "SSA-2018-337-01", "SSA-2019-022-01", "SSA-2019-037-01", "SSA-2019-057-01"]}, {"type": "srcincite", "idList": ["SRC-2019-0033"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0441-1", "OPENSUSE-SU-2016:3129-1", "OPENSUSE-SU-2016:3144-1", "OPENSUSE-SU-2017:2846-1", "OPENSUSE-SU-2017:2868-1", "OPENSUSE-SU-2017:2905-1", "OPENSUSE-SU-2017:3069-1", "OPENSUSE-SU-2017:3345-1", "OPENSUSE-SU-2018:0022-1", "OPENSUSE-SU-2018:0023-1", "OPENSUSE-SU-2018:0326-1", "OPENSUSE-SU-2018:0408-1", "OPENSUSE-SU-2018:0420-1", "OPENSUSE-SU-2018:0458-1", "OPENSUSE-SU-2018:0459-1", "OPENSUSE-SU-2018:0494-1", "OPENSUSE-SU-2018:1057-1", "OPENSUSE-SU-2018:1274-1", "OPENSUSE-SU-2018:1422-1", "OPENSUSE-SU-2018:1600-1", "OPENSUSE-SU-2018:1623-1", "OPENSUSE-SU-2018:1625-1", "OPENSUSE-SU-2018:1633-1", "OPENSUSE-SU-2018:1794-1", "OPENSUSE-SU-2018:1802-1", "OPENSUSE-SU-2018:1906-1", "OPENSUSE-SU-2018:2117-1", "OPENSUSE-SU-2018:2119-1", "OPENSUSE-SU-2018:2122-1", "OPENSUSE-SU-2018:2129-1", "OPENSUSE-SU-2018:2131-1", "OPENSUSE-SU-2018:2159-1", "OPENSUSE-SU-2018:2178-1", "OPENSUSE-SU-2018:2180-1", "OPENSUSE-SU-2018:2208-1", "OPENSUSE-SU-2018:2238-1", "OPENSUSE-SU-2018:2293-1", "OPENSUSE-SU-2018:2399-1", "OPENSUSE-SU-2018:2404-1", "OPENSUSE-SU-2018:2407-1", "OPENSUSE-SU-2018:2434-1", "OPENSUSE-SU-2018:2436-1", "OPENSUSE-SU-2018:2524-1", "OPENSUSE-SU-2018:2667-1", "OPENSUSE-SU-2018:2695-1", "OPENSUSE-SU-2018:2740-1", "OPENSUSE-SU-2018:2816-1", "OPENSUSE-SU-2018:2820-1", "OPENSUSE-SU-2018:2855-1", "OPENSUSE-SU-2018:2957-1", "OPENSUSE-SU-2018:3013-1", "OPENSUSE-SU-2018:3015-1", "OPENSUSE-SU-2018:3054-1", "OPENSUSE-SU-2018:3185-1", "OPENSUSE-SU-2018:3453-1", "OPENSUSE-SU-2018:3713-1", "OPENSUSE-SU-2018:3890-1", "OPENSUSE-SU-2018:3903-1", "OPENSUSE-SU-2018:4042-1", "OPENSUSE-SU-2018:4050-1", "OPENSUSE-SU-2018:4104-1", "OPENSUSE-SU-2018:4117-1", "OPENSUSE-SU-2018:4283-1", "OPENSUSE-SU-2018:4304-1", "OPENSUSE-SU-2019:0084-1", "OPENSUSE-SU-2019:0088-1", "OPENSUSE-SU-2019:0091-1", "OPENSUSE-SU-2019:0093-1", "OPENSUSE-SU-2019:0097-1", "OPENSUSE-SU-2019:0098-1", "OPENSUSE-SU-2019:0138-1", "OPENSUSE-SU-2019:0152-1", "OPENSUSE-SU-2019:0173-1", "OPENSUSE-SU-2019:0174-1", "OPENSUSE-SU-2019:0183-1", "OPENSUSE-SU-2019:0234-1", "OPENSUSE-SU-2019:0296-1", "OPENSUSE-SU-2019:0305-1", "OPENSUSE-SU-2019:1076-1", "OPENSUSE-SU-2019:1105-1", "OPENSUSE-SU-2019:1173-1", "OPENSUSE-SU-2019:1175-1", "OPENSUSE-SU-2019:1327-1", "OPENSUSE-SU-2019:1399-1", "OPENSUSE-SU-2019:1432-1", "OPENSUSE-SU-2019:1438-1", "OPENSUSE-SU-2019:1439-1", "OPENSUSE-SU-2019:1500-1", "OPENSUSE-SU-2019:1547-1", "OPENSUSE-SU-2019:1637-1", "OPENSUSE-SU-2019:1758-1", "OPENSUSE-SU-2019:1814-1", "OPENSUSE-SU-2019:1913-1", "OPENSUSE-SU-2019:1915-1", "OPENSUSE-SU-2020:0395-1", "OPENSUSE-SU-2020:0607-1", "OPENSUSE-SU-2021:1212-1", "OPENSUSE-SU-2021:2861-1", "SUSE-SU-2014:0870-1", "SUSE-SU-2014:0902-1", "SUSE-SU-2016:3079-1", "SUSE-SU-2016:3081-1", "SUSE-SU-2017:1632-1", "SUSE-SU-2017:1660-1", "SUSE-SU-2017:2700-1", "SUSE-SU-2017:2701-1", "SUSE-SU-2017:2847-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2017:2968-1", "SUSE-SU-2017:2981-1", "SUSE-SU-2017:3039-1", "SUSE-SU-2017:3059-1", "SUSE-SU-2017:3165-1", "SUSE-SU-2017:3265-1", "SUSE-SU-2017:3267-1", "SUSE-SU-2017:3279-1", "SUSE-SU-2017:3343-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0010-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0012-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0069-1", "SUSE-SU-2018:0112-1", "SUSE-SU-2018:0113-1", "SUSE-SU-2018:0114-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0131-1", "SUSE-SU-2018:0171-1", "SUSE-SU-2018:0180-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0219-1", "SUSE-SU-2018:0383-1", "SUSE-SU-2018:0414-1", "SUSE-SU-2018:0416-1", "SUSE-SU-2018:0437-1", "SUSE-SU-2018:0438-1", "SUSE-SU-2018:0451-1", "SUSE-SU-2018:0472-1", "SUSE-SU-2018:0482-1", "SUSE-SU-2018:0525-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0565-1", "SUSE-SU-2018:0601-1", "SUSE-SU-2018:0609-1", "SUSE-SU-2018:0638-1", "SUSE-SU-2018:0660-1", "SUSE-SU-2018:0678-1", "SUSE-SU-2018:0834-1", "SUSE-SU-2018:0841-1", "SUSE-SU-2018:0848-1", "SUSE-SU-2018:0902-1", "SUSE-SU-2018:0905-1", "SUSE-SU-2018:0906-1", "SUSE-SU-2018:0909-1", "SUSE-SU-2018:0975-1", "SUSE-SU-2018:0986-1", "SUSE-SU-2018:0988-1", "SUSE-SU-2018:0989-1", "SUSE-SU-2018:0990-1", "SUSE-SU-2018:0991-1", "SUSE-SU-2018:0992-1", "SUSE-SU-2018:0993-1", "SUSE-SU-2018:0994-1", "SUSE-SU-2018:0995-1", "SUSE-SU-2018:0996-1", "SUSE-SU-2018:0997-1", "SUSE-SU-2018:0998-1", "SUSE-SU-2018:0999-1", "SUSE-SU-2018:1000-1", "SUSE-SU-2018:1001-1", "SUSE-SU-2018:1002-1", "SUSE-SU-2018:1003-1", "SUSE-SU-2018:1004-1", "SUSE-SU-2018:1005-1", "SUSE-SU-2018:1006-1", "SUSE-SU-2018:1007-1", "SUSE-SU-2018:1008-1", "SUSE-SU-2018:1009-1", "SUSE-SU-2018:1010-1", "SUSE-SU-2018:1011-1", "SUSE-SU-2018:1012-1", "SUSE-SU-2018:1013-1", "SUSE-SU-2018:1014-1", "SUSE-SU-2018:1015-1", "SUSE-SU-2018:1016-1", "SUSE-SU-2018:1018-1", "SUSE-SU-2018:1019-1", "SUSE-SU-2018:1020-1", "SUSE-SU-2018:1021-1", "SUSE-SU-2018:1022-1", "SUSE-SU-2018:1023-1", "SUSE-SU-2018:1024-1", "SUSE-SU-2018:1025-1", "SUSE-SU-2018:1026-1", "SUSE-SU-2018:1027-1", "SUSE-SU-2018:1028-1", "SUSE-SU-2018:1029-1", "SUSE-SU-2018:1030-1", "SUSE-SU-2018:1031-1", "SUSE-SU-2018:1032-1", "SUSE-SU-2018:1033-1", "SUSE-SU-2018:1034-1", "SUSE-SU-2018:1035-1", "SUSE-SU-2018:1080-1", "SUSE-SU-2018:1172-1", "SUSE-SU-2018:1177-1", "SUSE-SU-2018:1181-1", "SUSE-SU-2018:1184-1", "SUSE-SU-2018:1202-1", "SUSE-SU-2018:1203-1", "SUSE-SU-2018:1216-1", "SUSE-SU-2018:1220-1", "SUSE-SU-2018:1221-1", "SUSE-SU-2018:1222-1", "SUSE-SU-2018:1224-1", "SUSE-SU-2018:1226-1", "SUSE-SU-2018:1227-1", "SUSE-SU-2018:1228-1", "SUSE-SU-2018:1229-1", "SUSE-SU-2018:1230-1", "SUSE-SU-2018:1231-1", "SUSE-SU-2018:1232-1", "SUSE-SU-2018:1233-1", "SUSE-SU-2018:1234-1", "SUSE-SU-2018:1235-1", "SUSE-SU-2018:1236-1", "SUSE-SU-2018:1237-1", "SUSE-SU-2018:1240-1", "SUSE-SU-2018:1241-1", "SUSE-SU-2018:1242-1", "SUSE-SU-2018:1243-1", "SUSE-SU-2018:1244-1", "SUSE-SU-2018:1245-1", "SUSE-SU-2018:1247-1", "SUSE-SU-2018:1248-1", "SUSE-SU-2018:1250-1", "SUSE-SU-2018:1251-1", "SUSE-SU-2018:1252-1", "SUSE-SU-2018:1253-1", "SUSE-SU-2018:1254-1", "SUSE-SU-2018:1255-1", "SUSE-SU-2018:1256-1", "SUSE-SU-2018:1257-1", "SUSE-SU-2018:1259-1", "SUSE-SU-2018:1260-1", "SUSE-SU-2018:1261-1", "SUSE-SU-2018:1262-1", "SUSE-SU-2018:1263-1", "SUSE-SU-2018:1264-1", "SUSE-SU-2018:1266-1", "SUSE-SU-2018:1267-1", "SUSE-SU-2018:1268-1", "SUSE-SU-2018:1269-1", "SUSE-SU-2018:1270-1", "SUSE-SU-2018:1272-1", "SUSE-SU-2018:1273-1"]}, {"type": "symantec", "idList": ["SMNTC-102371", "SMNTC-102378", "SMNTC-104222", "SMNTC-104442", "SMNTC-104553", "SMNTC-105524", "SMNTC-105647", "SMNTC-105703", "SMNTC-105758", "SMNTC-107174", "SMNTC-107260", "SMNTC-107985", "SMNTC-1344", "SMNTC-1387", "SMNTC-1395", "SMNTC-1419", "SMNTC-1423", "SMNTC-1426", "SMNTC-1428", "SMNTC-1443", "SMNTC-1457", "SMNTC-1462", "SMNTC-1463", "SMNTC-1490", "SMNTC-16056", "SMNTC-1756", "SMNTC-1765", "SMNTC-91068", "SMNTC-93604", "SMNTC-97702"]}, {"type": "talosblog", "idList": ["TALOSBLOG:6AF8BBB020A686E442B50095CA9B7A36", "TALOSBLOG:A09C50A444F2D7D6A5D4552C85316387"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:37F5AF86E0886FC0FBDCCE15A1236586"]}, {"type": "tenable", "idList": ["TENABLE:06E92CDD3238BF04334DF71161431249", "TENABLE:1B5802D1F3C4D2BAAD7D49F212C928A2", "TENABLE:4E674CF4B21E94DA45B8AAFFBB339230", "TENABLE:50BE3CD37FC3509DDA43C11702778C75", "TENABLE:9F24FEB7FE0181ECA052DBF157184E58", "TENABLE:9FBA7B0389DAB57A3AE18DB805AD608C", "TENABLE:BCE3A24CD7E9D406351C554BBB9543AC", "TENABLE:FF52F52E6157E81F57A22D9356B954AC"]}, {"type": "thn", "idList": ["THN:2B2B2CD54A42E2C054F98F11FD06C341", "THN:445A5A09D3930F981A45FE5AFA1E4CEC", "THN:58CFE19533148E77597FE0AC59963145", "THN:68B5B8B7434409E6670CCBAC8FDD8ABE", "THN:71C19B8F2C6EDB0AFDA5AA0280A20C00", "THN:788E9312DDA39D9A09855DF379A0FD4D", "THN:7C0B13C9EA246ED9067BDC332C6923AE", "THN:82BC3700070E6531BDA9B4A8023496B6", "THN:96A25F981DD18505C101D0FC9DAA7B30", "THN:C4C9BC61AD42FB9F46B30ECA56F71393", "THN:D761F7EF41472ED13C52BD3AF1E1F9BA", "THN:ED6AA651CF0924A51404298103765C4C", "THN:EF08CCF54E69481550D84949A563BAD5", "THN:EF99982C6EC60931564882E926297F08", "THN:F5E741B6FBD3119CFC1C7A961EA4C0F8"]}, {"type": "threatpost", "idList": ["THREATPOST:07D5CDF62B74AB909C2F522C97F98BDF", "THREATPOST:0F9EDE9A622A021B9B79C50214D7E8AD", "THREATPOST:21C84911FABE072264B0D4CA5BD42C30", "THREATPOST:29E9D758B35B8637E8E0EC474D362D43", "THREATPOST:31234A4925170238A90EE40343968C48", "THREATPOST:64E246274522028BEF14F81247C372F0", "THREATPOST:6C364316788D445329E5596C5108A157", "THREATPOST:71CFE98EE69CB32A2F1F115FCB3ACF21", "THREATPOST:7458AE86ECA810D873D5D35916A93D9F", "THREATPOST:961233DDAF80602C2DDEC2B819294F05", "THREATPOST:A45826A8CDA7058392C4901D6AAD15F1", "THREATPOST:A74A22908297215133751D9214F30506", "THREATPOST:C8DA8A39B0B2F8129283330AD5901020", "THREATPOST:CE89F855271AB3AE3CE8B5B0C141CDC2", "THREATPOST:CF8A831748EC23AA2B67F64081A55155", "THREATPOST:DB0542CFA474B0D9C91032709EDE296D", "THREATPOST:E454192F36C2E44BAE14AB9B62BE28DB", "THREATPOST:E64CAEDE2A084CD5957FD00ADB336D68"]}, {"type": "tomcat", "idList": ["TOMCAT:0771E17F0F0733FEFCB0AD32B094C50F", "TOMCAT:0DBA25EA40A6FEBF5FD9039D7F60718E", "TOMCAT:15BD868F3B05972CB1A45C65508CE8A7", "TOMCAT:19DF5AAB3C67D0C43C1BB8ACA9B2D28A", "TOMCAT:1CE79F1FB24CB690F26B87530FB0DBF3", "TOMCAT:1F39B90C2307C93F80215822B99CB2B5", "TOMCAT:2680AEFDC6753CA8A86BDC720F332BF2", "TOMCAT:316BBFD36680C310723B450E67676491", "TOMCAT:3433D97DD68E3E4EE81DAC140FD2AF8F", "TOMCAT:36AC55F275AD6FE594625DBE3DFC1A1C", "TOMCAT:3CBB1DB49A12E6DB3A2FE5BA90985A75", "TOMCAT:42C9BA0FF681A3FD510F250A50526E04", "TOMCAT:482CC3622D11CD28A648C34241C398E1", "TOMCAT:5322371A63B432FEA04126BDF7D1223B", "TOMCAT:604E2DE63F4E10D22151D29C4D2E7487", "TOMCAT:654D0D4A297658A706D3D4BD62291072", "TOMCAT:7E8B1837DB1B24489FB7CEAE24C18E30", "TOMCAT:7FF5C8CC86A7AF5DA33F4B5874774B9B", "TOMCAT:931DBF289AE195F05D621D20FBD78D3C", "TOMCAT:9E43DA1677EA0537439D1A6D19A16EC5", "TOMCAT:A5665B06E2A7BA0C22D9289FA9D00D16", "TOMCAT:A7D3DCFDE9F8C13D1A85F195595ACE5C", "TOMCAT:B8F5059D8B59B7ED231B7109C5F8A6D8", "TOMCAT:D72CBF1EC8D17C51BF9944C1A031DFF0", "TOMCAT:DCB8C0E7C96DD2367CF48625F7A47EDF", "TOMCAT:E06724CCDE7336B7E4636921340F1155", "TOMCAT:E0D7CC4566625A34425D5CE3D847746F", "TOMCAT:EB85C74A2FFEC0BC4964D6CF659D2F1D", "TOMCAT:F551C8E09F0122E8322CF8CB981AC710", "TOMCAT:F732146DF28A05A3F4B1EFE76B3CC81C"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:6A0454A8A4891A1004496709868EC034", "TRENDMICROBLOG:A5BD476BF79F7E3854840596F916518C"]}, {"type": "ubuntu", "idList": ["USN-2218-1", "USN-2476-1", "USN-2522-1", "USN-2522-2", "USN-2522-3", "USN-2605-1", "USN-3024-1", "USN-3027-1", "USN-3177-1", "USN-3177-2", "USN-3181-1", "USN-3227-1", "USN-3274-1", "USN-3274-2", "USN-3282-1", "USN-3282-2", "USN-3425-1", "USN-3425-2", "USN-3458-1", "USN-3458-2", "USN-3475-1", "USN-3485-1", "USN-3485-2", "USN-3485-3", "USN-3487-1", "USN-3512-1", "USN-3516-1", "USN-3519-1", "USN-3521-1", "USN-3522-1", "USN-3522-2", "USN-3522-3", "USN-3522-4", "USN-3523-1", "USN-3523-2", "USN-3524-1", "USN-3524-2", "USN-3525-1", "USN-3530-1", "USN-3540-1", "USN-3540-2", "USN-3541-1", "USN-3541-2", "USN-3542-1", "USN-3542-2", "USN-3549-1", "USN-3580-1", "USN-3583-1", "USN-3583-2", "USN-3597-1", "USN-3597-2", "USN-3611-1", "USN-3611-2", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3628-1", "USN-3628-2", "USN-3631-1", "USN-3631-2", "USN-3632-1", "USN-3661-1", "USN-3665-1", "USN-3689-1", "USN-3689-2", "USN-3692-1", "USN-3692-2", "USN-3698-1", "USN-3698-2", "USN-3723-1", "USN-3740-1", "USN-3740-2", "USN-3741-1", "USN-3741-2", "USN-3741-3", "USN-3742-1", "USN-3742-2", "USN-3742-3", "USN-3756-1", "USN-3783-1", "USN-3787-1", "USN-3798-1", "USN-3798-2", "USN-3823-1", "USN-3840-1", "USN-3850-1", "USN-3850-2", "USN-3855-1", "USN-3882-1", "USN-3885-1", "USN-3899-1", "USN-3937-1", "USN-3957-1", "USN-3957-2", "USN-3957-3", "USN-3975-1", "USN-4070-3", "USN-4218-1", "USN-4376-2", "USN-4416-1", "USN-4557-1", "USN-4741-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-0107", "UB:CVE-2014-0114", "UB:CVE-2014-7923", "UB:CVE-2014-7926", "UB:CVE-2014-7940", "UB:CVE-2014-8146", "UB:CVE-2014-8147", "UB:CVE-2014-9654", "UB:CVE-2014-9911", "UB:CVE-2014-9912", "UB:CVE-2015-1832", "UB:CVE-2015-3253", "UB:CVE-2015-5377", "UB:CVE-2015-5922", "UB:CVE-2015-9251", "UB:CVE-2016-1000031", "UB:CVE-2016-1181", "UB:CVE-2016-1182", "UB:CVE-2016-2141", "UB:CVE-2016-3092", "UB:CVE-2016-4000", "UB:CVE-2016-6293", "UB:CVE-2016-7055", "UB:CVE-2016-7103", "UB:CVE-2016-7415", "UB:CVE-2016-8735", "UB:CVE-2017-0861", "UB:CVE-2017-12616", "UB:CVE-2017-12617", "UB:CVE-2017-14952", "UB:CVE-2017-15095", "UB:CVE-2017-15265", "UB:CVE-2017-17484", "UB:CVE-2017-17485", "UB:CVE-2017-3730", "UB:CVE-2017-3731", "UB:CVE-2017-3732", "UB:CVE-2017-3733", "UB:CVE-2017-3735", "UB:CVE-2017-3736", "UB:CVE-2017-3738", "UB:CVE-2017-5533", "UB:CVE-2017-5645", "UB:CVE-2017-5664", "UB:CVE-2017-5753", "UB:CVE-2017-5754", "UB:CVE-2017-7525", "UB:CVE-2017-7867", "UB:CVE-2017-7868", "UB:CVE-2017-8105", "UB:CVE-2017-8287", "UB:CVE-2017-9798", "UB:CVE-2018-0495", "UB:CVE-2018-0732", "UB:CVE-2018-0733", "UB:CVE-2018-0734", "UB:CVE-2018-0735", "UB:CVE-2018-0737", "UB:CVE-2018-0739", "UB:CVE-2018-1000004", "UB:CVE-2018-1000180", "UB:CVE-2018-1000613", "UB:CVE-2018-10471", "UB:CVE-2018-10901", "UB:CVE-2018-11039", "UB:CVE-2018-11040", "UB:CVE-2018-11218", "UB:CVE-2018-11219", "UB:CVE-2018-11236", "UB:CVE-2018-11237", "UB:CVE-2018-11307", "UB:CVE-2018-11761", "UB:CVE-2018-11763", "UB:CVE-2018-11775", "UB:CVE-2018-11784", "UB:CVE-2018-11796", "UB:CVE-2018-12022", "UB:CVE-2018-12023", "UB:CVE-2018-12384", "UB:CVE-2018-12404", "UB:CVE-2018-1257", "UB:CVE-2018-1258", "UB:CVE-2018-1304", "UB:CVE-2018-1305", "UB:CVE-2018-14718", "UB:CVE-2018-14719", "UB:CVE-2018-14720", "UB:CVE-2018-14721", "UB:CVE-2018-15756", "UB:CVE-2018-1656", "UB:CVE-2018-16864", "UB:CVE-2018-16865", "UB:CVE-2018-16890", "UB:CVE-2018-17189", "UB:CVE-2018-17199", "UB:CVE-2018-19360", "UB:CVE-2018-19361", "UB:CVE-2018-19362", "UB:CVE-2018-19965", "UB:CVE-2018-20685", "UB:CVE-2018-3123", "UB:CVE-2018-3620", "UB:CVE-2018-3646", "UB:CVE-2018-3693", "UB:CVE-2018-5407", "UB:CVE-2018-5968", "UB:CVE-2018-6485", "UB:CVE-2018-7489", "UB:CVE-2018-7566", "UB:CVE-2018-8013", "UB:CVE-2018-8034", "UB:CVE-2018-8088", "UB:CVE-2019-0190", "UB:CVE-2019-1559", "UB:CVE-2019-25018", "UB:CVE-2019-2566", "UB:CVE-2019-2574", "UB:CVE-2019-2580", "UB:CVE-2019-2581", "UB:CVE-2019-2584", "UB:CVE-2019-2585", "UB:CVE-2019-2587", "UB:CVE-2019-2589", "UB:CVE-2019-2592", "UB:CVE-2019-2593", "UB:CVE-2019-2596", "UB:CVE-2019-2602", "UB:CVE-2019-2606", "UB:CVE-2019-2607", "UB:CVE-2019-2614", "UB:CVE-2019-2617", "UB:CVE-2019-2620", "UB:CVE-2019-2623", "UB:CVE-2019-2624", "UB:CVE-2019-2625", "UB:CVE-2019-2626", "UB:CVE-2019-2627", "UB:CVE-2019-2628", "UB:CVE-2019-2630", "UB:CVE-2019-2631", "UB:CVE-2019-2632", "UB:CVE-2019-2634", "UB:CVE-2019-2635", "UB:CVE-2019-2636", "UB:CVE-2019-2644", "UB:CVE-2019-2656", "UB:CVE-2019-2657", "UB:CVE-2019-2678", "UB:CVE-2019-2679", "UB:CVE-2019-2680", "UB:CVE-2019-2681", "UB:CVE-2019-2683", "UB:CVE-2019-2684", "UB:CVE-2019-2685", "UB:CVE-2019-2686", "UB:CVE-2019-2687", "UB:CVE-2019-2688", "UB:CVE-2019-2689", "UB:CVE-2019-2690", "UB:CVE-2019-2691", "UB:CVE-2019-2692", "UB:CVE-2019-2693", "UB:CVE-2019-2694", "UB:CVE-2019-2695", "UB:CVE-2019-2696", "UB:CVE-2019-2697", "UB:CVE-2019-2698", "UB:CVE-2019-2699", "UB:CVE-2019-2703", "UB:CVE-2019-2721", "UB:CVE-2019-2722", "UB:CVE-2019-2723", "UB:CVE-2019-3815", "UB:CVE-2019-3822", "UB:CVE-2019-3823", "UB:CVE-2019-7282", "UB:CVE-2020-36254"]}, {"type": "veracode", "idList": ["VERACODE:19909", "VERACODE:20211", "VERACODE:20214", "VERACODE:21082", "VERACODE:21086", "VERACODE:21087", "VERACODE:21231", "VERACODE:21232", "VERACODE:21233", "VERACODE:21234", "VERACODE:21235", "VERACODE:21236", "VERACODE:21237", "VERACODE:21238", "VERACODE:21239", "VERACODE:21240", "VERACODE:21241", "VERACODE:21242", "VERACODE:21243", "VERACODE:21244", "VERACODE:21245", "VERACODE:21246", "VERACODE:21247", "VERACODE:21248", "VERACODE:21249", "VERACODE:21250", "VERACODE:21251", "VERACODE:21252", "VERACODE:21253", "VERACODE:21254", "VERACODE:21255", "VERACODE:21256", "VERACODE:21257", "VERACODE:21258", "VERACODE:21259", "VERACODE:21260", "VERACODE:21261", "VERACODE:21262", "VERACODE:21263", "VERACODE:21264", "VERACODE:21265", "VERACODE:21836", "VERACODE:21997", "VERACODE:21998", "VERACODE:25325", "VERACODE:26979", "VERACODE:30597"]}, {"type": "virtuozzo", "idList": ["VZA-2017-106", "VZA-2017-107", "VZA-2018-001", "VZA-2018-002", "VZA-2018-003", "VZA-2018-006", "VZA-2018-028", "VZA-2018-029", "VZA-2018-054", "VZA-2018-055", "VZA-2018-063"]}, {"type": "vmware", "idList": ["VMSA-2014-0008", "VMSA-2014-0008.2", "VMSA-2018-0002", "VMSA-2018-0002.3", "VMSA-2018-0007", "VMSA-2018-0007.6", "VMSA-2018-0020", "VMSA-2018-0021", "VMSA-2018-0021.2"]}, {"type": "xen", "idList": ["XSA-254", "XSA-273", "XSA-279", "XSA-289"]}, {"type": "zdi", "idList": ["ZDI-15-365", "ZDI-16-570", "ZDI-18-1369", "ZDI-19-376", "ZDI-19-377", "ZDI-19-378", "ZDI-19-379", "ZDI-19-380", "ZDI-19-381", "ZDI-19-382", "ZDI-19-383", "ZDI-19-384", "ZDI-19-385", "ZDI-19-386", "ZDI-19-387", "ZDI-19-388", "ZDI-19-389", "ZDI-19-390", "ZDI-19-391", "ZDI-19-392", "ZDI-19-393", "ZDI-19-394", "ZDI-19-395", "ZDI-19-396", "ZDI-19-397", "ZDI-19-398", "ZDI-19-423", "ZDI-19-424", "ZDI-19-425"]}, {"type": "zdt", "idList": ["1337DAY-ID-23895", "1337DAY-ID-23928", "1337DAY-ID-26827", "1337DAY-ID-27400", "1337DAY-ID-28573", "1337DAY-ID-28759", "1337DAY-ID-28780", "1337DAY-ID-29102", "1337DAY-ID-29366", "1337DAY-ID-30437", "1337DAY-ID-31532", "1337DAY-ID-31916", "1337DAY-ID-32561", "1337DAY-ID-32562", "1337DAY-ID-32572", "1337DAY-ID-32573", "1337DAY-ID-32588", "1337DAY-ID-36545"]}]}, "score": {"value": 2.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY23.ASC", "OPENSSL_ADVISORY24.ASC", "OPENSSL_ADVISORY26.ASC", "OPENSSL_ADVISORY27.ASC", "SPECTRE_MELTDOWN_ADVISORY.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4670", "ALSA-2020:4751", "ALSA-2021:1675", "ALSA-2021:1809"]}, {"type": "amazon", "idList": ["ALAS-2016-776", "ALAS-2016-777", "ALAS-2016-778", "ALAS-2017-853", "ALAS-2017-854", "ALAS-2017-862", "ALAS-2017-873", "ALAS-2017-896", "ALAS-2017-913", "ALAS-2018-1000", "ALAS-2018-1023", "ALAS-2018-1038", "ALAS-2018-1055", "ALAS-2018-1056", "ALAS-2018-1058", "ALAS-2018-1065", "ALAS-2018-1069", "ALAS-2018-1070", "ALAS-2018-939", "ALAS-2018-972", "ALAS-2018-973", "ALAS-2019-1266", "ALAS-2019-1313", "ALAS2-2018-1038", "ALAS2-2018-1048", "ALAS2-2018-1058", "ALAS2-2018-1095", "ALAS2-2018-1102", "ALAS2-2018-1104", "ALAS2-2018-1131", "ALAS2-2018-939", "ALAS2-2018-992", "ALAS2-2018-994", "ALAS2-2018-999", "ALAS2-2019-1141", "ALAS2-2019-1153", "ALAS2-2019-1155", "ALAS2-2019-1160", "ALAS2-2019-1162", "ALAS2-2019-1188", "ALAS2-2019-1192", "ALAS2-2019-1197", "ALAS2-2019-1209", "ALAS2-2019-1216", "ALAS2-2019-1228", "ALAS2-2019-1269", "ALAS2-2019-1292", "ALAS2-2019-1305", "ALAS2-2019-1362", "ALAS2-2020-1402", "ALAS2-2020-1519"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-02-01", "ANDROID:2018-05-01", "ANDROID:2018-09-01", "ANDROID:2018-12-01"]}, {"type": "apple", "idList": ["APPLE:121C0C2C932F899F870D9D5665610ED0", "APPLE:395E729CF93F555C415D358DB1C43E9A", "APPLE:3CD8680715FC8DF4A758CC6012471868", "APPLE:4F36084A54A87DEB1241F91D2A3B37FF", "APPLE:554AF3533422B9797D4FBD02BF3EC816", "APPLE:A906ED60E2875C343BE4CB7524339858", "APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:F6306C158D7B30BA0A0EDD411C414BFE", "APPLE:HT208325", "APPLE:HT208327", "APPLE:HT208331", "APPLE:HT208334", "APPLE:HT208397", "APPLE:HT208401", "APPLE:HT208403", "APPLE:HT208465", "APPLE:HT209193"]}, {"type": "archlinux", "idList": ["ASA-201705-10", "ASA-201705-7", "ASA-201706-6", "ASA-201706-7", "ASA-201709-15", "ASA-201711-14", "ASA-201711-15", "ASA-201711-25", "ASA-201711-26", "ASA-201712-9", "ASA-201801-1", "ASA-201801-4", "ASA-201801-6", "ASA-201806-10", "ASA-201812-5", "ASA-201812-6", "ASA-201812-7", "ASA-201812-8", "ASA-201901-14", "ASA-201901-9", "ASA-201902-10", "ASA-201902-11", "ASA-201902-12", "ASA-201902-13", "ASA-201902-9", "ASA-201903-2", "ASA-201903-6", "ASA-201904-11", "ASA-201910-4", "ASA-201910-5"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102"]}, {"type": "attackerkb", "idList": ["AKB:1E11C24B-3FB2-4A58-8627-45A7C62A9221", "AKB:D0F5AA2A-4D99-41A6-9F83-6D0EA1AD01FC", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D"]}, {"type": "canvas", "idList": ["SPECTRE_FILE_LEAK"]}, {"type": "centos", "idList": ["CESA-2017:1809", "CESA-2017:2423", "CESA-2017:2882", "CESA-2017:2972", "CESA-2017:3080", "CESA-2017:3081", "CESA-2018:0007", "CESA-2018:0008", "CESA-2018:0592", "CESA-2018:1319", "CESA-2018:2768", "CESA-2018:2898", "CESA-2019:2125", "CESA-2019:2205", "CESA-2019:2237", "CESA-2019:2304", "CESA-2019:2327", "CESA-2019:2471"]}, {"type": "cert", "idList": ["VU:180049", "VU:584653"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-1535", "CPAI-2016-0968", "CPAI-2017-0151", "CPAI-2017-0153", "CPAI-2017-0237", "CPAI-2017-0740", "CPAI-2017-0774", "CPAI-2017-0779", "CPAI-2017-0827", "CPAI-2017-0896", "CPAI-2018-0011", "CPAI-2018-1596", "CPAI-2019-0227", "CPAI-2019-0250", "CPAI-2019-0268", "CPAI-2019-0542", "CPAI-2019-0568", "CPAI-2019-0654", "CPAI-2019-0707", "CPAI-2019-1539", "CPAI-2019-1664", "CPAI-2019-1690"]}, {"type": "chrome", "idList": ["GCSA-6237449581809535742"]}, {"type": "cisa", "idList": ["CISA:1F248E306735F9135C48F3F3143C4B37", "CISA:6A3DB540F84D34B9BB99751624D91DB9"]}, {"type": "cisco", "idList": ["CISCO-SA-20170130-OPENSSL", "CISCO-SA-20180104-CPUSIDECHANNEL", "CISCO-SA-20180328-SNMP"]}, {"type": "citrix", "idList": ["CTX231390", "CTX234679", "CTX236548"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:07A2C5122ECAB467878EC7E35D5937B4", "CFOUNDRY:08639CF3E8D6C946D02AFEE0F4B5B0A0", "CFOUNDRY:6F9C2520DC97ECE6CB22CC0C19CA28F6", "CFOUNDRY:78350CC978808A6C42CDCB2451BF30F4", "CFOUNDRY:810699BEEA68631AFB0FAD545BB90F4B", "CFOUNDRY:86B5C35F8F0E334D1CCCDAF1214EDFEF", "CFOUNDRY:8730FEC9F4689F70DBBC5917AC5BF0C6", "CFOUNDRY:894C76C0EB39D03A818F5E3BFAA0E55A", "CFOUNDRY:9243E8457D02CBA7A3505CB1E0E03739", "CFOUNDRY:B1BFB1BD3BA9A90D6CA66F05AB2DCBAE", "CFOUNDRY:BDB6F8275A06CC11A9EB2C43CBB82E42", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC", "CFOUNDRY:E749339FD9B63A051442EBE55FFF8802"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632262317"]}, {"type": "cve", "idList": ["CVE-2014-0107", "CVE-2014-0114", "CVE-2014-9654", "CVE-2014-9911", "CVE-2015-5922", "CVE-2015-9251", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2141", "CVE-2016-3092", "CVE-2016-7103", "CVE-2016-7415", "CVE-2017-12617", "CVE-2017-14952", "CVE-2017-15265", "CVE-2017-3730", "CVE-2017-3731", "CVE-2017-3733", "CVE-2017-3735", "CVE-2017-5645", "CVE-2017-5664", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-7525", "CVE-2017-7867", "CVE-2017-7868", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9798", "CVE-2018-0161", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000004", "CVE-2018-1000613", "CVE-2018-11218", "CVE-2018-11219", "CVE-2018-11236", "CVE-2018-11237", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-3693", "CVE-2018-6485", "CVE-2018-7489", "CVE-2018-8013"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1102-1:7F277", "DEBIAN:DLA-1157-1:16CF2", "DEBIAN:DLA-1166-1:E77EB", "DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-1232-1:15F37", "DEBIAN:DLA-1301-1:149F1", "DEBIAN:DLA-1330-1:A6756", "DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1385-1:07519", "DEBIAN:DLA-1396-1:3B04A", "DEBIAN:DLA-1400-1:35C3A", "DEBIAN:DLA-1405-1:4C0C5", "DEBIAN:DLA-1422-1:EBC6F", "DEBIAN:DLA-1422-2:DC70E", "DEBIAN:DLA-1423-1:B239D", "DEBIAN:DLA-1449-1:EF247", "DEBIAN:DLA-1450-1:A5949", "DEBIAN:DLA-1453-1:5FFE9", "DEBIAN:DLA-1481-1:EB6C9", "DEBIAN:DLA-1491-1:FF012", "DEBIAN:DLA-1506-1:B3A8C", "DEBIAN:DLA-1544-1:3B057", "DEBIAN:DLA-1545-1:8712A", "DEBIAN:DLA-2583-1:724F6", "DEBIAN:DLA-2635-1:94A97", "DEBIAN:DLA-918-1:723AC", "DEBIAN:DLA-931-1:6BABA", "DEBIAN:DLA-947-1:D63D3", "DEBIAN:DLA-989-1:3AA87", "DEBIAN:DLA-996-1:D223D", "DEBIAN:DSA-2886-1:64DF1", "DEBIAN:DSA-3187-1:97BB3", "DEBIAN:DSA-3611-1:F53EF", "DEBIAN:DSA-3614-1:AC7F6", "DEBIAN:DSA-3738-1:66970", "DEBIAN:DSA-3739-1:06429", "DEBIAN:DSA-3830-1:43011", "DEBIAN:DSA-3839-1:995C3", "DEBIAN:DSA-3891-1:F49C7", "DEBIAN:DSA-3892-1:576B2", "DEBIAN:DSA-3893-1:EB5EA", "DEBIAN:DSA-3980-1:C7ED3", "DEBIAN:DSA-4004-1:17FA8", "DEBIAN:DSA-4017-1:88D36", "DEBIAN:DSA-4018-1:01441", "DEBIAN:DSA-4037-1:25D25", "DEBIAN:DSA-4065-1:A75E5", "DEBIAN:DSA-4078-1:83863", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4120-1:7BEB7", "DEBIAN:DSA-4157-1:5A16B", "DEBIAN:DSA-4158-1:43C61", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4190-1:7ADD0", "DEBIAN:DSA-4215-1:4B480", "DEBIAN:DSA-4230-1:5B4A2", "DEBIAN:DSA-4231-1:6B2CC", "DEBIAN:DSA-4233-1:7C3A1", "DEBIAN:DSA-4274-1:19FA6", "DEBIAN:DSA-4279-1:66DD9", "DEBIAN:DSA-4281-1:EC541"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-9798", "DEBIANCVE:CVE-2018-1000180", "DEBIANCVE:CVE-2018-1000613", "DEBIANCVE:CVE-2018-11763", "DEBIANCVE:CVE-2018-11775", "DEBIANCVE:CVE-2018-17189", "DEBIANCVE:CVE-2018-17199", "DEBIANCVE:CVE-2018-8013", "DEBIANCVE:CVE-2019-0190"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2022-002"]}, {"type": "dsquare", "idList": ["E-627"]}, {"type": "exploitdb", "idList": ["EDB-ID:41192", "EDB-ID:42745", "EDB-ID:42953", "EDB-ID:42966", "EDB-ID:43008", "EDB-ID:44750"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A973689D6080CBEE3C764AC41CE0B4D5"]}, {"type": "f5", "idList": ["F5:K06044762", "F5:K08044291", "F5:K15551553", "F5:K18193959", "F5:K20001553", "F5:K21462542", "F5:K22040951", "F5:K23173103", "F5:K28902827", "F5:K31022653", "F5:K31085564", "F5:K32051722", "F5:K37526132", "F5:K43429502", "F5:K49331953", "F5:K53173544", "F5:K55462146", "F5:K58304450", "F5:K62695363", "F5:K70084351", "F5:K84141449", "F5:K91229003", "SOL15282", "SOL15595", "SOL82392041"]}, {"type": "fedora", "idList": ["FEDORA:0240B604B381", "FEDORA:0383560937A8", "FEDORA:04FF26183EFA", "FEDORA:07A43601CEEA", "FEDORA:08D3760E6566", "FEDORA:08F4166AED40", "FEDORA:092E9605F081", "FEDORA:0AC1C60C76B5", "FEDORA:0B919601CE4F", "FEDORA:0F18160C6159", "FEDORA:10F7D6255145", "FEDORA:11625603E848", "FEDORA:11D0F601FDA8", "FEDORA:122AE604D3F9", "FEDORA:125286087B00", "FEDORA:12DAE6051076", "FEDORA:145106253446", "FEDORA:16DD7604E7EF", "FEDORA:1CA3E6042F34", "FEDORA:1DA54604D2A3", "FEDORA:1EFAB60ACFB0", "FEDORA:2429C641CB6F", "FEDORA:250CB6087A80", "FEDORA:25BDD6190ECF", "FEDORA:289326015E47", "FEDORA:29049600CFF3", "FEDORA:2941E6094063", "FEDORA:2995960C6170", "FEDORA:29FCE65ECD33", "FEDORA:2BBC46051742", "FEDORA:2C89F6167407", "FEDORA:2D794604948D", "FEDORA:2D83A6042395", "FEDORA:2E2F560648E2", "FEDORA:3053C604816A", "FEDORA:3266960F0E44", "FEDORA:32EC36051065", "FEDORA:341EA6057129", "FEDORA:3706260609AC", "FEDORA:376506075014", "FEDORA:37B8362B00D0", "FEDORA:3898F6076D25", "FEDORA:3918D608B5D7", "FEDORA:3ED26601CEE3", "FEDORA:3F89D602E3B7", "FEDORA:41B546014626", "FEDORA:42DA3601FD86", "FEDORA:44065605602A", "FEDORA:445816021736", "FEDORA:4832F6079717", "FEDORA:489136051065", "FEDORA:4BA416093FE3", "FEDORA:4C8A2609406E", "FEDORA:4D5AD601FDAC", "FEDORA:4DF45605106F", "FEDORA:50E6E6087656", "FEDORA:5267F604C2BD", "FEDORA:5379560874E3", "FEDORA:5D742610B071", "FEDORA:6058860877C6", "FEDORA:613766079706", "FEDORA:62812605106F", "FEDORA:63AEC601CFBA", "FEDORA:648496077DD1", "FEDORA:64CD76075F16", "FEDORA:65B57634CA63", "FEDORA:67D5B602F037", "FEDORA:67F5A6051068", "FEDORA:68D44601BD0C", "FEDORA:6B39A60C690C", "FEDORA:6B66A6047312", "FEDORA:6BF9F60769FE", "FEDORA:6D39A60CC4DC", "FEDORA:6EA206291A90", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:728DA604CD72", "FEDORA:74245604D4DA", "FEDORA:748BC6048FFE", "FEDORA:7640C641CB61", "FEDORA:76CFD605E21F", "FEDORA:7B564604AACC", "FEDORA:7C4736051069", "FEDORA:7E397618AE59", "FEDORA:80260604817C", "FEDORA:82BA46051069", "FEDORA:87BD56087904", "FEDORA:89D4660EC1E4", "FEDORA:8CEB2616D980", "FEDORA:8D844601518F", "FEDORA:8D9BA60468B9", "FEDORA:8E08F605F09F", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:91D5F606E7CE", "FEDORA:92417604C5F1", "FEDORA:93899601DD82", "FEDORA:945D36030B31", "FEDORA:94740605F8FC", "FEDORA:957DA605174F", "FEDORA:95A686085F81", "FEDORA:98315602F10D", "FEDORA:98D5F601DECE", "FEDORA:9A45F6078C22", "FEDORA:9B33E60E86E5", "FEDORA:9E3346051071", "FEDORA:9E3D9606D195", "FEDORA:9FDCF62874A1", "FEDORA:A01FB60BDCB4", "FEDORA:A071E60419A6", "FEDORA:A7FE360648D0", "FEDORA:A9847604E850", "FEDORA:A99066078F69", "FEDORA:AB52460321C9", "FEDORA:AB5346014BB3", "FEDORA:AB76A60CDC47", "FEDORA:AC7FC600CFCA", "FEDORA:ACC466324C7C", "FEDORA:AEECE6075DBF", "FEDORA:AFDBD60E76E0", "FEDORA:B11A16051070", "FEDORA:B395E6087A9D", "FEDORA:B4E3C6062CB4", "FEDORA:B54D264CBCAC", "FEDORA:B56AC605DCD2", "FEDORA:B5C736087A8D", "FEDORA:B76DE6348980", "FEDORA:B803860875BB", "FEDORA:B8E2D6051075", "FEDORA:B98866076020", "FEDORA:BA569604CD9E", "FEDORA:BBFE360460D0", "FEDORA:BC349601DD98", "FEDORA:BC771622EB72", "FEDORA:BD35260BC96F", "FEDORA:BFACF60A35B3", "FEDORA:BFD6D6095533", "FEDORA:C49D061F375F", "FEDORA:C4FE16051044", "FEDORA:C63046095B2B", "FEDORA:C64AE6007F37", "FEDORA:C65F560874BD", "FEDORA:C85E36015F7B", "FEDORA:C8F726082DB8", "FEDORA:CF28F60151B5", "FEDORA:D013361742CE", "FEDORA:D045460C6158", "FEDORA:D08CB6047310", "FEDORA:D09A26048D45", "FEDORA:D17F86077DFD", "FEDORA:D193E6133B2E", "FEDORA:D1E836050C52", "FEDORA:D208C60874AA", "FEDORA:D5F726042B1F", "FEDORA:D606D605A2B4", "FEDORA:D653E604C87F", "FEDORA:D6CAE607A456", "FEDORA:D6F86601E6D9", "FEDORA:D74C160C9AD0", "FEDORA:D7E1E60C4225", "FEDORA:D8D34601DECE", "FEDORA:D8DAB61DD062", "FEDORA:D8E6160F62FB", "FEDORA:DB25A6083B5B", "FEDORA:DEA206060997", "FEDORA:DEE54601518F", "FEDORA:DF5176048167", "FEDORA:E150A6395ADF", "FEDORA:E5291607602A", "FEDORA:E63546051071", "FEDORA:E6F08605DCE7", "FEDORA:E827E60200A8", "FEDORA:E8F1960525C8", "FEDORA:E93AE6077DCD", "FEDORA:EBB026048D2E", "FEDORA:EC39E6051044", "FEDORA:EFDAB6050C3B", "FEDORA:F41A860321C6"]}, {"type": "fortinet", "idList": ["FG-IR-17-251", "FG-IR-18-002", "FG-IR-18-013"]}, {"type": "freebsd", "idList": ["1A802BA9-F444-11E6-9940-B499BAEBFEAF", "1CE95BC7-3278-11E8-B527-00012E582166", "4A088D67-3AF2-11E7-9D75-C86000169601", "55C4233E-1844-11E8-A712-0025908740C2", "607F8B57-7454-42C6-A88A-8706F327076D", "61B8C359-4AAB-11E6-A7BD-14DAE9D210B8", "76B085E2-9D33-11E7-9260-000C292EE6B8", "8F353420-4197-11E8-8777-B499BAEBFEAF", "9B5162DE-6F39-11E8-818E-E8E0B747A45A", "B7CFF5A9-31CC-11E8-8F07-B499BAEBFEAF", "C0DAE634-4820-4505-850D-B1C975D0F67D", "CBCEEB49-3BC7-11E6-8E82-002590263BF5", "E182C076-C189-11E8-A6D2-B499BAEBFEAF", "ED8D5535-CA78-11E9-980B-999FF59C22EA"]}, {"type": "gentoo", "idList": ["GLSA-201604-02", "GLSA-201706-14", "GLSA-201710-03", "GLSA-201710-28", "GLSA-201710-32", "GLSA-201802-04", "GLSA-201908-04", "GLSA-201908-10"]}, {"type": "github", "idList": ["GHSA-4446-656P-F54G", "GHSA-46J3-R4PJ-4835", "GHSA-4GQ5-CH57-C2MG", "GHSA-5Q99-F34M-67GC", "GHSA-645P-88QH-W398", "GHSA-6JQ2-789Q-FFF2", "GHSA-6RXJ-58JH-436R", "GHSA-9GCM-F4X3-8JPW", "GHSA-9MXF-G3X6-WV74", "GHSA-C8HM-7HPQ-7JHG", "GHSA-CGGJ-FVV3-CQWV", "GHSA-CJJF-94FF-43W7", "GHSA-CXRJ-66C5-9FMH", "GHSA-F26X-PR96-VW86", "GHSA-F9HV-MG5H-XCW9", "GHSA-HPCF-8VF9-Q4GJ", "GHSA-JX6H-3FJX-CGV5", "GHSA-M9W8-V359-9FFR", "GHSA-MX9V-GMH4-MGQW", "GHSA-P66X-2CV9-QQ3V", "GHSA-QR7J-H6GG-JMGC", "GHSA-QXXX-2PP7-5HMX", "GHSA-RCPF-VJ53-7H2M", "GHSA-RMXG-73GG-4P98", "GHSA-WR5R-M8PC-85J9", "GHSA-X2W5-5M2G-7H5M", "GHSA-XQJ7-J8J5-F2XR"]}, {"type": "githubexploit", "idList": ["2ED15233-2A01-53F8-A939-8A4D06481CF4", "570FF86C-6068-5E26-9552-A6876544601F", "B41082A1-4177-53E2-A74C-8ABA13AA3E86", "C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:42FBA08807698DC5CD34486014AC8332"]}, {"type": "hackerone", "idList": ["H1:269568"]}, {"type": "hp", "idList": ["HP:C05869091", "HP:C06179472"]}, {"type": "httpd", "idList": ["HTTPD:7DDAAFDB1FD8B2E7FD36ADABA5DB6DAA"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20170503-01-OPENSSL", "HUAWEI-SA-20180106-01-CPU", "HUAWEI-SA-20180228-01-STRUTS"]}, {"type": "ibm", "idList": ["002EEB5F5A7739989BC247DF814D8328529073722D1EAF6319232F8412E43B85", "005B966C0D4C843033C58B3653BB0E0525ED6FF20DBF2C930FF9484509B839C6", "015CED4DD111438880FFDB361B30E09A12892E262FEEA8F7178F7A49BBE7D4D2", "03AF4ACA139A89E3311C3DBEB069FAA0C1761237F3BDA98BFBF2E5856D710227", "0A3CB536625237AF6E1A39B78799B41B9AF062894DA038E4F769071D72640FDB", "1A7668E81452E83AB00678328095567DA17543F8BDE6DB1EE678E96C5B064FD6", "1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "1F234EFC9BCA33D00375D73A19EA38D309527628B71CCB02CAF517D9F70083C2", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "3E1821B985C08682BCDEB3F7FE286DDE1E327BB3B965AB5445D931413229B237", "43F13A59BAC727291BE408250411526C9C997271C9B4A25BD10C74E510C0D8CA", "47DDA2A418E0FF6C96DFB84335DCAEDE1A8B3CE26DF31660F71744BC1ABD71AE", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "59318B0CF4C1FAE586869CBD784AA3B2D670508ECC73EDF830A5E166B55DCF65", "59AFB6B22B3D21FAFDC933DA29973F4C6887013B5320E839F5B0B140E8DDA7D1", "5A23BE34322F36780B2821378B1628B3331997E99E3A9C4B3B0067399EEBC3F5", "5D0EF01A9559B5552716917BA193D1298820848516CB3AAE2B74F8B32EA9B337", "6155DCB197E0C8F981A0079215EC9D72376C81F0D5C98B713195392A9699AA19", "633101892424998D20120B3DD7F6989828A31FA0294F49F44921A8AC25511C41", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "6BE8692D3822CA78B4646C336839C76002B91C314A2131C842F23F12148509D9", "6F2C088BF5D78FB804760981ACFE38C9CC104BC5F9390812E5D324682512AD45", "702737E727126374B1B95753A3C516B3B30B5DFB07610F7636B07D2E346D87F0", "77C6BF921A5EE4D83AAD3E81B0714C7F02AA72F5A80BC01802CC6F1440DE7948", "78BAD43C88F0291540D28D9B278D560FB7D643B21400003DDCF10124DD2DED21", "7AE0AD6D1DAB3FC37214E1A0FCAC4D74DD7278E9BEEC70EEF549EC606CF6A798", "7B753C368ACA27C22C23CCCF0ADAC34B8D0ABE013F91E91F77FAA106033ADC8E", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "7E4E851053AF5C2BFADF66AC8494971BF986538EB9E1BEE4C5D8B83D2DB1BBB0", "838185B2913A44E852BC8B77D80730F1A8E62A2DF3C8C992C682B9C59DBF08C9", "859E9503503A634C300E460C2F12FCA56E167B475CCBFA01CFD35167C415E188", "89ECD262B4968A1CEAC0618400CB1E2118B5134D866FB3DB5A845EFBE37B4016", "93F376A33DAF2CAA98CBF6E0EBE1D85CAFA8457254A8255841887F4BAE5738F6", "96BD78A851756098C227E98FD62220AF1B5931B15BB2031029FDB3A09B830E21", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "9C6F1EFD064B98941F8B42A32A91BAB15206AC55CF09BF3BAAA5925A1B9B55C9", "9CCEB90B89301ED91DF7A501EF3103FD54D3AD611D342CF6E4B19E5105E84E35", "A32C6DF76505CE1438834C46A179D3BAF5C4C941E7A4CCE13657E37ADAA6DA21", "A594E3179D9A187B5EAE777411B4109CB85600F1AEC96905951B67E4F825EC64", "A9ABCB46C2AB3205C68FA05A05C66734611D213CAC0440DC7D00A0FFBBB76A34", "AC5DE01326AFA37CBA7F799502684F57AF3D9271EC49734648DB7797522AF2E8", "ACBA42A9F266755DB30CE35DBA1907FB61B1687AAD3415499AF5573BC67595AA", "B3446AFA47BD664B99B6DC653C6AF10D8AFCE06B43C0C23D364D628FAD4130CA", "C034F4A93C7986F86B5276634B82B774DA1796B9A2CC2371DA4859670D82233E", "C493462547813E2D896F759039078514A13F0934C26044CBC7F658187CF3E4C0", "C6A8C2447BF88E0D4461C61E401962D77CBF20913BC12869EED5BF31650D2CCF", "C810968492FABE70B0CBF249C3674187F1C428AC5C884D1DBAAB3F0B6A3A7FC9", "CAD407DFBC6E187A3E74DFA6FCEE14FB4DD4967C79A0911A77D5E485F020AA28", "CBA598237EC6F84B53BABD94A4C1A8896539FE5863458FA4408BD6DB2D7A57BB", "D272B1ACFC08FB00F71DAECEAF120EF8F47B4AA0F575849F81F09FF6E35CBFB5", "D339AF4F92E6BDA2B14C46B53EEC584B9068C60D095CA91F8D91E775B6991D1D", "DD7E796DC101D56D3818D53295F88146B9FC7EE7058C596477B1B5AFCE363B74", "DDE3DEB25676ADC1DB480364A779909356249858CDB0D097DC67216D3015C436", "E51DDF73E3F5CD96B12560329D18889F698C09D96494E43FCCF428FEC32A1F2E", "E89944ACFFB4A887B7F06E5F3FC1FCE1030CC953A3AC604AEC6044F23C7ED724", "E9C1A49043693794000D0923340F217402D1FA6EE6CB02F1F2FBFA857D52D321", "EB488D986A623E81C07D5F38DFFA754649938084B72DDAA698DEA6B41BB73C49", "F0864C914EFB62F7C48822F52BDF423B57466738327736DD211AEFBE34B7C109", "F5D5AAF38F45575DCEBF7AD5E9B3D25AA8678ED2972A091BF0082B881BDC74A4", "F8F311B3072223D52EB3D8154BEE85BE4F61B6D245F44A1A11E0A790CE3F0D4E", "FEDE4F7915CF8E683DBC7AB56D68872D5740EF9C5D19FED52B140130771052A2"]}, {"type": "ics", "idList": ["ICSMA-20-184-01"]}, {"type": "jvn", "idList": ["JVN:19118282"]}, {"type": "kaspersky", "idList": ["KLA10669", "KLA11118", "KLA11173", "KLA11179", "KLA11236", "KLA11327"]}, {"type": "kitploit", "idList": ["KITPLOIT:8752367943592764867", "KITPLOIT:8917740741292426205"]}, {"type": "lenovo", "idList": ["LENOVO:PS500151-NOSID", "LENOVO:PS500167-NOSID"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3DDE32E41BE8356C194673EE3ED7FDBE", "MALWAREBYTES:C47D8F4321BF60FB315B6C46B47DF46F"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/APACHE_OPTIONSBLEED", "MSF:EXPLOIT/MULTI/HTTP/TOMCAT_JSP_UPLOAD_BYPASS", "MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2017-3735/", "MSF:ILITIES/APPLE-OSX-OPENSSL-CVE-2017-3735/", "MSF:ILITIES/CENTOS_LINUX-CVE-2017-5753/", "MSF:ILITIES/CENTOS_LINUX-CVE-2017-5754/", "MSF:ILITIES/DEBIAN-CVE-2017-5753/", "MSF:ILITIES/DEBIAN-CVE-2021-28651/", "MSF:ILITIES/DNS-BIND-CVE-2017-5754/", "MSF:ILITIES/F5-BIG-IP-CVE-2017-3735/", "MSF:ILITIES/GENTOO-LINUX-CVE-2017-3735/", "MSF:ILITIES/GENTOO-LINUX-CVE-2017-5753/", "MSF:ILITIES/HTTP-OPENSSL-CVE-2017-3735/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2017-3735/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2017-3735/", "MSF:ILITIES/IBM-AIX-CVE-2017-3735/", "MSF:ILITIES/IBM-AIX-CVE-2017-5753/", "MSF:ILITIES/IBM-AIX-CVE-2017-5754/", "MSF:ILITIES/IBM-HTTP_SERVER-CVE-2017-3732/", "MSF:ILITIES/ORACLE_LINUX-CVE-2017-3735/", "MSF:ILITIES/ORACLE_LINUX-CVE-2017-5753/", "MSF:ILITIES/REDHAT_LINUX-CVE-2017-3735/", "MSF:ILITIES/SUSE-CVE-2017-5753/", "MSF:ILITIES/UBUNTU-CVE-2017-3735/"]}, {"type": "mscve", "idList": ["MS:ADV180002", "MS:ADV180018"]}, {"type": "mskb", "idList": ["KB4343888", "KB4343896", "KB4343897", "KB4343909", "KB4457984", "KB4467708", "KB4480972", "KB4493448"]}, {"type": "msrc", "idList": ["MSRC:3EC2FAA8CFB89D38DF89D5273501E00C"]}, {"type": "myhack58", "idList": ["MYHACK58:62201785372", "MYHACK58:62201785395", "MYHACK58:62201786348", "MYHACK58:62201786929", "MYHACK58:62201788199"]}, {"type": "nessus", "idList": ["AIX_IJ03029.NASL", "AIX_IJ03030.NASL", "AIX_IJ03032.NASL", "AIX_IJ03033.NASL", "AIX_IJ03034.NASL", "AIX_IJ03035.NASL", "AIX_IJ03036.NASL", "AL2_ALAS-2018-939.NASL", "AL2_ALAS-2018-956.NASL", "AL2_ALAS-2018-992.NASL", "AL2_ALAS-2018-994.NASL", "AL2_ALAS-2018-999.NASL", "AL2_ALAS-2019-1362.NASL", "ALA_ALAS-2017-862.NASL", "ALA_ALAS-2017-873.NASL", "ALA_ALAS-2017-896.NASL", "ALA_ALAS-2017-913.NASL", "ALA_ALAS-2018-1000.NASL", "ALA_ALAS-2018-1023.NASL", "ALA_ALAS-2018-939.NASL", "ALA_ALAS-2018-956.NASL", "ALA_ALAS-2019-1313.NASL", "ALA_ALAS-2020-1355.NASL", "CENTOS_RHSA-2017-1809.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-2882.NASL", "CENTOS_RHSA-2017-2972.NASL", "CENTOS_RHSA-2017-3080.NASL", "CENTOS_RHSA-2017-3081.NASL", "CENTOS_RHSA-2018-0007.NASL", "CENTOS_RHSA-2018-0008.NASL", "CENTOS_RHSA-2018-0998.NASL", "CENTOS_RHSA-2018-1319.NASL", "CENTOS_RHSA-2018-2768.NASL", "CENTOS_RHSA-2018-2898.NASL", "CISCO-SA-20180328-SNMP.NASL", "CITRIX_XENSERVER_CTX231390.NASL", "CITRIX_XENSERVER_CTX234679.NASL", "DEBIAN_DLA-1102.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-1385.NASL", "DEBIAN_DLA-1544.NASL", "DEBIAN_DLA-1545.NASL", "DEBIAN_DLA-2583.NASL", "DEBIAN_DLA-2635.NASL", "DEBIAN_DLA-528.NASL", "DEBIAN_DLA-529.NASL", "DEBIAN_DLA-918.NASL", "DEBIAN_DLA-931.NASL", "DEBIAN_DLA-947.NASL", "DEBIAN_DSA-2886.NASL", "DEBIAN_DSA-3611.NASL", "DEBIAN_DSA-3614.NASL", "DEBIAN_DSA-3830.NASL", "DEBIAN_DSA-3839.NASL", "DEBIAN_DSA-3980.NASL", "DEBIAN_DSA-4004.NASL", "DEBIAN_DSA-4078.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4120.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4190.NASL", "DEBIAN_DSA-4230.NASL", "DEBIAN_DSA-4231.NASL", "DEBIAN_DSA-4281.NASL", "EULEROS_SA-2017-1110.NASL", "EULEROS_SA-2017-1114.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "EULEROS_SA-2018-1001.NASL", "EULEROS_SA-2018-1002.NASL", "EULEROS_SA-2018-1092.NASL", "EULEROS_SA-2018-1093.NASL", "EULEROS_SA-2018-1115.NASL", "EULEROS_SA-2018-1132.NASL", "EULEROS_SA-2018-1179.NASL", "EULEROS_SA-2018-1214.NASL", "EULEROS_SA-2018-1289.NASL", "EULEROS_SA-2018-1296.NASL", "EULEROS_SA-2018-1306.NASL", "EULEROS_SA-2019-2174.NASL", "EULEROS_SA-2019-2175.NASL", "EULEROS_SA-2019-2218.NASL", "EULEROS_SA-2019-2246.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2021-1506.NASL", "EULEROS_SA-2021-1555.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "F5_BIGIP_SOL06044762.NASL", "F5_BIGIP_SOL22040951.NASL", "F5_BIGIP_SOL37526132.NASL", "FEDORA_2015-16315.NASL", "FEDORA_2016-21BD6A33AF.NASL", "FEDORA_2016-D717FDCF74.NASL", "FEDORA_2017-1AA946D52B.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-4CF72E2C11.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-512A6C5AAE.NASL", "FEDORA_2017-5760B80676.NASL", "FEDORA_2017-6A75C816FA.NASL", "FEDORA_2017-7E0FF7F73A.NASL", "FEDORA_2017-8348115ACD.NASL", "FEDORA_2017-856E8F657D.NASL", "FEDORA_2017-8DF9EFED5F.NASL", "FEDORA_2017-950CC68400.NASL", "FEDORA_2017-A52F252521.NASL", "FEDORA_2017-AA9927961F.NASL", "FEDORA_2017-C110AC0EB1.NASL", "FEDORA_2017-C2CEFCC2B3.NASL", "FEDORA_2017-CAFCDBDDE5.NASL", "FEDORA_2017-EBB76FC3C9.NASL", "FEDORA_2017-F452765E1E.NASL", "FEDORA_2017-FDD3A98E8F.NASL", "FEDORA_2018-02A38AF202.NASL", "FEDORA_2018-0590E4AF13.NASL", "FEDORA_2018-1B4F1158E2.NASL", "FEDORA_2018-6788454AB6.NASL", "FEDORA_2018-690989736A.NASL", "FEDORA_2018-9490B422E7.NASL", "FEDORA_2018-D09A73CE72.NASL", "FEDORA_2018-D82B617D6C.NASL", "FEDORA_2018-DA9FE79871.NASL", "FEDORA_2020-62D2FF9FA8.NASL", "FREEBSD_PKG_1A802BA9F44411E69940B499BAEBFEAF.NASL", "FREEBSD_PKG_4A088D673AF211E79D75C86000169601.NASL", "FREEBSD_PKG_55C4233E184411E8A7120025908740C2.NASL", "FREEBSD_PKG_607F8B57745442C6A88A8706F327076D.NASL", "FREEBSD_PKG_61B8C3594AAB11E6A7BD14DAE9D210B8.NASL", "FREEBSD_PKG_67B3FEF22BEA11E586FF14DAE9D210B8.NASL", "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "FREEBSD_PKG_8F353420419711E88777B499BAEBFEAF.NASL", "FREEBSD_PKG_9B5162DE6F3911E8818EE8E0B747A45A.NASL", "FREEBSD_PKG_C0DAE63448204505850DB1C975D0F67D.NASL", "FREEBSD_PKG_C1265E857C9511E793AF005056925DB4.NASL", "FREEBSD_PKG_C82ECAC56E3F11E88777B499BAEBFEAF.NASL", "FREEBSD_PKG_CBCEEB493BC711E68E82002590263BF5.NASL", "FREEBSD_PKG_E182C076C18911E8A6D2B499BAEBFEAF.NASL", "GENTOO_GLSA-201706-14.NASL", "GENTOO_GLSA-201710-03.NASL", "GENTOO_GLSA-201710-28.NASL", "GENTOO_GLSA-201710-32.NASL", "GENTOO_GLSA-201802-04.NASL", "GOOGLE_CHROME_64_0_3282_119.NASL", "IBM_HTTP_SERVER_298437.NASL", "IBM_HTTP_SERVER_869064.NASL", "JFROG_ARTIFACTORY_6_1.NASL", "JFROG_ARTIFACTORY_7_8_1.NASL", "JUNIPER_JSA10949.NASL", "MACOSX_FIREFOX_57_0_4.NASL", "MACOSX_SAFARI11_0_2_PATCH_2018_01_08.NASL", "MACOSX_SECUPD2018-001.NASL", "MOZILLA_FIREFOX_57_0_4.NASL", "MYSQL_5_6_37_RPM.NASL", "MYSQL_5_7_19_RPM.NASL", "MYSQL_8_0_16.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_15.NASL", "NESSUS_TNS_2018_16.NASL", "NEWSTART_CGSL_NS-SA-2019-0131_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0154_JAVA-1.7.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0157_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0157_OPENSSH-LATEST.NASL", "NEWSTART_CGSL_NS-SA-2019-0176_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0193_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0197_MARIADB.NASL", "NEWSTART_CGSL_NS-SA-2019-0206_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2020-0066_HTTPD.NASL", "NEWSTART_CGSL_NS-SA-2020-0110_HTTPD.NASL", "NEWSTART_CGSL_NS-SA-2021-0045_IPA.NASL", "NVIDIA_UNIX_CVE_2017_5753.NASL", "NVIDIA_WIN_CVE_2017_5753.NASL", "OPENSSL_1_0_2N.NASL", "OPENSSL_1_0_2Q.NASL", "OPENSUSE-2016-1191.NASL", "OPENSUSE-2017-1083.NASL", "OPENSUSE-2017-1194.NASL", "OPENSUSE-2017-1196.NASL", "OPENSUSE-2017-1224.NASL", "OPENSUSE-2017-866.NASL", "OPENSUSE-2018-1041.NASL", "OPENSUSE-2018-1043.NASL", "OPENSUSE-2018-1047.NASL", "OPENSUSE-2018-1091.NASL", "OPENSUSE-2018-1109.NASL", "OPENSUSE-2018-1110.NASL", "OPENSUSE-2018-1129.NASL", "OPENSUSE-2018-116.NASL", "OPENSUSE-2018-1178.NASL", "OPENSUSE-2018-118.NASL", "OPENSUSE-2018-156.NASL", "OPENSUSE-2018-169.NASL", "OPENSUSE-2018-184.NASL", "OPENSUSE-2018-2.NASL", "OPENSUSE-2018-3.NASL", "OPENSUSE-2018-32.NASL", "OPENSUSE-2018-361.NASL", "OPENSUSE-2018-389.NASL", "OPENSUSE-2018-454.NASL", "OPENSUSE-2018-5.NASL", "OPENSUSE-2018-704.NASL", "OPENSUSE-2019-1039.NASL", "OPENSUSE-2019-1046.NASL", "OPENSUSE-2019-1076.NASL", "OPENSUSE-2019-1105.NASL", "OPENSUSE-2019-1173.NASL", "OPENSUSE-2019-1175.NASL", "OPENSUSE-2019-1327.NASL", "OPENSUSE-2019-1399.NASL", "OPENSUSE-2019-1432.NASL", "OPENSUSE-2019-1438.NASL", "OPENSUSE-2019-1439.NASL", "OPENSUSE-2019-1500.NASL", "OPENSUSE-2019-1547.NASL", "OPENSUSE-2019-1637.NASL", "OPENSUSE-2019-1758.NASL", "OPENSUSE-2019-1814.NASL", "OPENSUSE-2019-1913.NASL", "OPENSUSE-2019-1915.NASL", "OPENSUSE-2019-234.NASL", "OPENSUSE-2019-296.NASL", "OPENSUSE-2019-305.NASL", "OPENSUSE-2019-418.NASL", "OPENSUSE-2019-422.NASL", "OPENSUSE-2019-423.NASL", "OPENSUSE-2019-481.NASL", "OPENSUSE-2019-536.NASL", "OPENSUSE-2019-539.NASL", "OPENSUSE-2019-540.NASL", "OPENSUSE-2019-546.NASL", "OPENSUSE-2019-549.NASL", "OPENSUSE-2019-550.NASL", "OPENSUSE-2019-563.NASL", "OPENSUSE-2019-618.NASL", "OPENSUSE-2019-622.NASL", "OPENSUSE-2019-631.NASL", "OPENSUSE-2019-718.NASL", "OPENSUSE-2019-751.NASL", "OPENSUSE-2019-753.NASL", "OPENSUSE-2019-770.NASL", "OPENSUSE-2019-791.NASL", "OPENSUSE-2019-863.NASL", "OPENSUSE-2019-956.NASL", "OPENSUSE-2019-972.NASL", "OPENSUSE-2019-985.NASL", "OPENSUSE-2019-998.NASL", "OPENSUSE-2020-607.NASL", "ORACLELINUX_ELSA-2017-1809.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2017-2882.NASL", "ORACLELINUX_ELSA-2017-2972.NASL", "ORACLELINUX_ELSA-2017-3080.NASL", "ORACLELINUX_ELSA-2017-3081.NASL", "ORACLELINUX_ELSA-2018-0007.NASL", "ORACLELINUX_ELSA-2018-0008.NASL", "ORACLELINUX_ELSA-2018-0998.NASL", "ORACLELINUX_ELSA-2018-1319.NASL", "ORACLELINUX_ELSA-2018-2768.NASL", "ORACLELINUX_ELSA-2018-2898.NASL", "ORACLELINUX_ELSA-2018-4004.NASL", "ORACLELINUX_ELSA-2018-4006.NASL", "ORACLELINUX_ELSA-2018-4011.NASL", "ORACLELINUX_ELSA-2018-4017.NASL", "ORACLELINUX_ELSA-2018-4025.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4088.NASL", "ORACLELINUX_ELSA-2018-4089.NASL", "ORACLELINUX_ELSA-2018-4228.NASL", "ORACLELINUX_ELSA-2018-4242.NASL", "ORACLELINUX_ELSA-2018-4245.NASL", "ORACLELINUX_ELSA-2018-4248.NASL", "ORACLELINUX_ELSA-2018-4249.NASL", "ORACLELINUX_ELSA-2018-4250.NASL", "ORACLELINUX_ELSA-2019-0483.NASL", "ORACLELINUX_ELSA-2019-0485.NASL", "ORACLELINUX_ELSA-2019-0774.NASL", "ORACLELINUX_ELSA-2019-0775.NASL", "ORACLELINUX_ELSA-2019-0778.NASL", "ORACLELINUX_ELSA-2019-0790.NASL", "ORACLELINUX_ELSA-2019-0791.NASL", "ORACLELINUX_ELSA-2019-1146.NASL", "ORACLELINUX_ELSA-2019-1518.NASL", "ORACLELINUX_ELSA-2019-1529.NASL", "ORACLELINUX_ELSA-2019-2471.NASL", "ORACLELINUX_ELSA-2019-2511.NASL", "ORACLELINUX_ELSA-2020-4751.NASL", "ORACLEVM_OVMSA-2018-0005.NASL", "ORACLEVM_OVMSA-2018-0006.NASL", "ORACLEVM_OVMSA-2018-0007.NASL", "ORACLEVM_OVMSA-2018-0008.NASL", "ORACLEVM_OVMSA-2018-0010.NASL", "ORACLEVM_OVMSA-2018-0012.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0017.NASL", "ORACLEVM_OVMSA-2018-0029.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "ORACLEVM_OVMSA-2018-0218.NASL", "ORACLEVM_OVMSA-2018-0224.NASL", "ORACLEVM_OVMSA-2018-0248.NASL", "ORACLEVM_OVMSA-2018-0264.NASL", "ORACLEVM_OVMSA-2019-0040.NASL", "ORACLE_BI_PUBLISHER_OCT_2019_CPU.NASL", "ORACLE_E-BUSINESS_CPU_APR_2019.NASL", "ORACLE_E-BUSINESS_CPU_JAN_2018.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OCT_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2019_CPU.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_OCT_2019.NASL", "ORACLE_HTTP_SERVER_CPU_APR_2019.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_APR_2020.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_APR_2019.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JUL_2018.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JAN_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2018.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JUL_2019.NASL", "ORACLE_RDBMS_CPU_APR_2019.NASL", "ORACLE_RDBMS_CPU_JAN_2018.NASL", "ORACLE_RDBMS_CPU_JUL_2020.NASL", "ORACLE_RDBMS_CPU_OCT_2017.NASL", "ORACLE_RDBMS_CPU_OCT_2019.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2018_CPU.NASL", "ORACLE_TUXEDO_CPU_APR_2018.NASL", "ORACLE_TUXEDO_CPU_APR_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2014.NBIN", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2019.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2021.NASL", "PALO_ALTO_PAN-SA-2018-0015.NASL", "PFSENSE_SA-17_11.NASL", "PFSENSE_SA-18_03.NASL", "PHOTONOS_PHSA-2018-1_0-0180.NASL", "PHOTONOS_PHSA-2018-2_0-0088.NASL", "PHOTONOS_PHSA-2020-1_0-0290_OPENJDK11.NASL", "PHOTONOS_PHSA-2020-2_0-0235_OPENJDK11.NASL", "PHOTONOS_PHSA-2020-3_0-0084_OPENJDK11.NASL", "REDHAT-RHSA-2016-1328.NASL", "REDHAT-RHSA-2016-1330.NASL", "REDHAT-RHSA-2017-1809.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2882.NASL", "REDHAT-RHSA-2017-2972.NASL", "REDHAT-RHSA-2017-3080.NASL", "REDHAT-RHSA-2017-3081.NASL", "REDHAT-RHSA-2018-0007.NASL", "REDHAT-RHSA-2018-0008.NASL", "REDHAT-RHSA-2018-0009.NASL", "REDHAT-RHSA-2018-0010.NASL", "REDHAT-RHSA-2018-0011.NASL", "REDHAT-RHSA-2018-0016.NASL", "REDHAT-RHSA-2018-0017.NASL", "REDHAT-RHSA-2018-0018.NASL", "REDHAT-RHSA-2018-0020.NASL", "REDHAT-RHSA-2018-0021.NASL", "REDHAT-RHSA-2018-0022.NASL", "REDHAT-RHSA-2018-0044.NASL", "REDHAT-RHSA-2018-0045.NASL", "REDHAT-RHSA-2018-0046.NASL", "REDHAT-RHSA-2018-0047.NASL", "REDHAT-RHSA-2018-0182.NASL", "REDHAT-RHSA-2018-0268.NASL", "REDHAT-RHSA-2018-0270.NASL", "REDHAT-RHSA-2018-0275.NASL", "REDHAT-RHSA-2018-0292.NASL", "REDHAT-RHSA-2018-0342.NASL", "REDHAT-RHSA-2018-0627.NASL", "REDHAT-RHSA-2018-0628.NASL", "REDHAT-RHSA-2018-0654.NASL", "REDHAT-RHSA-2018-0998.NASL", "REDHAT-RHSA-2018-1129.NASL", "REDHAT-RHSA-2018-1130.NASL", "REDHAT-RHSA-2018-1170.NASL", "REDHAT-RHSA-2018-1319.NASL", "REDHAT-RHSA-2018-1346.NASL", "REDHAT-RHSA-2018-1525.NASL", "REDHAT-RHSA-2018-2768.NASL", "REDHAT-RHSA-2018-2868.NASL", "REDHAT-RHSA-2018-2898.NASL", "REDHAT-RHSA-2019-0451.NASL", "REDHAT-RHSA-2019-0483.NASL", "REDHAT-RHSA-2019-0485.NASL", "REDHAT-RHSA-2019-0774.NASL", "REDHAT-RHSA-2019-0775.NASL", "REDHAT-RHSA-2019-0778.NASL", "REDHAT-RHSA-2019-0790.NASL", "REDHAT-RHSA-2019-0791.NASL", "REDHAT-RHSA-2019-1107.NASL", "REDHAT-RHSA-2019-1108.NASL", "REDHAT-RHSA-2019-1146.NASL", "REDHAT-RHSA-2019-1160.NASL", "REDHAT-RHSA-2019-1161.NASL", "REDHAT-RHSA-2019-1163.NASL", "REDHAT-RHSA-2019-1164.NASL", "REDHAT-RHSA-2019-1165.NASL", "REDHAT-RHSA-2019-1166.NASL", "REDHAT-RHSA-2019-1238.NASL", "REDHAT-RHSA-2019-1297.NASL", "REDHAT-RHSA-2019-1325.NASL", "REDHAT-RHSA-2019-1483.NASL", "REDHAT-RHSA-2019-1487.NASL", "REDHAT-RHSA-2019-1518.NASL", "REDHAT-RHSA-2019-1529.NASL", "REDHAT-RHSA-2019-1711.NASL", "REDHAT-RHSA-2019-1946.NASL", "REDHAT-RHSA-2019-2125.NASL", "REDHAT-RHSA-2019-2205.NASL", "REDHAT-RHSA-2019-2237.NASL", "REDHAT-RHSA-2019-2304.NASL", "REDHAT-RHSA-2019-2327.NASL", "REDHAT-RHSA-2019-2402.NASL", "REDHAT-RHSA-2019-2437.NASL", "REDHAT-RHSA-2019-2439.NASL", "REDHAT-RHSA-2019-2471.NASL", "REDHAT-RHSA-2019-2511.NASL", "REDHAT-RHSA-2019-3700.NASL", "REDHAT-RHSA-2019-3701.NASL", "REDHAT-RHSA-2019-3702.NASL", "REDHAT-RHSA-2019-3708.NASL", "REDHAT-RHSA-2019-3929.NASL", "REDHAT-RHSA-2019-3932.NASL", "REDHAT-RHSA-2019-3933.NASL", "REDHAT-RHSA-2020-3936.NASL", "SECURITYCENTER_5_7_1_TNS_2018_12.NASL", "SECURITYCENTER_OPENSSL_1_0_2N.NASL", "SLACKWARE_SSA_2017-136-01.NASL", "SLACKWARE_SSA_2017-261-01.NASL", "SLACKWARE_SSA_2018-016-01.NASL", "SLACKWARE_SSA_2018-057-01.NASL", "SLACKWARE_SSA_2018-142-01.NASL", "SLACKWARE_SSA_2018-164-01.NASL", "SL_20170727_TOMCAT_ON_SL7_X.NASL", "SL_20170807_LOG4J_ON_SL7_X.NASL", "SL_20171011_HTTPD_ON_SL7_X.NASL", "SL_20171019_HTTPD_ON_SL6_X.NASL", "SL_20171030_TOMCAT6_ON_SL6_X.NASL", "SL_20171030_TOMCAT_ON_SL7_X.NASL", "SL_20180103_KERNEL_ON_SL6_X.NASL", "SL_20180103_KERNEL_ON_SL7_X.NASL", "SL_20180410_OPENSSL_ON_SL7_X.NASL", "SL_20180508_KERNEL_ON_SL6_X.NASL", "SL_20180925_NSS_ON_SL7_X.NASL", "SL_20181009_NSS_ON_SL6_X.NASL", "SL_20190313_OPENSSL_ON_SL7_X.NASL", "SL_20190313_TOMCAT_ON_SL7_X.NASL", "SL_20190417_JAVA_11_OPENJDK_ON_SL7_X.NASL", "SL_20190417_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20190417_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SL_20190422_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "SL_20190422_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL", "SL_20190806_MARIADB_ON_SL7_X.NASL", "SL_20190806_NSS__NSS_SOFTOKN__NSS_UTIL__AND_NSPR_ON_SL7_X.NASL", "SL_20190806_OPENSSL_ON_SL7_X.NASL", "SL_20190806_OVMF_ON_SL7_X.NASL", "SL_20190806_TOMCAT_ON_SL7_X.NASL", "SL_20190813_OPENSSL_ON_SL6_X.NASL", "SL_20200407_HTTPD_ON_SL7_X.NASL", "SOLARIS10_148104-29.NASL", "SOLARIS10_X86_148105-29.NASL", "SOLARIS_APR2018_SRU11_3_31_6_0.NASL", "SOLARIS_APR2019_SRU11_4_6_4_0.NASL", "SOLARIS_APR2019_SRU11_4_8_5_0.NASL", "SUSE_SU-2015-0458-1.NASL", "SUSE_SU-2015-1144-1.NASL", "SUSE_SU-2017-2542-1.NASL", "SUSE_SU-2017-2718-1.NASL", "SUSE_SU-2017-2756-1.NASL", "SUSE_SU-2017-2847-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2018-0010-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0012-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0053-1.NASL", "SUSE_SU-2018-0069-1.NASL", "SUSE_SU-2018-0113-1.NASL", "SUSE_SU-2018-0114-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-0131-1.NASL", "SUSE_SU-2018-0171-1.NASL", "SUSE_SU-2018-0179-1.NASL", "SUSE_SU-2018-0191-1.NASL", "SUSE_SU-2018-0219-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0414-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0437-1.NASL", "SUSE_SU-2018-0438-1.NASL", "SUSE_SU-2018-0451-1.NASL", "SUSE_SU-2018-0462-1.NASL", "SUSE_SU-2018-0472-1.NASL", "SUSE_SU-2018-0525-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0902-1.NASL", "SUSE_SU-2018-0906-1.NASL", "SUSE_SU-2018-0909-1.NASL", "SUSE_SU-2018-0925-1.NASL", "SUSE_SU-2018-0975-1.NASL", "SUSE_SU-2018-0988-1.NASL", "SUSE_SU-2018-0989-1.NASL", "SUSE_SU-2018-0990-1.NASL", "SUSE_SU-2018-0991-1.NASL", "SUSE_SU-2018-0992-1.NASL", "SUSE_SU-2018-0993-1.NASL", "SUSE_SU-2018-0994-1.NASL", "SUSE_SU-2018-0995-1.NASL", "SUSE_SU-2018-0996-1.NASL", "SUSE_SU-2018-0999-1.NASL", "SUSE_SU-2018-1000-1.NASL", "SUSE_SU-2018-1001-1.NASL", "SUSE_SU-2018-1003-1.NASL", "SUSE_SU-2018-1004-1.NASL", "SUSE_SU-2018-1005-1.NASL", "SUSE_SU-2018-1006-1.NASL", "SUSE_SU-2018-1007-1.NASL", "SUSE_SU-2018-1008-1.NASL", "SUSE_SU-2018-1009-1.NASL", "SUSE_SU-2018-1010-1.NASL", "SUSE_SU-2018-1011-1.NASL", "SUSE_SU-2018-1012-1.NASL", "SUSE_SU-2018-1014-1.NASL", "SUSE_SU-2018-1015-1.NASL", "SUSE_SU-2018-1016-1.NASL", "SUSE_SU-2018-1018-1.NASL", "SUSE_SU-2018-1019-1.NASL", "SUSE_SU-2018-1021-1.NASL", "SUSE_SU-2018-1023-1.NASL", "SUSE_SU-2018-1025-1.NASL", "SUSE_SU-2018-1026-1.NASL", "SUSE_SU-2018-1029-1.NASL", "SUSE_SU-2018-1030-1.NASL", "SUSE_SU-2018-1031-1.NASL", "SUSE_SU-2018-1032-1.NASL", "SUSE_SU-2018-1033-1.NASL", "SUSE_SU-2018-1034-1.NASL", "SUSE_SU-2018-1035-1.NASL", "SUSE_SU-2018-1177-1.NASL", "SUSE_SU-2018-1181-1.NASL", "SUSE_SU-2018-1184-1.NASL", "SUSE_SU-2018-1202-1.NASL", "SUSE_SU-2018-1203-1.NASL", "SUSE_SU-2018-1216-1.NASL", "SUSE_SU-2018-1220-1.NASL", "SUSE_SU-2018-1221-1.NASL", "SUSE_SU-2018-1222-1.NASL", "SUSE_SU-2018-1224-1.NASL", "SUSE_SU-2018-1226-1.NASL", "SUSE_SU-2018-1227-1.NASL", "SUSE_SU-2018-1229-1.NASL", "SUSE_SU-2018-1230-1.NASL", "SUSE_SU-2018-1231-1.NASL", "SUSE_SU-2018-1232-1.NASL", "SUSE_SU-2018-1233-1.NASL", "SUSE_SU-2018-1234-1.NASL", "SUSE_SU-2018-1235-1.NASL", "SUSE_SU-2018-1236-1.NASL", "SUSE_SU-2018-1237-1.NASL", "SUSE_SU-2018-1241-1.NASL", "SUSE_SU-2018-1242-1.NASL", "SUSE_SU-2018-1243-1.NASL", "SUSE_SU-2018-1244-1.NASL", "SUSE_SU-2018-1245-1.NASL", "SUSE_SU-2018-1247-1.NASL", "SUSE_SU-2018-1250-1.NASL", "SUSE_SU-2018-1251-1.NASL", "SUSE_SU-2018-1253-1.NASL", "SUSE_SU-2018-1254-1.NASL", "SUSE_SU-2018-1255-1.NASL", "SUSE_SU-2018-1256-1.NASL", "SUSE_SU-2018-1257-1.NASL", "SUSE_SU-2018-1259-1.NASL", "SUSE_SU-2018-1261-1.NASL", "SUSE_SU-2018-1262-1.NASL", "SUSE_SU-2018-1264-1.NASL", "SUSE_SU-2018-1266-1.NASL", "SUSE_SU-2018-1267-1.NASL", "SUSE_SU-2018-1268-1.NASL", "SUSE_SU-2018-1269-1.NASL", "SUSE_SU-2018-1272-1.NASL", "SUSE_SU-2018-1273-1.NASL", "SUSE_SU-2018-1368-1.NASL", "SUSE_SU-2018-1376-1.NASL", "SUSE_SU-2018-1658-1.NASL", "SUSE_SU-2018-1699-1.NASL", "SUSE_SU-2018-1887-1.NASL", "SUSE_SU-2018-2928-1.NASL", "SUSE_SU-2019-0498-1.NASL", "SUSE_SU-2019-0504-1.NASL", "SUSE_SU-2019-0572-1.NASL", "SUSE_SU-2019-0600-1.NASL", "SUSE_SU-2019-0658-1.NASL", "SUSE_SU-2019-0765-1.NASL", "SUSE_SU-2019-0803-1.NASL", "SUSE_SU-2019-0818-1.NASL", "SUSE_SU-2019-0888-1.NASL", "SUSE_SU-2019-0889-1.NASL", "SUSE_SU-2019-1052-1.NASL", "SUSE_SU-2019-1211-1.NASL", "SUSE_SU-2019-1211-2.NASL", "SUSE_SU-2019-1219-1.NASL", "SUSE_SU-2019-1308-1.NASL", "SUSE_SU-2019-1308-2.NASL", "SUSE_SU-2019-1345-1.NASL", "SUSE_SU-2019-1362-1.NASL", "SUSE_SU-2019-1392-1.NASL", "SUSE_SU-2019-14059-1.NASL", "SUSE_SU-2019-14091-1.NASL", "SUSE_SU-2019-14092-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1553-1.NASL", "SUSE_SU-2019-1608-1.NASL", "SUSE_SU-2019-1644-1.NASL", "SUSE_SU-2019-2020-1.NASL", "SUSE_SU-2019-2330-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2687-1.NASL", "SUSE_SU-2020-0737-1.NASL", "SUSE_SU-2021-14705-1.NASL", "SYMANTEC_CONTENT_ANALYSIS_SYMSA1419.NASL", "SYMANTEC_CONTENT_ANALYSIS_SYMSA1463.NASL", "SYMANTEC_PROXY_SG_SA1462.NASL", "TENABLE_NESSUS_AGENT_TNS_2019_03.NASL", "TOMCAT_7_0_91.NASL", "UBUNTU_USN-3027-1.NASL", "UBUNTU_USN-3274-1.NASL", "UBUNTU_USN-3282-1.NASL", "UBUNTU_USN-3282-2.NASL", "UBUNTU_USN-3425-1.NASL", "UBUNTU_USN-3458-1.NASL", "UBUNTU_USN-3516-1.NASL", "UBUNTU_USN-3519-1.NASL", "UBUNTU_USN-3521-1.NASL", "UBUNTU_USN-3522-1.NASL", "UBUNTU_USN-3522-2.NASL", "UBUNTU_USN-3522-3.NASL", "UBUNTU_USN-3522-4.NASL", "UBUNTU_USN-3523-1.NASL", "UBUNTU_USN-3523-2.NASL", "UBUNTU_USN-3524-1.NASL", "UBUNTU_USN-3530-1.NASL", "UBUNTU_USN-3540-1.NASL", "UBUNTU_USN-3540-2.NASL", "UBUNTU_USN-3541-1.NASL", "UBUNTU_USN-3541-2.NASL", "UBUNTU_USN-3542-1.NASL", "UBUNTU_USN-3549-1.NASL", "UBUNTU_USN-3583-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3628-1.NASL", "UBUNTU_USN-3631-1.NASL", "UBUNTU_USN-3631-2.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3661-1.NASL", "UBUNTU_USN-3665-1.NASL", "UBUNTU_USN-3689-1.NASL", "UBUNTU_USN-3698-1.NASL", "UBUNTU_USN-3783-1.NASL", "UBUNTU_USN-3787-1.NASL", "UBUNTU_USN-3899-1.NASL", "UBUNTU_USN-3937-1.NASL", "UBUNTU_USN-3957-1.NASL", "UBUNTU_USN-3957-2.NASL", "UBUNTU_USN-3957-3.NASL", "UBUNTU_USN-3975-1.NASL", "UBUNTU_USN-4070-3.NASL", "VIRTUALBOX_5_1_30.NASL", "VIRTUALBOX_5_2_10.NASL", "VIRTUALBOX_5_2_6.NASL", "VIRTUALBOX_APR_2019_CPU.NASL", "VIRTUOZZO_VZA-2018-002.NASL", "VIRTUOZZO_VZA-2018-003.NASL", "VIRTUOZZO_VZA-2018-006.NASL", "VIRTUOZZO_VZA-2018-029.NASL", "VIRTUOZZO_VZA-2018-063.NASL", "VMWARE_VCENTER_VMSA-2018-0007.NASL", "VMWARE_VCENTER_VMSA-2018-0021.NASL", "VMWARE_VMSA-2018-0002.NASL", "VMWARE_VSPHERE_DATA_PROTECTION_VMSA-2018-0021.NASL", "VMWARE_VSPHERE_VREALIZE_AUTOMATION_VMSA-2018-0021.NASL", "XEN_SERVER_XSA-254.NASL"]}, {"type": "nodejs", "idList": ["NODEJS:127"]}, {"type": "nvidia", "idList": ["NVIDIA:4610", "NVIDIA:4611", "NVIDIA:4613", "NVIDIA:4614", "NVIDIA:4616", "NVIDIA:4617"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2018-0733"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108252", "OPENVAS:1361412562310123433", "OPENVAS:1361412562310141568", "OPENVAS:1361412562310141569", "OPENVAS:1361412562310703980", "OPENVAS:1361412562310704004", "OPENVAS:1361412562310704078", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704120", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704190", "OPENVAS:1361412562310704215", "OPENVAS:1361412562310704230", "OPENVAS:1361412562310704231", "OPENVAS:1361412562310810966", "OPENVAS:1361412562310811305", "OPENVAS:1361412562310811306", "OPENVAS:1361412562310811440", "OPENVAS:1361412562310811441", "OPENVAS:1361412562310811719", "OPENVAS:1361412562310811720", "OPENVAS:1361412562310811854", "OPENVAS:1361412562310811980", "OPENVAS:1361412562310811981", "OPENVAS:1361412562310811982", "OPENVAS:1361412562310811989", "OPENVAS:1361412562310811990", "OPENVAS:1361412562310812035", "OPENVAS:1361412562310812045", "OPENVAS:1361412562310812284", "OPENVAS:1361412562310812289", "OPENVAS:1361412562310812290", "OPENVAS:1361412562310812291", "OPENVAS:1361412562310812292", "OPENVAS:1361412562310812293", "OPENVAS:1361412562310812294", "OPENVAS:1361412562310812295", "OPENVAS:1361412562310812296", "OPENVAS:1361412562310812384", "OPENVAS:1361412562310812386", "OPENVAS:1361412562310812397", "OPENVAS:1361412562310812398", "OPENVAS:1361412562310812629", "OPENVAS:1361412562310812641", "OPENVAS:1361412562310812642", "OPENVAS:1361412562310812643", "OPENVAS:1361412562310812662", "OPENVAS:1361412562310812740", "OPENVAS:1361412562310812784", "OPENVAS:1361412562310812785", "OPENVAS:1361412562310813153", "OPENVAS:1361412562310813154", "OPENVAS:1361412562310813302", "OPENVAS:1361412562310813303", "OPENVAS:1361412562310813304", "OPENVAS:1361412562310813438", "OPENVAS:1361412562310814054", "OPENVAS:1361412562310814056", "OPENVAS:1361412562310814057", "OPENVAS:1361412562310843313", "OPENVAS:1361412562310843405", "OPENVAS:1361412562310843407", "OPENVAS:1361412562310843409", "OPENVAS:1361412562310843410", "OPENVAS:1361412562310843411", "OPENVAS:1361412562310843412", "OPENVAS:1361412562310843413", "OPENVAS:1361412562310843414", "OPENVAS:1361412562310843415", "OPENVAS:1361412562310843418", "OPENVAS:1361412562310843419", "OPENVAS:1361412562310843423", "OPENVAS:1361412562310843424", "OPENVAS:1361412562310843427", "OPENVAS:1361412562310843428", "OPENVAS:1361412562310843429", "OPENVAS:1361412562310843436", "OPENVAS:1361412562310843461", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843506", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843511", "OPENVAS:1361412562310843565", "OPENVAS:1361412562310843572", "OPENVAS:1361412562310843652", "OPENVAS:1361412562310844137", "OPENVAS:1361412562310850772", "OPENVAS:1361412562310851677", "OPENVAS:1361412562310851678", "OPENVAS:1361412562310851693", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310851700", "OPENVAS:1361412562310851704", "OPENVAS:1361412562310851708", "OPENVAS:1361412562310851734", "OPENVAS:1361412562310851742", "OPENVAS:1361412562310851778", "OPENVAS:1361412562310851907", "OPENVAS:1361412562310851908", "OPENVAS:1361412562310851920", "OPENVAS:1361412562310852640", "OPENVAS:1361412562310852654", "OPENVAS:1361412562310853086", "OPENVAS:1361412562310853141", "OPENVAS:1361412562310871847", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310872149", "OPENVAS:1361412562310872150", "OPENVAS:1361412562310872157", "OPENVAS:1361412562310873202", "OPENVAS:1361412562310873247", "OPENVAS:1361412562310873261", "OPENVAS:1361412562310873446", "OPENVAS:1361412562310874007", "OPENVAS:1361412562310874035", "OPENVAS:1361412562310874089", "OPENVAS:1361412562310874090", "OPENVAS:1361412562310874108", "OPENVAS:1361412562310874109", "OPENVAS:1361412562310874313", "OPENVAS:1361412562310874318", "OPENVAS:1361412562310874329", "OPENVAS:1361412562310874333", "OPENVAS:1361412562310874349", "OPENVAS:1361412562310874356", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874436", "OPENVAS:1361412562310874599", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874618", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874668", "OPENVAS:1361412562310874669", "OPENVAS:1361412562310874692", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874699", "OPENVAS:1361412562310874701", "OPENVAS:1361412562310874704", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310876685", "OPENVAS:1361412562310876690", "OPENVAS:1361412562310876730", "OPENVAS:1361412562310876745", "OPENVAS:1361412562310876754", "OPENVAS:1361412562310882757", "OPENVAS:1361412562310882784", "OPENVAS:1361412562310882791", "OPENVAS:1361412562310882822", "OPENVAS:1361412562310882875", "OPENVAS:1361412562310882953", "OPENVAS:1361412562310883097", "OPENVAS:1361412562310890918", "OPENVAS:1361412562310890931", "OPENVAS:1361412562310890947", "OPENVAS:1361412562310890989", "OPENVAS:1361412562310890996", "OPENVAS:1361412562310891102", "OPENVAS:1361412562310891232", "OPENVAS:1361412562310891301", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891385", "OPENVAS:1361412562311220192030", "OPENVAS:702940", "OPENVAS:703738", "OPENVAS:703739", "OPENVAS:867674", "OPENVAS:881914"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-1809", "ELSA-2017-2423", "ELSA-2017-2882", "ELSA-2017-2972", "ELSA-2017-3080", "ELSA-2017-3081", "ELSA-2018-0007", "ELSA-2018-0008", "ELSA-2018-0151", "ELSA-2018-0169", "ELSA-2018-0292", "ELSA-2018-0592", "ELSA-2018-0998", "ELSA-2018-1319", "ELSA-2018-2748", "ELSA-2018-2768", "ELSA-2018-2846", "ELSA-2018-2898", "ELSA-2018-4004", "ELSA-2018-4006", "ELSA-2018-4011", "ELSA-2018-4012", "ELSA-2018-4017", "ELSA-2018-4021", "ELSA-2018-4025", "ELSA-2018-4071", "ELSA-2018-4077", "ELSA-2018-4088", "ELSA-2018-4089", "ELSA-2018-4228", "ELSA-2018-4229", "ELSA-2018-4242", "ELSA-2018-4245", "ELSA-2018-4246", "ELSA-2018-4248", "ELSA-2018-4249", "ELSA-2018-4250", "ELSA-2018-4253", "ELSA-2018-4254", "ELSA-2019-1146", "ELSA-2019-1518", "ELSA-2019-1529", "ELSA-2019-2125", "ELSA-2019-2205", "ELSA-2019-2237", "ELSA-2019-2304", "ELSA-2019-2327", "ELSA-2019-2471", "ELSA-2019-2511", "ELSA-2019-3700", "ELSA-2019-3701", "ELSA-2019-3702", "ELSA-2019-4754", "ELSA-2020-4751"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:140804", "PACKETSTORM:144557", "PACKETSTORM:144591", "PACKETSTORM:145645", "PACKETSTORM:147870"]}, {"type": "paloalto", "idList": ["PAN-SA-2017-0012", "PAN-SA-2018-0001", "PAN-SA-2018-0015"]}, {"type": "pentestit", "idList": ["PENTESTIT:C47AA6D1808026ACA45B1AD1CF25CA3B"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:1C6EAE3D0C10C1B56BD63325DEB012A1"]}, {"type": "photon", "idList": ["PHSA-2017-0001", "PHSA-2017-0017", "PHSA-2017-0043", "PHSA-2017-0077", "PHSA-2017-0083", "PHSA-2018-0010", "PHSA-2018-0010-A", "PHSA-2018-0011", "PHSA-2018-0015", "PHSA-2018-0020", "PHSA-2018-0031", "PHSA-2018-0058", "PHSA-2018-0066", "PHSA-2018-0070", "PHSA-2018-0078", "PHSA-2018-0084", "PHSA-2018-0088", "PHSA-2018-0091", "PHSA-2018-0097", "PHSA-2018-0098", "PHSA-2018-0107", "PHSA-2018-0111", "PHSA-2018-0113", "PHSA-2018-0122", "PHSA-2018-0149", "PHSA-2018-0156", "PHSA-2018-0159", "PHSA-2018-0175", "PHSA-2018-0180", "PHSA-2018-0182", "PHSA-2018-0199", "PHSA-2018-1.0-0097", "PHSA-2018-1.0-0097-A", "PHSA-2018-1.0-0098", "PHSA-2018-1.0-0111", "PHSA-2018-1.0-0122", "PHSA-2018-1.0-0149", "PHSA-2018-1.0-0156", "PHSA-2018-1.0-0159", "PHSA-2018-1.0-0175", "PHSA-2018-1.0-0180", "PHSA-2018-1.0-0182", "PHSA-2018-1.0-0199", "PHSA-2018-2.0-0020", "PHSA-2018-2.0-0066", "PHSA-2018-2.0-0070", "PHSA-2018-2.0-0078", "PHSA-2018-2.0-0085", "PHSA-2018-2.0-0088", "PHSA-2018-2.0-0091", "PHSA-2018-2.0-0116", "PHSA-2019-0002", "PHSA-2019-0003", "PHSA-2019-0013", "PHSA-2019-0014", "PHSA-2019-0015", "PHSA-2019-0020", "PHSA-2019-0122", "PHSA-2019-0128", "PHSA-2019-0131", "PHSA-2019-0137", "PHSA-2019-0139", "PHSA-2019-0152", "PHSA-2019-0157", "PHSA-2019-0159", "PHSA-2019-0160", "PHSA-2019-0171", "PHSA-2019-0172", "PHSA-2019-0203", "PHSA-2019-0205", "PHSA-2019-0209", "PHSA-2019-0214", "PHSA-2019-0216", "PHSA-2019-0230", "PHSA-2019-0232", "PHSA-2019-0234", "PHSA-2019-0236", "PHSA-2019-0239", "PHSA-2019-1.0-0203", "PHSA-2019-1.0-0205", "PHSA-2019-1.0-0209", "PHSA-2019-1.0-0212", "PHSA-2019-1.0-0214", "PHSA-2019-1.0-0216", "PHSA-2019-1.0-0230", "PHSA-2019-1.0-0234", "PHSA-2019-1.0-0236", "PHSA-2019-1.0-0239", "PHSA-2019-2.0-0131", "PHSA-2019-2.0-0137", "PHSA-2019-2.0-0139", "PHSA-2019-2.0-0152", "PHSA-2019-2.0-0157", "PHSA-2019-2.0-0159", "PHSA-2019-2.0-0160", "PHSA-2019-2.0-0164", "PHSA-2019-2.0-0171", "PHSA-2019-3.0-0002", "PHSA-2019-3.0-0003", "PHSA-2019-3.0-0013", "PHSA-2019-3.0-0014", "PHSA-2019-3.0-0015", "PHSA-2019-3.0-0020", "PHSA-2020-0084", "PHSA-2020-0210", "PHSA-2020-0235", "PHSA-2020-0290", "PHSA-2020-0298", "PHSA-2020-1.0-0290", "PHSA-2020-1.0-0298", "PHSA-2020-2.0-0210", "PHSA-2020-2.0-0235", "PHSA-2020-3.0-0084"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:02EAB5AF6104A4960F7E3B105CD50FA1", "QUALYSBLOG:3ACE52E54FF5FE3EF1B0FC328181FA66", "QUALYSBLOG:832B33D45F45271E91CA6542BC9CFD59", "QUALYSBLOG:C9F2432F760D960CF69CDC55D87263A8", "QUALYSBLOG:D893D4DFB7141FDAD0BE869440074392", "QUALYSBLOG:E761CF659F35F9F5C29FB50D76B98C3E", "QUALYSBLOG:F7C32BA5E6651A8CE3584BB84A88A0C0", "QUALYSBLOG:F8AA5B21D90BCDD30391A24D6FD47892"]}, {"type": "redhat", "idList": ["RHSA-2014:0590", "RHSA-2014:1291", "RHSA-2014:1369", "RHSA-2016:1328", "RHSA-2016:1330", "RHSA-2016:1332", "RHSA-2016:1334", "RHSA-2016:1345", "RHSA-2016:1346", "RHSA-2016:1347", "RHSA-2016:1374", "RHSA-2016:1389", "RHSA-2016:1432", "RHSA-2016:1433", "RHSA-2016:1434", "RHSA-2016:1435", "RHSA-2016:1439", "RHSA-2017:2423", "RHSA-2017:2810", "RHSA-2017:2882", "RHSA-2017:3018", "RHSA-2017:3400", "RHSA-2017:3475", "RHSA-2018:0627", "RHSA-2018:1170", "RHSA-2018:2393", "RHSA-2018:2712", "RHSA-2018:3221", "RHSA-2019:0450", "RHSA-2019:0775", "RHSA-2019:2402", "RHSA-2019:2413", "RHSA-2019:3149", "RHSA-2020:0174", "RHSA-2020:1267", "RHSA-2020:4751", "RHSA-2020:5663", "RHSA-2021:2543", "RHSA-2021:3140"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-25018"]}, {"type": "securelist", "idList": ["SECURELIST:7CF4DDEB1B5407DAA24EC25BAA7A9654"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30388", "SECURITYVULNS:VULN:13630", "SECURITYVULNS:VULN:13701", "SECURITYVULNS:VULN:14251"]}, {"type": "seebug", "idList": ["SSV:92962", "SSV:92965", "SSV:96537", "SSV:96562", "SSV:97059", "SSV:97076", "SSV:97149"]}, {"type": "slackware", "idList": ["SSA-2017-136-01", "SSA-2017-261-01", "SSA-2017-306-02", "SSA-2017-342-01", "SSA-2018-016-01", "SSA-2018-057-01", "SSA-2018-087-01", "SSA-2018-142-01", "SSA-2018-164-01"]}, {"type": "srcincite", "idList": ["SRC-2019-0033"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:2846-1", "OPENSUSE-SU-2017:2868-1", "OPENSUSE-SU-2017:2905-1", "OPENSUSE-SU-2018:0022-1", "OPENSUSE-SU-2018:0023-1", "OPENSUSE-SU-2018:0326-1", "OPENSUSE-SU-2018:0420-1", "OPENSUSE-SU-2018:0459-1", "OPENSUSE-SU-2018:0494-1", "OPENSUSE-SU-2018:1057-1", "OPENSUSE-SU-2018:1274-1", "OPENSUSE-SU-2018:1906-1", "OPENSUSE-SU-2018:2957-1", "OPENSUSE-SU-2018:3013-1", "OPENSUSE-SU-2018:3015-1", "OPENSUSE-SU-2018:3054-1", "OPENSUSE-SU-2018:3185-1", "OPENSUSE-SU-2019:1913-1", "OPENSUSE-SU-2019:1915-1", "OPENSUSE-SU-2020:0395-1", "OPENSUSE-SU-2020:0607-1", "SUSE-SU-2017:2847-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2018:0010-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0012-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0069-1", "SUSE-SU-2018:0113-1", "SUSE-SU-2018:0114-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0131-1", "SUSE-SU-2018:0171-1", "SUSE-SU-2018:0180-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0219-1", "SUSE-SU-2018:0414-1", "SUSE-SU-2018:0437-1", "SUSE-SU-2018:0438-1", "SUSE-SU-2018:0451-1", "SUSE-SU-2018:0472-1", "SUSE-SU-2018:0525-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0565-1", "SUSE-SU-2018:0678-1", "SUSE-SU-2018:0834-1", "SUSE-SU-2018:0841-1", "SUSE-SU-2018:0902-1", "SUSE-SU-2018:0905-1", "SUSE-SU-2018:0906-1", "SUSE-SU-2018:0909-1", "SUSE-SU-2018:0975-1", "SUSE-SU-2018:0988-1", "SUSE-SU-2018:0989-1", "SUSE-SU-2018:0990-1", "SUSE-SU-2018:0991-1", "SUSE-SU-2018:0992-1", "SUSE-SU-2018:0993-1", "SUSE-SU-2018:0994-1", "SUSE-SU-2018:0995-1", "SUSE-SU-2018:0996-1", "SUSE-SU-2018:0997-1", "SUSE-SU-2018:0998-1", "SUSE-SU-2018:0999-1", "SUSE-SU-2018:1000-1", "SUSE-SU-2018:1001-1", "SUSE-SU-2018:1002-1", "SUSE-SU-2018:1003-1", "SUSE-SU-2018:1004-1", "SUSE-SU-2018:1005-1", "SUSE-SU-2018:1006-1", "SUSE-SU-2018:1007-1", "SUSE-SU-2018:1008-1", "SUSE-SU-2018:1009-1", "SUSE-SU-2018:1010-1", "SUSE-SU-2018:1011-1", "SUSE-SU-2018:1012-1", "SUSE-SU-2018:1013-1", "SUSE-SU-2018:1014-1", "SUSE-SU-2018:1015-1", "SUSE-SU-2018:1016-1", "SUSE-SU-2018:1018-1", "SUSE-SU-2018:1019-1", "SUSE-SU-2018:1020-1", "SUSE-SU-2018:1021-1", "SUSE-SU-2018:1022-1", "SUSE-SU-2018:1023-1", "SUSE-SU-2018:1024-1", "SUSE-SU-2018:1025-1", "SUSE-SU-2018:1026-1", "SUSE-SU-2018:1027-1", "SUSE-SU-2018:1028-1", "SUSE-SU-2018:1029-1", "SUSE-SU-2018:1030-1", "SUSE-SU-2018:1031-1", "SUSE-SU-2018:1032-1", "SUSE-SU-2018:1033-1", "SUSE-SU-2018:1034-1", "SUSE-SU-2018:1035-1", "SUSE-SU-2018:1177-1", "SUSE-SU-2018:1181-1", "SUSE-SU-2018:1184-1", "SUSE-SU-2018:1202-1", "SUSE-SU-2018:1203-1", "SUSE-SU-2018:1216-1", "SUSE-SU-2018:1220-1", "SUSE-SU-2018:1221-1", "SUSE-SU-2018:1222-1", "SUSE-SU-2018:1224-1", "SUSE-SU-2018:1226-1", "SUSE-SU-2018:1227-1", "SUSE-SU-2018:1228-1", "SUSE-SU-2018:1229-1", "SUSE-SU-2018:1230-1", "SUSE-SU-2018:1231-1", "SUSE-SU-2018:1232-1", "SUSE-SU-2018:1233-1", "SUSE-SU-2018:1234-1", "SUSE-SU-2018:1235-1", "SUSE-SU-2018:1236-1", "SUSE-SU-2018:1237-1", "SUSE-SU-2018:1240-1", "SUSE-SU-2018:1241-1", "SUSE-SU-2018:1242-1", "SUSE-SU-2018:1243-1", "SUSE-SU-2018:1244-1", "SUSE-SU-2018:1245-1", "SUSE-SU-2018:1247-1", "SUSE-SU-2018:1248-1", "SUSE-SU-2018:1250-1", "SUSE-SU-2018:1251-1", "SUSE-SU-2018:1252-1", "SUSE-SU-2018:1253-1", "SUSE-SU-2018:1254-1", "SUSE-SU-2018:1255-1", "SUSE-SU-2018:1256-1", "SUSE-SU-2018:1257-1", "SUSE-SU-2018:1259-1", "SUSE-SU-2018:1260-1", "SUSE-SU-2018:1261-1", "SUSE-SU-2018:1262-1", "SUSE-SU-2018:1263-1", "SUSE-SU-2018:1264-1", "SUSE-SU-2018:1266-1", "SUSE-SU-2018:1267-1", "SUSE-SU-2018:1268-1", "SUSE-SU-2018:1269-1", "SUSE-SU-2018:1270-1", "SUSE-SU-2018:1272-1", "SUSE-SU-2018:1273-1"]}, {"type": "symantec", "idList": ["SMNTC-1395", "SMNTC-1419", "SMNTC-1423", "SMNTC-1426", "SMNTC-1428", "SMNTC-1443", "SMNTC-1457", "SMNTC-1462", "SMNTC-1463", "SMNTC-1490", "SMNTC-16056", "SMNTC-1756", "SMNTC-1765"]}, {"type": "talosblog", "idList": ["TALOSBLOG:6AF8BBB020A686E442B50095CA9B7A36"]}, {"type": "taosecurity", "idList": ["TAOSECURITY:37F5AF86E0886FC0FBDCCE15A1236586"]}, {"type": "tenable", "idList": ["TENABLE:FF52F52E6157E81F57A22D9356B954AC"]}, {"type": "thn", "idList": ["THN:58CFE19533148E77597FE0AC59963145", "THN:788E9312DDA39D9A09855DF379A0FD4D", "THN:96A25F981DD18505C101D0FC9DAA7B30", "THN:C4C9BC61AD42FB9F46B30ECA56F71393", "THN:F5E741B6FBD3119CFC1C7A961EA4C0F8"]}, {"type": "threatpost", "idList": ["THREATPOST:0F9EDE9A622A021B9B79C50214D7E8AD", "THREATPOST:31234A4925170238A90EE40343968C48", "THREATPOST:64E246274522028BEF14F81247C372F0", "THREATPOST:6C364316788D445329E5596C5108A157", "THREATPOST:7458AE86ECA810D873D5D35916A93D9F", "THREATPOST:961233DDAF80602C2DDEC2B819294F05", "THREATPOST:A45826A8CDA7058392C4901D6AAD15F1", "THREATPOST:CE89F855271AB3AE3CE8B5B0C141CDC2", "THREATPOST:DB0542CFA474B0D9C91032709EDE296D", "THREATPOST:E454192F36C2E44BAE14AB9B62BE28DB", "THREATPOST:E64CAEDE2A084CD5957FD00ADB336D68"]}, {"type": "tomcat", "idList": ["TOMCAT:654D0D4A297658A706D3D4BD62291072"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:6A0454A8A4891A1004496709868EC034", "TRENDMICROBLOG:A5BD476BF79F7E3854840596F916518C"]}, {"type": "ubuntu", "idList": ["USN-3274-1", "USN-3274-2", "USN-3282-1", "USN-3458-2", "USN-3485-1", "USN-3485-2", "USN-3487-1", "USN-3516-1", "USN-3519-1", "USN-3521-1", "USN-3522-1", "USN-3522-4", "USN-3523-2", "USN-3524-1", "USN-3524-2", "USN-3541-2", "USN-3542-1", "USN-3549-1", "USN-3597-1", "USN-3611-2", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3628-1", "USN-3628-2", "USN-3631-1", "USN-3631-2", "USN-3632-1", "USN-3661-1", "USN-3698-1", "USN-3698-2", "USN-3783-1", "USN-3787-1", "USN-4070-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-7926", "UB:CVE-2017-7525", "UB:CVE-2018-0495", "UB:CVE-2018-0732", "UB:CVE-2018-0733", "UB:CVE-2018-0734", "UB:CVE-2018-0735", "UB:CVE-2018-0737", "UB:CVE-2018-0739", "UB:CVE-2018-1000180", "UB:CVE-2018-1000613", "UB:CVE-2018-10901", "UB:CVE-2018-11039", "UB:CVE-2018-11040", "UB:CVE-2018-11218", "UB:CVE-2018-11219", "UB:CVE-2018-11236", "UB:CVE-2018-11237", "UB:CVE-2018-11307", "UB:CVE-2018-11761", "UB:CVE-2018-11763", "UB:CVE-2018-11775", "UB:CVE-2018-11784", "UB:CVE-2018-12022", "UB:CVE-2018-12023", "UB:CVE-2018-12384", "UB:CVE-2018-12404", "UB:CVE-2018-1257", "UB:CVE-2018-1258", "UB:CVE-2018-1304", "UB:CVE-2018-1305", "UB:CVE-2018-14718", "UB:CVE-2018-14719", "UB:CVE-2018-14720", "UB:CVE-2018-14721", "UB:CVE-2018-15756", "UB:CVE-2018-1656", "UB:CVE-2018-16864", "UB:CVE-2018-16865", "UB:CVE-2018-16890", "UB:CVE-2018-17189", "UB:CVE-2018-17199", "UB:CVE-2018-19360", "UB:CVE-2018-19361", "UB:CVE-2018-19362", "UB:CVE-2018-20685", "UB:CVE-2018-3123", "UB:CVE-2018-3620", "UB:CVE-2018-3646", "UB:CVE-2018-3693", "UB:CVE-2018-5407", "UB:CVE-2018-6485", "UB:CVE-2018-7489", "UB:CVE-2018-7566", "UB:CVE-2018-8013", "UB:CVE-2018-8034", "UB:CVE-2018-8088", "UB:CVE-2019-0190", "UB:CVE-2019-1559", "UB:CVE-2019-2566", "UB:CVE-2019-2574", "UB:CVE-2019-2580", "UB:CVE-2019-2581", "UB:CVE-2019-2584", "UB:CVE-2019-2585", "UB:CVE-2019-2587", "UB:CVE-2019-2589", "UB:CVE-2019-2592", "UB:CVE-2019-2593", "UB:CVE-2019-2596", "UB:CVE-2019-2602", "UB:CVE-2019-2606", "UB:CVE-2019-2607", "UB:CVE-2019-2614", "UB:CVE-2019-2617", "UB:CVE-2019-2620", "UB:CVE-2019-2623", "UB:CVE-2019-2624", "UB:CVE-2019-2625", "UB:CVE-2019-2626", "UB:CVE-2019-2627", "UB:CVE-2019-2628", "UB:CVE-2019-2630", "UB:CVE-2019-2631", "UB:CVE-2019-2632", "UB:CVE-2019-2634", "UB:CVE-2019-2635", "UB:CVE-2019-2636", "UB:CVE-2019-2644", "UB:CVE-2019-2656", "UB:CVE-2019-2657", "UB:CVE-2019-2678", "UB:CVE-2019-2679", "UB:CVE-2019-2680", "UB:CVE-2019-2681", "UB:CVE-2019-2683", "UB:CVE-2019-2684", "UB:CVE-2019-2685", "UB:CVE-2019-2686", "UB:CVE-2019-2687", "UB:CVE-2019-2688", "UB:CVE-2019-2689", "UB:CVE-2019-2690", "UB:CVE-2019-2691", "UB:CVE-2019-2693", "UB:CVE-2019-2694", "UB:CVE-2019-2695", "UB:CVE-2019-2696", "UB:CVE-2019-2697", "UB:CVE-2019-2698", "UB:CVE-2019-2699", "UB:CVE-2019-2703", "UB:CVE-2019-2721", "UB:CVE-2019-2722", "UB:CVE-2019-2723", "UB:CVE-2019-3822", "UB:CVE-2019-3823"]}, {"type": "virtuozzo", "idList": ["VZA-2017-106", "VZA-2017-107", "VZA-2018-001", "VZA-2018-002", "VZA-2018-003", "VZA-2018-006", "VZA-2018-028", "VZA-2018-029", "VZA-2018-054", "VZA-2018-055", "VZA-2018-063"]}, {"type": "vmware", "idList": ["VMSA-2018-0007.6"]}, {"type": "xen", "idList": ["XSA-254"]}, {"type": "zdi", "idList": ["ZDI-16-570", "ZDI-18-1369", "ZDI-19-376", "ZDI-19-378", "ZDI-19-379", "ZDI-19-380", "ZDI-19-382", "ZDI-19-383", "ZDI-19-384", "ZDI-19-385", "ZDI-19-386", "ZDI-19-388", "ZDI-19-392", "ZDI-19-393", "ZDI-19-395", "ZDI-19-396", "ZDI-19-398", "ZDI-19-424", "ZDI-19-425"]}, {"type": "zdt", "idList": ["1337DAY-ID-26827", "1337DAY-ID-28780", "1337DAY-ID-29366", "1337DAY-ID-30437"]}]}, "exploitation": null, "affected_software": {"major_version": []}, "epss": [{"cve": "CVE-2014-0107", "epss": "0.007710000", "percentile": "0.785080000", "modified": "2023-03-19"}, {"cve": "CVE-2014-0114", "epss": "0.973390000", "percentile": "0.997760000", "modified": "2023-03-19"}, {"cve": "CVE-2014-7923", "epss": "0.019700000", "percentile": "0.869390000", "modified": "2023-03-19"}, {"cve": "CVE-2014-7926", "epss": "0.010730000", "percentile": "0.820080000", "modified": "2023-03-19"}, {"cve": "CVE-2014-7940", "epss": "0.024940000", "percentile": "0.884160000", "modified": "2023-03-19"}, {"cve": "CVE-2014-8146", "epss": "0.010630000", "percentile": "0.819290000", "modified": "2023-03-19"}, {"cve": "CVE-2014-8147", "epss": "0.026480000", "percentile": "0.887130000", "modified": "2023-03-19"}, {"cve": "CVE-2014-9515", "epss": "0.090740000", "percentile": "0.936160000", "modified": "2023-03-20"}, {"cve": "CVE-2014-9654", "epss": "0.008460000", "percentile": "0.796110000", "modified": "2023-03-19"}, {"cve": "CVE-2014-9911", "epss": "0.023660000", "percentile": "0.881310000", "modified": "2023-03-19"}, {"cve": "CVE-2015-1832", "epss": "0.005310000", "percentile": "0.735270000", "modified": "2023-03-19"}, {"cve": "CVE-2015-3253", "epss": "0.014080000", "percentile": "0.844230000", "modified": "2023-03-19"}, {"cve": "CVE-2015-5922", "epss": "0.008880000", "percentile": "0.801340000", "modified": "2023-03-19"}, {"cve": "CVE-2015-9251", "epss": "0.003570000", "percentile": "0.677030000", "modified": "2023-03-19"}, {"cve": "CVE-2016-0635", "epss": "0.002860000", "percentile": "0.638560000", "modified": "2023-03-20"}, {"cve": "CVE-2016-1000031", "epss": "0.042270000", "percentile": "0.909200000", "modified": "2023-03-19"}, {"cve": "CVE-2016-1181", "epss": "0.022080000", "percentile": "0.876950000", "modified": "2023-03-19"}, {"cve": "CVE-2016-1182", "epss": "0.334130000", "percentile": "0.963580000", "modified": "2023-03-19"}, {"cve": "CVE-2016-2141", "epss": "0.024400000", "percentile": "0.882980000", "modified": "2023-03-20"}, {"cve": "CVE-2016-3092", "epss": "0.013670000", "percentile": "0.841810000", "modified": "2023-03-19"}, {"cve": "CVE-2016-4000", "epss": "0.018170000", "percentile": "0.863130000", "modified": "2023-03-20"}, {"cve": "CVE-2016-6293", "epss": "0.011580000", "percentile": "0.827020000", "modified": "2023-03-19"}, {"cve": "CVE-2016-7055", "epss": "0.010660000", "percentile": "0.819460000", "modified": "2023-03-19"}, {"cve": "CVE-2016-7103", "epss": "0.003400000", "percentile": "0.668590000", "modified": "2023-03-19"}, {"cve": "CVE-2016-7415", "epss": "0.016440000", "percentile": "0.855990000", "modified": "2023-03-19"}, {"cve": "CVE-2016-8735", "epss": "0.042630000", "percentile": "0.909530000", "modified": "2023-03-19"}, {"cve": "CVE-2017-0861", "epss": "0.000640000", "percentile": "0.261350000", "modified": "2023-03-19"}, {"cve": "CVE-2017-12617", "epss": "0.974940000", "percentile": "0.999490000", "modified": "2023-03-19"}, {"cve": "CVE-2017-14952", "epss": "0.025390000", "percentile": "0.885170000", "modified": "2023-03-19"}, {"cve": "CVE-2017-15265", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2017-17484", "epss": "0.032490000", "percentile": "0.897180000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3730", "epss": "0.956050000", "percentile": "0.989750000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3731", "epss": "0.042280000", "percentile": "0.909210000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3732", "epss": "0.008180000", "percentile": "0.792370000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3733", "epss": "0.045350000", "percentile": "0.912050000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3735", "epss": "0.031880000", "percentile": "0.896490000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3736", "epss": "0.002810000", "percentile": "0.635160000", "modified": "2023-03-19"}, {"cve": "CVE-2017-3738", "epss": "0.007640000", "percentile": "0.783850000", "modified": "2023-03-19"}, {"cve": "CVE-2017-5533", "epss": "0.008370000", "percentile": "0.794770000", "modified": "2023-03-20"}, {"cve": "CVE-2017-5645", "epss": "0.022500000", "percentile": "0.878130000", "modified": "2023-03-19"}, {"cve": "CVE-2017-5664", "epss": "0.009190000", "percentile": "0.804800000", "modified": "2023-03-19"}, {"cve": "CVE-2017-5753", "epss": "0.975760000", "percentile": "0.999970000", "modified": "2023-03-19"}, {"cve": "CVE-2017-5754", "epss": "0.975050000", "percentile": "0.999580000", "modified": "2023-03-19"}, {"cve": "CVE-2017-7525", "epss": "0.776660000", "percentile": "0.976600000", "modified": "2023-03-19"}, {"cve": "CVE-2017-7867", "epss": "0.012060000", "percentile": "0.830870000", "modified": "2023-03-19"}, {"cve": "CVE-2017-7868", "epss": "0.012060000", "percentile": "0.830870000", "modified": "2023-03-19"}, {"cve": "CVE-2017-8105", "epss": "0.009820000", "percentile": "0.811440000", "modified": "2023-03-19"}, {"cve": "CVE-2017-8287", "epss": "0.006670000", "percentile": "0.766070000", "modified": "2023-03-19"}, {"cve": "CVE-2017-9798", "epss": "0.974640000", "percentile": "0.999170000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0161", "epss": "0.003930000", "percentile": "0.692120000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0495", "epss": "0.000700000", "percentile": "0.285960000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0732", "epss": "0.108730000", "percentile": "0.941600000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0733", "epss": "0.010040000", "percentile": "0.813660000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0734", "epss": "0.004120000", "percentile": "0.699180000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0735", "epss": "0.006410000", "percentile": "0.760620000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0737", "epss": "0.005640000", "percentile": "0.743380000", "modified": "2023-03-19"}, {"cve": "CVE-2018-0739", "epss": "0.012640000", "percentile": "0.835180000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1000004", "epss": "0.008070000", "percentile": "0.790930000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1000180", "epss": "0.007600000", "percentile": "0.783240000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1000613", "epss": "0.006970000", "percentile": "0.771980000", "modified": "2023-03-19"}, {"cve": "CVE-2018-10901", "epss": "0.000450000", "percentile": "0.120110000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11039", "epss": "0.002020000", "percentile": "0.564020000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11040", "epss": "0.003590000", "percentile": "0.678100000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11218", "epss": "0.015820000", "percentile": "0.852980000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11219", "epss": "0.047320000", "percentile": "0.913720000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11236", "epss": "0.006690000", "percentile": "0.766470000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11237", "epss": "0.000530000", "percentile": "0.192280000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11307", "epss": "0.008350000", "percentile": "0.794550000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11761", "epss": "0.005690000", "percentile": "0.744750000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11763", "epss": "0.012000000", "percentile": "0.830260000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11775", "epss": "0.001700000", "percentile": "0.522080000", "modified": "2023-03-19"}, {"cve": "CVE-2018-11784", "epss": "0.974650000", "percentile": "0.999190000", "modified": "2023-03-19"}, {"cve": "CVE-2018-12022", "epss": "0.005370000", "percentile": "0.736650000", "modified": "2023-03-19"}, {"cve": "CVE-2018-12023", "epss": "0.006210000", "percentile": "0.756200000", "modified": "2023-03-19"}, {"cve": "CVE-2018-12384", "epss": "0.007780000", "percentile": "0.786290000", "modified": "2023-03-19"}, {"cve": "CVE-2018-12404", "epss": "0.151100000", "percentile": "0.949330000", "modified": "2023-03-19"}, {"cve": "CVE-2018-12539", "epss": "0.000450000", "percentile": "0.126040000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1257", "epss": "0.001990000", "percentile": "0.560430000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1258", "epss": "0.006450000", "percentile": "0.761360000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1304", "epss": "0.002960000", "percentile": "0.645440000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1305", "epss": "0.001010000", "percentile": "0.400250000", "modified": "2023-03-19"}, {"cve": "CVE-2018-14718", "epss": "0.021060000", "percentile": "0.873940000", "modified": "2023-03-19"}, {"cve": "CVE-2018-14719", "epss": "0.014930000", "percentile": "0.848270000", "modified": "2023-03-19"}, {"cve": "CVE-2018-14720", "epss": "0.006960000", "percentile": "0.771700000", "modified": "2023-03-19"}, {"cve": "CVE-2018-14721", "epss": "0.010770000", "percentile": "0.820410000", "modified": "2023-03-19"}, {"cve": "CVE-2018-15756", "epss": "0.002680000", "percentile": "0.626240000", "modified": "2023-03-19"}, {"cve": "CVE-2018-1656", "epss": "0.002430000", "percentile": "0.604850000", "modified": "2023-03-19"}, {"cve": "CVE-2018-16864", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}, {"cve": "CVE-2018-16865", "epss": "0.000440000", "percentile": "0.110550000", "modified": "2023-03-19"}, {"cve": "CVE-2018-16890", "epss": "0.036950000", "percentile": "0.903220000", "modified": "2023-03-20"}, {"cve": "CVE-2018-17189", "epss": "0.004100000", "percentile": "0.698460000", "modified": "2023-03-19"}, {"cve": "CVE-2018-17199", "epss": "0.001760000", "percentile": "0.530140000", "modified": "2023-03-19"}, {"cve": "CVE-2018-19360", "epss": "0.006910000", "percentile": "0.770800000", "modified": "2023-03-19"}, {"cve": "CVE-2018-19361", "epss": "0.006910000", "percentile": "0.770800000", "modified": "2023-03-19"}, {"cve": "CVE-2018-19362", "epss": "0.006910000", "percentile": "0.770800000", "modified": "2023-03-19"}, {"cve": "CVE-2018-20685", "epss": "0.004840000", "percentile": "0.722310000", "modified": "2023-03-19"}, {"cve": "CVE-2018-2880", "epss": "0.001940000", "percentile": "0.554530000", "modified": "2023-03-20"}, {"cve": "CVE-2018-3120", "epss": "0.001380000", "percentile": "0.476450000", "modified": "2023-03-20"}, {"cve": "CVE-2018-3123", "epss": "0.002050000", "percentile": "0.567200000", "modified": "2023-03-20"}, {"cve": "CVE-2018-3312", "epss": "0.000540000", "percentile": "0.195410000", "modified": "2023-03-20"}, {"cve": "CVE-2018-3314", "epss": "0.000640000", "percentile": "0.261370000", "modified": "2023-03-20"}, {"cve": "CVE-2018-3620", "epss": "0.000750000", "percentile": "0.304270000", "modified": "2023-03-19"}, {"cve": "CVE-2018-3646", "epss": "0.000440000", "percentile": "0.110550000", "modified": "2023-03-19"}, {"cve": "CVE-2018-3693", "epss": "0.000440000", "percentile": "0.083180000", "modified": "2023-03-19"}, {"cve": "CVE-2018-5407", "epss": "0.000420000", "percentile": "0.004970000", "modified": "2023-03-19"}, {"cve": "CVE-2018-6485", "epss": "0.006420000", "percentile": "0.760840000", "modified": "2023-03-19"}, {"cve": "CVE-2018-7489", "epss": "0.965000000", "percentile": "0.992780000", "modified": "2023-03-19"}, {"cve": "CVE-2018-7566", "epss": "0.000440000", "percentile": "0.082520000", "modified": "2023-03-19"}, {"cve": "CVE-2018-8013", "epss": "0.004060000", "percentile": "0.696900000", "modified": "2023-03-19"}, {"cve": "CVE-2018-8034", "epss": "0.008430000", "percentile": "0.795660000", "modified": "2023-03-19"}, {"cve": "CVE-2018-8088", "epss": "0.019410000", "percentile": "0.868380000", "modified": "2023-03-19"}, {"cve": "CVE-2019-0190", "epss": "0.012650000", "percentile": "0.835180000", "modified": "2023-03-20"}, {"cve": "CVE-2019-1559", "epss": "0.004410000", "percentile": "0.708400000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2424", "epss": "0.000830000", "percentile": "0.335000000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2516", "epss": "0.000450000", "percentile": "0.122420000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2517", "epss": "0.002790000", "percentile": "0.634050000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2518", "epss": "0.001380000", "percentile": "0.476450000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2551", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2557", "epss": "0.001620000", "percentile": "0.511260000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2558", "epss": "0.000830000", "percentile": "0.335000000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2564", "epss": "0.000540000", "percentile": "0.205770000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2565", "epss": "0.002760000", "percentile": "0.631430000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2566", "epss": "0.000820000", "percentile": "0.334230000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2567", "epss": "0.002760000", "percentile": "0.631430000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2568", "epss": "0.000690000", "percentile": "0.280170000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2570", "epss": "0.000680000", "percentile": "0.274910000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2571", "epss": "0.000970000", "percentile": "0.390740000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2572", "epss": "0.000890000", "percentile": "0.365870000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2573", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2574", "epss": "0.000440000", "percentile": "0.109590000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2575", "epss": "0.000890000", "percentile": "0.365870000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2576", "epss": "0.000830000", "percentile": "0.335000000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2577", "epss": "0.000910000", "percentile": "0.374440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2578", "epss": "0.007380000", "percentile": "0.779020000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2579", "epss": "0.004930000", "percentile": "0.724880000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2580", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2581", "epss": "0.001190000", "percentile": "0.443740000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2582", "epss": "0.000890000", "percentile": "0.365870000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2583", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2584", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2585", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2586", "epss": "0.000540000", "percentile": "0.205770000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2587", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2588", "epss": "0.083150000", "percentile": "0.933410000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2589", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2590", "epss": "0.001810000", "percentile": "0.536690000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2591", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2592", "epss": "0.001190000", "percentile": "0.443740000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2593", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2594", "epss": "0.000630000", "percentile": "0.246800000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2595", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2596", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2597", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2598", "epss": "0.000920000", "percentile": "0.376940000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2600", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2601", "epss": "0.000640000", "percentile": "0.258280000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2602", "epss": "0.003710000", "percentile": "0.683630000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2603", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2604", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2605", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2606", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2607", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2608", "epss": "0.000830000", "percentile": "0.335080000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2609", "epss": "0.000830000", "percentile": "0.335080000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2610", "epss": "0.000830000", "percentile": "0.335080000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2611", "epss": "0.000830000", "percentile": "0.335080000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2612", "epss": "0.000830000", "percentile": "0.335080000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2613", "epss": "0.000830000", "percentile": "0.335080000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2614", "epss": "0.000990000", "percentile": "0.394530000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2615", "epss": "0.249180000", "percentile": "0.959010000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2616", "epss": "0.934360000", "percentile": "0.985210000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2617", "epss": "0.001130000", "percentile": "0.431170000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2618", "epss": "0.249180000", "percentile": "0.959010000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2619", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2620", "epss": "0.001210000", "percentile": "0.447480000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2621", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2622", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2623", "epss": "0.002640000", "percentile": "0.623120000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2624", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2625", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2626", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2627", "epss": "0.001590000", "percentile": "0.506430000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2628", "epss": "0.001540000", "percentile": "0.498880000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2629", "epss": "0.000540000", "percentile": "0.205770000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2630", "epss": "0.001010000", "percentile": "0.400160000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2631", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2632", "epss": "0.002250000", "percentile": "0.590080000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2633", "epss": "0.018510000", "percentile": "0.864790000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2634", "epss": "0.000930000", "percentile": "0.381610000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2635", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2636", "epss": "0.001010000", "percentile": "0.400160000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2637", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2638", "epss": "0.018510000", "percentile": "0.864790000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2639", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2640", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2641", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2642", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2643", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2644", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2645", "epss": "0.033250000", "percentile": "0.898290000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2646", "epss": "0.033250000", "percentile": "0.898290000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2647", "epss": "0.018200000", "percentile": "0.863280000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2648", "epss": "0.003880000", "percentile": "0.690440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2649", "epss": "0.018200000", "percentile": "0.863280000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2650", "epss": "0.018200000", "percentile": "0.863280000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2651", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2652", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2653", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2654", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2655", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2656", "epss": "0.000450000", "percentile": "0.123730000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2657", "epss": "0.000640000", "percentile": "0.260650000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2658", "epss": "0.033250000", "percentile": "0.898290000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2659", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2660", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2661", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2662", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2663", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2664", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2665", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2669", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2670", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2671", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2673", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2674", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2675", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2676", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2677", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2678", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2679", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2680", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2681", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2682", "epss": "0.001810000", "percentile": "0.536610000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2683", "epss": "0.001160000", "percentile": "0.437200000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2684", "epss": "0.001230000", "percentile": "0.450530000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2685", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2686", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2687", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2688", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2689", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2690", "epss": "0.000450000", "percentile": "0.123710000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2691", "epss": "0.001090000", "percentile": "0.422930000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2692", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2693", "epss": "0.002850000", "percentile": "0.637830000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2694", "epss": "0.002850000", "percentile": "0.637830000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2695", "epss": "0.002850000", "percentile": "0.637830000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2696", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2697", "epss": "0.007540000", "percentile": "0.781870000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2698", "epss": "0.005890000", "percentile": "0.749160000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2699", "epss": "0.003450000", "percentile": "0.671070000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2700", "epss": "0.000540000", "percentile": "0.205770000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2701", "epss": "0.000540000", "percentile": "0.205770000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2702", "epss": "0.001940000", "percentile": "0.554530000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2703", "epss": "0.000450000", "percentile": "0.122500000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2704", "epss": "0.000890000", "percentile": "0.365870000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2705", "epss": "0.000930000", "percentile": "0.380440000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2706", "epss": "0.001790000", "percentile": "0.533580000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2707", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2708", "epss": "0.000910000", "percentile": "0.374470000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2709", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2712", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2713", "epss": "0.000890000", "percentile": "0.365870000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2719", "epss": "0.000830000", "percentile": "0.337440000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2720", "epss": "0.000540000", "percentile": "0.205770000", "modified": "2023-03-20"}, {"cve": "CVE-2019-2721", "epss": "0.000860000", "percentile": "0.347230000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2722", "epss": "0.000430000", "percentile": "0.077200000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2723", "epss": "0.000430000", "percentile": "0.077200000", "modified": "2023-03-19"}, {"cve": "CVE-2019-2726", "epss": "0.000590000", "percentile": "0.230310000", "modified": "2023-03-20"}, {"cve": "CVE-2019-3772", "epss": "0.004430000", "percentile": "0.708930000", "modified": "2023-03-20"}, {"cve": "CVE-2019-3822", "epss": "0.317420000", "percentile": "0.962830000", "modified": "2023-03-20"}, {"cve": "CVE-2019-3823", "epss": "0.003750000", "percentile": "0.684910000", "modified": "2023-03-20"}], "vulnersScore": 2.2}, "affectedSoftware": [], "_state": {"dependencies": 1660032824, "score": 1660033902, "affected_software_major_version": 1666695388, "epss": 1679323282}, "_internal": {"score_hash": "b469e8d15ee8048d9c1eb65154001b29"}}

{"nessus": [{"lastseen": "2023-01-11T15:18:38", "description": "An update of the mysql package has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-06-24T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Mysql PHSA-2019-3.0-0015", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2566", "CVE-2019-2580", "CVE-2019-2581", "CVE-2019-2584", "CVE-2019-2585", "CVE-2019-2587", "CVE-2019-2589", "CVE-2019-2592", "CVE-2019-2593", "CVE-2019-2596", "CVE-2019-2606", "CVE-2019-2607", "CVE-2019-2614", "CVE-2019-2617", "CVE-2019-2620", "CVE-2019-2623", "CVE-2019-2624", "CVE-2019-2625", "CVE-2019-2626", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2630", "CVE-2019-2631", "CVE-2019-2632", "CVE-2019-2634", "CVE-2019-2635", "CVE-2019-2636", "CVE-2019-2644", "CVE-2019-2681", "CVE-2019-2683", "CVE-2019-2685", "CVE-2019-2686", "CVE-2019-2687", "CVE-2019-2688", "CVE-2019-2689", "CVE-2019-2691", "CVE-2019-2693", "CVE-2019-2694", "CVE-2019-2695"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:mysql", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0015_MYSQL.NASL", "href": "https://www.tenable.com/plugins/nessus/126117", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0015. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126117);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2019-2566\",\n \"CVE-2019-2580\",\n \"CVE-2019-2581\",\n \"CVE-2019-2584\",\n \"CVE-2019-2585\",\n \"CVE-2019-2587\",\n \"CVE-2019-2589\",\n \"CVE-2019-2592\",\n \"CVE-2019-2593\",\n \"CVE-2019-2596\",\n \"CVE-2019-2606\",\n \"CVE-2019-2607\",\n \"CVE-2019-2614\",\n \"CVE-2019-2617\",\n \"CVE-2019-2620\",\n \"CVE-2019-2623\",\n \"CVE-2019-2624\",\n \"CVE-2019-2625\",\n \"CVE-2019-2626\",\n \"CVE-2019-2627\",\n \"CVE-2019-2628\",\n \"CVE-2019-2630\",\n \"CVE-2019-2631\",\n \"CVE-2019-2632\",\n \"CVE-2019-2634\",\n \"CVE-2019-2635\",\n \"CVE-2019-2636\",\n \"CVE-2019-2644\",\n \"CVE-2019-2681\",\n \"CVE-2019-2683\",\n \"CVE-2019-2685\",\n \"CVE-2019-2686\",\n \"CVE-2019-2687\",\n \"CVE-2019-2688\",\n \"CVE-2019-2689\",\n \"CVE-2019-2691\",\n \"CVE-2019-2693\",\n \"CVE-2019-2694\",\n \"CVE-2019-2695\"\n );\n script_bugtraq_id(\n 107913,\n 107924,\n 107927,\n 107928\n );\n\n script_name(english:\"Photon OS 3.0: Mysql PHSA-2019-3.0-0015\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the mysql package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0015.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2632\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"mysql-8.0.16-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"mysql-debuginfo-8.0.16-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"mysql-devel-8.0.16-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-01T15:14:02", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.16. It is, therefore, affected by multiple vulnerabilities, including four of the top vulnerabilities below, as noted in the April 2019 and July 2019 Critical Patch Update advisories:\n\n - An unspecified vulnerability in the 'Server: Packaging (cURL)' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server. (CVE-2019-3822)\n\n - An unspecified vulnerability in the 'Server: Pluggable Auth' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-2632)\n\n - Multiple denial of service vulnerabilities exist in the 'Server: Optimizer' subcomponent and could allow a low priviledged attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service. (CVE-2019-2693, CVE-2019-2694, CVE-2019-2695)\n\n - An unspecified vulnerability in the 'Server: Compiling (OpenSSL)' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-1559)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.16 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16890", "CVE-2019-1559", "CVE-2019-2566", "CVE-2019-2580", "CVE-2019-2581", "CVE-2019-2584", "CVE-2019-2585", "CVE-2019-2587", "CVE-2019-2589", "CVE-2019-2592", "CVE-2019-2593", "CVE-2019-2596", "CVE-2019-2606", "CVE-2019-2607", "CVE-2019-2614", "CVE-2019-2617", "CVE-2019-2620", "CVE-2019-2623", "CVE-2019-2624", "CVE-2019-2625", "CVE-2019-2626", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2630", "CVE-2019-2631", "CVE-2019-2632", "CVE-2019-2634", "CVE-2019-2635", "CVE-2019-2636", "CVE-2019-2644", "CVE-2019-2681", "CVE-2019-2683", "CVE-2019-2685", "CVE-2019-2686", "CVE-2019-2687", "CVE-2019-2688", "CVE-2019-2689", "CVE-2019-2691", "CVE-2019-2693", "CVE-2019-2694", "CVE-2019-2695", "CVE-2019-2755", "CVE-2019-2798", "CVE-2019-3822", "CVE-2019-3823"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_8_0_16.NASL", "href": "https://www.tenable.com/plugins/nessus/124160", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124160);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-1559\",\n \"CVE-2019-2566\",\n \"CVE-2019-2580\",\n \"CVE-2019-2581\",\n \"CVE-2019-2584\",\n \"CVE-2019-2585\",\n \"CVE-2019-2587\",\n \"CVE-2019-2589\",\n \"CVE-2019-2592\",\n \"CVE-2019-2593\",\n \"CVE-2019-2596\",\n \"CVE-2019-2606\",\n \"CVE-2019-2607\",\n \"CVE-2019-2614\",\n \"CVE-2019-2617\",\n \"CVE-2019-2620\",\n \"CVE-2019-2623\",\n \"CVE-2019-2624\",\n \"CVE-2019-2625\",\n \"CVE-2019-2626\",\n \"CVE-2019-2627\",\n \"CVE-2019-2628\",\n \"CVE-2019-2630\",\n \"CVE-2019-2631\",\n \"CVE-2019-2632\",\n \"CVE-2019-2634\",\n \"CVE-2019-2635\",\n \"CVE-2019-2636\",\n \"CVE-2019-2644\",\n \"CVE-2019-2681\",\n \"CVE-2019-2683\",\n \"CVE-2019-2685\",\n \"CVE-2019-2686\",\n \"CVE-2019-2687\",\n \"CVE-2019-2688\",\n \"CVE-2019-2689\",\n \"CVE-2019-2691\",\n \"CVE-2019-2693\",\n \"CVE-2019-2694\",\n \"CVE-2019-2695\",\n \"CVE-2019-2755\",\n \"CVE-2019-2798\",\n \"CVE-2019-3822\",\n \"CVE-2018-16890\",\n \"CVE-2019-3823\"\n );\n script_bugtraq_id(\n 106950,\n 107174,\n 107913,\n 107924,\n 107927,\n 107928,\n 109259,\n 109260\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0122-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0227\");\n\n script_name(english:\"MySQL 8.0.x < 8.0.16 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 8.0.x prior to\n8.0.16. It is, therefore, affected by multiple vulnerabilities,\nincluding four of the top vulnerabilities below, as noted in the\nApril 2019 and July 2019 Critical Patch Update advisories:\n\n - An unspecified vulnerability in the 'Server: Packaging\n (cURL)' subcomponent could allow an unauthenticated\n attacker to gain complete control of an affected instance\n of MySQL Server. (CVE-2019-3822)\n\n - An unspecified vulnerability in the 'Server: Pluggable\n Auth' subcomponent could allow an unauthenticated\n attacker to gain complete access to all MySQL Server\n accessible data. (CVE-2019-2632)\n\n - Multiple denial of service vulnerabilities exist in the\n 'Server: Optimizer' subcomponent and could allow a low\n priviledged attacker to cause the server to hang or to,\n via a frequently repeatable crash, cause a complete\n denial of service. (CVE-2019-2693, CVE-2019-2694,\n CVE-2019-2695)\n\n - An unspecified vulnerability in the\n 'Server: Compiling (OpenSSL)' subcomponent could allow\n an unauthenticated attacker to gain complete access to\n all MySQL Server accessible data. (CVE-2019-1559)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-16.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6252734\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 8.0.16 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3822\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"mysql_version_local.nasl\", \"mysql_win_installed.nbin\", \"macosx_mysql_installed.nbin\");\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '8.0.0', 'fixed_version' : '8.0.16'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T23:19:45", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.16. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the April 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in the 'Server: Pluggable Auth' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-2632)\n\n - Multiple denial of service vulnerabilities exist in the 'Server: Optimizer' subcomponent and could allow a low priviledged attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service. (CVE-2019-2693, CVE-2019-2694, CVE-2019-2695)\n\n - An unspecified vulnerability in the 'Server: Compiling (OpenSSL)' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-1559)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.16 Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-2566", "CVE-2019-2580", "CVE-2019-2581", "CVE-2019-2584", "CVE-2019-2585", "CVE-2019-2587", "CVE-2019-2589", "CVE-2019-2592", "CVE-2019-2593", "CVE-2019-2596", "CVE-2019-2606", "CVE-2019-2607", "CVE-2019-2614", "CVE-2019-2617", "CVE-2019-2620", "CVE-2019-2623", "CVE-2019-2624", "CVE-2019-2625", "CVE-2019-2626", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2630", "CVE-2019-2631", "CVE-2019-2632", "CVE-2019-2634", "CVE-2019-2635", "CVE-2019-2636", "CVE-2019-2644", "CVE-2019-2681", "CVE-2019-2683", "CVE-2019-2685", "CVE-2019-2686", "CVE-2019-2687", "CVE-2019-2688", "CVE-2019-2689", "CVE-2019-2691", "CVE-2019-2693", "CVE-2019-2694", "CVE-2019-2695"], "modified": "2019-04-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700634.PRM", "href": "https://www.tenable.com/plugins/nnm/700634", "sourceData": "Binary data 700634.prm", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:53:19", "description": "The version of Oracle E-Business installed on the remote host is missing the April 2019 Oracle Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities as noted in the April 2019 Critical Patch Update advisory :\n\n - An unspecified flaw exists in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite which allows a remote unauthenticated attacker to compromise Oracle Advanced Outbound Telephony. (CVE-2019-2663)\n\n - An unspecified vulnerability in the Oracle Common Applications component of Oracle E-Business Suite which allows a remote unauthenticated attacker to compromise the application. (CVE-2019-2665)\n\n - An unspecified flaw exists in the Oracle Applications Framework component of Oracle E-Business Suite which allows a remote attacker with HTTP access to compromise the application. (CVE-2019-2682) In addition, Oracle E-Business is also affected by multiple additional vulnerabilities. Please consult the CVRF details for the applicable CVEs for additional information.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-04-17T00:00:00", "type": "nessus", "title": "Oracle E-Business Suite Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-2551", "CVE-2019-2583", "CVE-2019-2600", "CVE-2019-2603", "CVE-2019-2604", "CVE-2019-2621", "CVE-2019-2622", "CVE-2019-2633", "CVE-2019-2638", "CVE-2019-2639", "CVE-2019-2640", "CVE-2019-2641", "CVE-2019-2642", "CVE-2019-2643", "CVE-2019-2651", "CVE-2019-2652", "CVE-2019-2653", "CVE-2019-2654", "CVE-2019-2655", "CVE-2019-2660", "CVE-2019-2661", "CVE-2019-2662", "CVE-2019-2663", "CVE-2019-2664", "CVE-2019-2665", "CVE-2019-2669", "CVE-2019-2670", "CVE-2019-2671", "CVE-2019-2673", "CVE-2019-2674", "CVE-2019-2675", "CVE-2019-2676", "CVE-2019-2677", "CVE-2019-2682"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:e-business_suite"], "id": "ORACLE_E-BUSINESS_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124118", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124118);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2019-2551\",\n \"CVE-2019-2583\",\n \"CVE-2019-2600\",\n \"CVE-2019-2603\",\n \"CVE-2019-2604\",\n \"CVE-2019-2621\",\n \"CVE-2019-2622\",\n \"CVE-2019-2633\",\n \"CVE-2019-2638\",\n \"CVE-2019-2639\",\n \"CVE-2019-2640\",\n \"CVE-2019-2641\",\n \"CVE-2019-2642\",\n \"CVE-2019-2643\",\n \"CVE-2019-2651\",\n \"CVE-2019-2652\",\n \"CVE-2019-2653\",\n \"CVE-2019-2654\",\n \"CVE-2019-2655\",\n \"CVE-2019-2660\",\n \"CVE-2019-2661\",\n \"CVE-2019-2662\",\n \"CVE-2019-2663\",\n \"CVE-2019-2664\",\n \"CVE-2019-2665\",\n \"CVE-2019-2669\",\n \"CVE-2019-2670\",\n \"CVE-2019-2671\",\n \"CVE-2019-2673\",\n \"CVE-2019-2674\",\n \"CVE-2019-2675\",\n \"CVE-2019-2676\",\n \"CVE-2019-2677\",\n \"CVE-2019-2682\"\n );\n script_bugtraq_id(\n 105758,\n 107932,\n 107938,\n 107942,\n 107957\n );\n\n script_name(english:\"Oracle E-Business Suite Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle E-Business installed on the remote host is\nmissing the April 2019 Oracle Critical Patch Update (CPU). It is,\ntherefore, affected by multiple vulnerabilities as noted in the\nApril 2019 Critical Patch Update advisory :\n\n - An unspecified flaw exists in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite which \n allows a remote unauthenticated attacker to compromise Oracle Advanced Outbound Telephony. (CVE-2019-2663)\n\n - An unspecified vulnerability in the Oracle Common Applications component of Oracle E-Business Suite which allows a \n remote unauthenticated attacker to compromise the application. (CVE-2019-2665)\n\n - An unspecified flaw exists in the Oracle Applications Framework component of Oracle E-Business Suite which allows a \n remote attacker with HTTP access to compromise the application. (CVE-2019-2682)\n \nIn addition, Oracle E-Business is also affected by multiple additional\nvulnerabilities. Please consult the CVRF details for the applicable\nCVEs for additional information.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2638\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:e-business_suite\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_e-business_query_patch_info.nbin\");\n script_require_keys(\"Oracle/E-Business/Version\", \"Oracle/E-Business/patches/installed\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\n\nversion = get_kb_item_or_exit('Oracle/E-Business/Version');\npatches = get_kb_item_or_exit('Oracle/E-Business/patches/installed');\n\n# Batch checks\nif (patches) patches = split(patches, sep:',', keep:FALSE);\nelse patches = make_list();\n\np12_1 = '29224722';\np12_2 = '29224724';\n\n# Check if the installed version is an affected version\naffected_versions = make_array(\n '12.1.1', make_list(p12_1),\n '12.1.2', make_list(p12_1),\n '12.1.3', make_list(p12_1),\n\n '12.2.3', make_list(p12_2),\n '12.2.4', make_list(p12_2),\n '12.2.5', make_list(p12_2),\n '12.2.6', make_list(p12_2),\n '12.2.7', make_list(p12_2),\n '12.2.8', make_list(p12_2)\n);\n\npatched = FALSE;\naffectedver = FALSE;\n\nif (affected_versions[version])\n{\n affectedver = TRUE;\n patchids = affected_versions[version];\n foreach required_patch (patchids)\n {\n foreach applied_patch (patches)\n {\n if(required_patch == applied_patch)\n {\n patched = applied_patch;\n break;\n }\n }\n if(patched) break;\n }\n if(!patched) patchreport = join(patchids, sep:' or ');\n}\n\nif (!patched && affectedver)\n {\n report =\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + version + ' Patch ' + patchreport +\n '\\n';\n security_report_v4(port:0,extra:report,severity:SECURITY_WARNING);\n }\nelse if (!affectedver) audit(AUDIT_INST_VER_NOT_VULN, 'Oracle E-Business', version);\nelse exit(0, 'The Oracle E-Business server ' + version + ' is not affected because patch ' + patched + ' has been applied.');\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-01T15:14:41", "description": "The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities:\n\n - An unspecified vulnerability in the Spring Framework allows a low privileged, remote attacker with network access via HTTP to compromise and takeover the Oracle Communications Unified Inventory Management. (CVE-2018-1258) \n - An unspecified vulnerability in the WLS Core Component allows an authenticated low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server, resulting in unauthorized update, insert or delete access to Oracle WebLogic Server accessible data. (CVE-2019-2568)\n\n - An unspecified vulnerability in the WLS Core Component which allows an authenticated, high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server, resulting in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2019-2615)\n\n - An unspecified vulnerability in the WLS Core Component which allows an authenticated, high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server, resulting in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. (CVE-2019-2618)\n\n - An unspecified vulnerability in the WLS Core Components allows an unauthenticated, remote attacker with network access via T3 to compromise and takeover the Oracle WebLogic Server. (CVE-2019-2645)\n\n - An unspecified vulnerability in the EJB Container allows an unauthenticated, remote attacker with network access via T3 to compromise and takeover the Oracle WebLogic Server. (CVE-2019-2646)\n\n - An unspecified vulnerability in the WLS - Web Services which allows an authenticated, high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server, resulting in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2019-2647) (CVE-2019-2648) (CVE-2019-2649) (CVE-2019-2650)\n\n - An unspecified vulnerability in the WLS Core Component allows an authenticated low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server, resulting in unauthorized update, insert or delete access to Oracle WebLogic Server accessible data. (CVE-2019-2658)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "Oracle WebLogic Server Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1258", "CVE-2019-2568", "CVE-2019-2615", "CVE-2019-2618", "CVE-2019-2645", "CVE-2019-2646", "CVE-2019-2647", "CVE-2019-2648", "CVE-2019-2649", "CVE-2019-2650", "CVE-2019-2658"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:weblogic_server"], "id": "ORACLE_WEBLOGIC_SERVER_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124122);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-1258\",\n \"CVE-2019-2568\",\n \"CVE-2019-2615\",\n \"CVE-2019-2618\",\n \"CVE-2019-2645\",\n \"CVE-2019-2646\",\n \"CVE-2019-2647\",\n \"CVE-2019-2648\",\n \"CVE-2019-2649\",\n \"CVE-2019-2650\",\n \"CVE-2019-2658\"\n );\n script_bugtraq_id(\n 104222,\n 107914,\n 107916,\n 107920,\n 107939,\n 107944\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0128\");\n\n script_name(english:\"Oracle WebLogic Server Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application server installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle WebLogic Server installed on the remote host is\naffected by multiple vulnerabilities:\n\n - An unspecified vulnerability in the Spring Framework allows\n a low privileged, remote attacker with network access via HTTP to\n compromise and takeover the Oracle Communications Unified \n Inventory Management. (CVE-2018-1258)\n \n - An unspecified vulnerability in the WLS Core Component allows an \n authenticated low privileged attacker with network \n access via HTTP to compromise Oracle WebLogic Server, resulting \n in unauthorized update, insert or delete access to Oracle \n WebLogic Server accessible data. (CVE-2019-2568)\n\n - An unspecified vulnerability in the WLS Core Component which \n allows an authenticated, high privileged attacker with network \n access via HTTP to compromise Oracle WebLogic Server, resulting\n in unauthorized access to critical data or complete access to all\n Oracle WebLogic Server accessible data. (CVE-2019-2615)\n\n - An unspecified vulnerability in the WLS Core Component which \n allows an authenticated, high privileged attacker with network \n access via HTTP to compromise Oracle WebLogic Server, resulting\n in unauthorized access to critical data or complete access to all\n Oracle WebLogic Server accessible data as well as unauthorized \n update, insert or delete access to some of Oracle WebLogic Server \n accessible data. (CVE-2019-2618)\n\n - An unspecified vulnerability in the WLS Core Components allows\n an unauthenticated, remote attacker with network access via T3 to\n compromise and takeover the Oracle WebLogic Server. \n (CVE-2019-2645)\n\n - An unspecified vulnerability in the EJB Container allows\n an unauthenticated, remote attacker with network access via T3 to\n compromise and takeover the Oracle WebLogic Server. \n (CVE-2019-2646)\n\n - An unspecified vulnerability in the WLS - Web Services which \n allows an authenticated, high privileged attacker with network \n access via HTTP to compromise Oracle WebLogic Server, resulting\n in unauthorized access to critical data or complete access to all\n Oracle WebLogic Server accessible data. (CVE-2019-2647)\n (CVE-2019-2648) (CVE-2019-2649) (CVE-2019-2650)\n\n - An unspecified vulnerability in the WLS Core Component allows an \n authenticated low privileged attacker with network \n access via HTTP to compromise Oracle WebLogic Server, resulting \n in unauthorized update, insert or delete access to Oracle \n WebLogic Server accessible data. (CVE-2019-2658)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06438612\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019 Oracle\nCritical Patch Update advisory.\n\nRefer to Oracle for any additional patch instructions or\nmitigation options.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2658\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:weblogic_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_weblogic_server_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Oracle WebLogic Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"obj.inc\");\ninclude(\"spad_log_func.inc\");\n\napp_name = \"Oracle WebLogic Server\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nohome = install[\"Oracle Home\"];\nsubdir = install[\"path\"];\nversion = install[\"version\"];\n\nfix = NULL;\nfix_ver = NULL;\n\nspad_log(message:\"checking version [\" + version + \"]\");\n# individual security patches\nif (version =~ \"^12\\.2\\.1\\.3($|[^0-9])\")\n{\n fix_ver = \"12.2.1.3.190416\";\n fix = make_list(\"29016089\");\n}\nelse if (version =~ \"^12\\.1\\.3\\.\")\n{\n fix_ver = \"12.1.3.0.190416\";\n fix = make_list(\"29204657\");\n}\nelse if (version =~ \"^10\\.3\\.6\\.\")\n{\n fix_ver = \"10.3.6.0.190416\";\n fix = make_list(\"U5I2\"); # patchid is obtained from the readme and 10.3.6.x assets are different\n}\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n\nspad_log(message:\"checking fix [\" + obj_rep(fix) + \"]\");\nPATCHED=FALSE;\n\n# Iterate over the list of patches and check the install for the patchID\nforeach id (fix)\n{\n spad_log(message:\"Checking fix id: [\" + id +\"]\");\n if (install[id])\n {\n PATCHED=TRUE;\n break;\n }\n}\n\nVULN=FALSE;\nif (ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1)\n VULN=TRUE;\n\nif (PATCHED || !VULN)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n\nos = get_kb_item_or_exit(\"Host/OS\");\nif ('windows' >< tolower(os))\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n}\nelse port = 0;\n\nreport =\n '\\n Oracle Home : ' + ohome +\n '\\n Install path : ' + subdir +\n '\\n Version : ' + version +\n '\\n Fixes : ' + join(sep:\", \", fix);\n\nsecurity_report_v4(extra:report, severity:SECURITY_HOLE, port:port);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:53", "description": "Several deserialization flaws were discovered in jackson-databind, a fast and powerful JSON library for Java, which could allow an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-03-05T00:00:00", "type": "nessus", "title": "Debian DLA-1703-1 : jackson-databind security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson2-databind-java", "p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1703.NASL", "href": "https://www.tenable.com/plugins/nessus/122603", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1703-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122603);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n\n script_name(english:\"Debian DLA-1703-1 : jackson-databind security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several deserialization flaws were discovered in jackson-databind, a\nfast and powerful JSON library for Java, which could allow an\nunauthenticated user to perform code execution. The issue was resolved\nby extending the blacklist and blocking more classes from polymorphic\ndeserialization.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T14:36:36", "description": "According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) installation running on the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to 15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x prior to 18.8.8.0. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service vulnerability in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack. An attacker could leverage this vulnerability to recover the private key.\n (CVE-2018-0734)\n\n - A deserialization vulnerability in jackson-databind, a fast and powerful JSON library for Java, allows an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-19T00:00:00", "type": "nessus", "title": "Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1000031", "CVE-2017-9798", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-5407", "CVE-2018-8034", "CVE-2019-2701"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management"], "id": "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124169", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124169);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2016-1000031\",\n \"CVE-2017-9798\",\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-5407\",\n \"CVE-2018-8034\",\n \"CVE-2018-11763\",\n \"CVE-2018-11784\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\",\n \"CVE-2019-2701\"\n );\n script_bugtraq_id(\n 93604,\n 100872,\n 104895,\n 105414,\n 105524,\n 105750,\n 105758,\n 105897\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nP6 Enterprise Project Portfolio Management (EPPM) installation running\non the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to\n15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x\nprior to 18.8.8.0. It is, therefore, affected by multiple\nvulnerabilities:\n\n - A deserialization vulnerability in Apache Commons\n FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service vulnerability in the bundled\n third-party component OpenSSL library's DSA signature\n algorithm that renders it vulnerable to a timing side\n channel attack. An attacker could leverage this\n vulnerability to recover the private key.\n (CVE-2018-0734)\n\n - A deserialization vulnerability in jackson-databind, a\n fast and powerful JSON library for Java, allows an\n unauthenticated user to perform code execution. The\n issue was resolved by extending the blacklist and\n blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera P6 Enterprise Project Portfolio Management\n(EPPM) version 8.4.15.10 / 15.2.18.4 / 16.2.17.2 / 17.12.12.0 / 18.8.8.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1000031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_p6_eppm.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8004);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8004);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM)\", port:port);\n\nconstraints = [\n { \"min_version\" : \"8.4.0.0\", \"fixed_version\" : \"8.4.15.10\" },\n { \"min_version\" : \"15.1.0.0\", \"fixed_version\" : \"15.2.18.4\" },\n { \"min_version\" : \"16.2.0.0\", \"fixed_version\" : \"16.2.17.2\" },\n { \"min_version\" : \"17.7.0.0\", \"fixed_version\" : \"17.12.12.0\" },\n { \"min_version\" : \"18.0.0.0\", \"fixed_version\" : \"18.8.8.0\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-23T02:29:32", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:\n\n - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack.\n An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734)\n\n - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect.\n This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.\n (CVE-2018-11763).\n\n - Networking component of Enterprise Manager Base Platform (Spring Framework) is easily exploited and may allow an unauthenticated, remote attacker to takeover the Enterprise Manager Base Platform. (CVE-2018-1258)", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Ops Center (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1000031", "CVE-2018-0161", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407", "CVE-2018-11763", "CVE-2017-9798", "CVE-2018-1258", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-1257", "CVE-2018-15756"], "modified": "2019-05-17T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager_ops_center"], "id": "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/125147", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125147);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/05/17 9:44:17\");\n\n script_cve_id(\n \"CVE-2016-1000031\",\n \"CVE-2018-0161\",\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-5407\",\n \"CVE-2018-11763\",\n \"CVE-2017-9798\",\n \"CVE-2018-1258\",\n \"CVE-2018-11039\",\n \"CVE-2018-11040\",\n \"CVE-2018-1257\",\n \"CVE-2018-15756\"\n );\n\n script_bugtraq_id(\n 93604,\n 100872,\n 103573,\n 104222,\n 104260,\n 105414,\n 105703,\n 105750,\n 105758,\n 105897,\n 107984,\n 107986\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0130\");\n\n script_name(english:\"Oracle Enterprise Manager Ops Center (Apr 2019 CPU)\");\n script_summary(english:\"Checks for the patch ID.\");\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in\nEnterprise Manager Base Platform component:\n\n - A deserialization vulnerability in Apache Commons\n FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - An information disclosure vulnerability exists in OpenSSL\n due to the potential for a side-channel timing attack.\n An unauthenticated attacker can exploit this to disclose\n potentially sensitive information. (CVE-2018-0734)\n\n - A denial of service (DoS) vulnerability exists in Apache\n HTTP Server 2.4.17 to 2.4.34, due to a design error. An\n unauthenticated, remote attacker can exploit this issue\n by sending continuous, large SETTINGS frames to cause a\n client to occupy a connection, server thread and CPU\n time without any connection timeout coming to effect.\n This affects only HTTP/2 connections. A possible\n mitigation is to not enable the h2 protocol.\n (CVE-2018-11763).\n\n - Networking component of Enterprise Manager Base Platform\n (Spring Framework) is easily exploited and may allow an\n unauthenticated, remote attacker to takeover the\n Enterprise Manager Base Platform. (CVE-2018-1258)\n\n\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019\nOracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1000031\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager_ops_center\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_ops_center_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Ops Center\");\n\n exit(0);\n}\n\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('install_func.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\napp_name = 'Oracle Enterprise Manager Ops Center';\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nversion_full = install['Full Patch Version'];\npath = install['path'];\npatch_version = install['Patch Version'];\n\n\npatchid = NULL;\nfix = NULL;\n\nif (version_full =~ \"^12\\.3\\.3\\.\")\n{\n patchid = '29623885';\n fix = '1819';\n} \n\nif (isnull(patchid))\n audit(AUDIT_HOST_NOT, 'affected');\n\nif (ver_compare(ver:patch_version, fix:fix, strict:FALSE) != -1)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_full, path);\n\nreport = \n '\\n Path : ' + path + \n '\\n Version : ' + version + \n '\\n Ops Agent Version : ' + version_full + \n '\\n Current Patch : ' + patch_version + \n '\\n Fixed Patch Version : ' + fix +\n '\\n Fix : ' + patchid;\n\nsecurity_report_v4(extra:report, severity:SECURITY_HOLE, port:0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-01T15:14:57", "description": "The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.28 or 6.0.x prior to 6.0.6. It is, therefore, affected by multiple vulnerabilities as noted in the April 2019 Critical Patch Update advisory :\n\n - Multiple unspecified vulnerabilities in the Core component of Oracle VirtualBox could allow an authenticated, local attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. (CVE-2019-2656, CVE-2019-2657,CVE-2019-2680,CVE-2019-2690, CVE-2019-2696,CVE-2019-2703,CVE-2019-2721,CVE-2019-2722, CVE-2019-2723)\n\n - Multiple unspecified vulnerabilities in the Core component of Oracle VirtualBox could allow an authenticated, local attacker with logon to the infrastructure where Oracle VM VirtualBox executes to potentially expose critical or confidential data.\n (CVE-2019-2574, CVE-2019-2678, CVE-2019-2679)", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "Oracle VM VirtualBox 5.2.x < 5.2.28 / 6.0.x < 6.0.6 (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2574", "CVE-2019-2656", "CVE-2019-2657", "CVE-2019-2678", "CVE-2019-2679", "CVE-2019-2680", "CVE-2019-2690", "CVE-2019-2696", "CVE-2019-2703", "CVE-2019-2721", "CVE-2019-2722", "CVE-2019-2723"], "modified": "2019-10-30T00:00:00", "cpe": ["cpe:/a:oracle:vm_virtualbox"], "id": "VIRTUALBOX_APR_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/124167", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124167);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/30 13:24:47\");\n\n script_cve_id(\n \"CVE-2019-2656\",\n \"CVE-2019-2680\",\n \"CVE-2019-2696\",\n \"CVE-2019-2703\",\n \"CVE-2019-2721\",\n \"CVE-2019-2722\",\n \"CVE-2019-2723\",\n \"CVE-2019-2657\",\n \"CVE-2019-2690\",\n \"CVE-2019-2679\",\n \"CVE-2019-2678\",\n \"CVE-2019-2574\"\n );\n script_bugtraq_id(107960);\n script_xref(name:\"IAVA\", value:\"2019-A-0120\");\n\n script_name(english:\"Oracle VM VirtualBox 5.2.x < 5.2.28 / 6.0.x < 6.0.6 (Apr 2019 CPU)\");\n script_summary(english:\"Performs a version check on VirtualBox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle VM VirtualBox running on the remote host is\n5.2.x prior to 5.2.28 or 6.0.x prior to 6.0.6. It is, therefore,\naffected by multiple vulnerabilities as noted in the April 2019\nCritical Patch Update advisory :\n\n - Multiple unspecified vulnerabilities in the Core\n component of Oracle VirtualBox could allow an\n authenticated, local attacker with logon to the\n infrastructure where Oracle VM VirtualBox executes to\n compromise Oracle VM VirtualBox. \n (CVE-2019-2656, CVE-2019-2657,CVE-2019-2680,CVE-2019-2690,\n CVE-2019-2696,CVE-2019-2703,CVE-2019-2721,CVE-2019-2722,\n CVE-2019-2723)\n\n - Multiple unspecified vulnerabilities in the Core\n component of Oracle VirtualBox could allow an\n authenticated, local attacker with logon to the\n infrastructure where Oracle VM VirtualBox executes to\n potentially expose critical or confidential data.\n (CVE-2019-2574, CVE-2019-2678, CVE-2019-2679) \");\n\n #https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixOVIR\n script_set_attribute(attribute:\"see_also\",value:\"http://www.nessus.org/u?a966c489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.virtualbox.org/wiki/Changelog\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle VM VirtualBox version 5.2.28, 6.0.6 or later as\nreferenced in the April 2019 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2723\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:vm_virtualbox\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"virtualbox_installed.nasl\", \"macosx_virtualbox_installed.nbin\");\n script_require_ports(\"installed_sw/Oracle VM VirtualBox\", \"installed_sw/VirtualBox\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nif (get_kb_item(\"installed_sw/Oracle VM VirtualBox\"))\n app_info = vcf::get_app_info(app:\"Oracle VM VirtualBox\", win_local:TRUE);\nelse\n app_info = vcf::get_app_info(app:\"VirtualBox\");\n\nconstraints = [\n {\"min_version\" : \"5.2\", \"fixed_version\" : \"5.2.28\"},\n {\"min_version\" : \"6.0\", \"fixed_version\" : \"6.0.6\"}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T14:15:57", "description": "According to the versions of the icu package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\n - A vulnerability was found in the International Components for Unicode (ICU). Specially crafted invalid utf-8 text, when parsed or manipulated using particular functions in libicu, could cause out-of-bounds heap reads and writes potentially leading to a crash, memory disclosure, or possibly code execution.(CVE-2017-7867)\n\n - The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.(CVE-2014-7923)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : icu (EulerOS-SA-2020-1261)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7923", "CVE-2014-7926", "CVE-2014-7940", "CVE-2014-9654", "CVE-2016-6293", "CVE-2016-7415", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libicu", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1261.NASL", "href": "https://www.tenable.com/plugins/nessus/134550", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134550);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-7940\",\n \"CVE-2014-9654\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72288,\n 72980\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : icu (EulerOS-SA-2020-1261)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - A vulnerability was found in the International\n Components for Unicode (ICU). Specially crafted invalid\n utf-8 text, when parsed or manipulated using particular\n functions in libicu, could cause out-of-bounds heap\n reads and writes potentially leading to a crash, memory\n disclosure, or possibly code execution.(CVE-2017-7867)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The collator implementation in i18n/ucol.cpp in\n International Components for Unicode (ICU) 52 through\n SVN revision 293126, as used in Google Chrome before\n 40.0.2214.91, does not initialize memory for a data\n structure, which allows remote attackers to cause a\n denial of service or possibly have unspecified other\n impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1261\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eaf315c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-04T14:43:58", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:\n\n - Networking component of Enterprise Manager Base Platform (Spring Framework) is easily exploited and may allow an unauthenticated, remote attacker to takeover the Enterprise Manager Base Platform.\n (CVE-2018-1258, CVE-2018-11039, CVE-2018-11040, CVE-2018-1257, CVE-2018-15756)\n\n - Agent Next Gen (IBM Java) vulnerability allows unauthenticated, remote attacker unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data. (CVE-2018-1656, CVE-2018-12539)\n\n - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack. An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-12539", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-15756", "CVE-2018-1656", "CVE-2018-5407"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager"], "id": "ORACLE_ENTERPRISE_MANAGER_APR_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/124157", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124157);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-1257\",\n \"CVE-2018-1258\",\n \"CVE-2018-1656\",\n \"CVE-2018-5407\",\n \"CVE-2018-11039\",\n \"CVE-2018-11040\",\n \"CVE-2018-12539\",\n \"CVE-2018-15756\"\n );\n script_bugtraq_id(\n 104222,\n 104260,\n 105118,\n 105126,\n 105703,\n 105750,\n 105758,\n 105897\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0130\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in\nEnterprise Manager Base Platform component:\n\n - Networking component of Enterprise Manager Base Platform (Spring Framework)\n is easily exploited and may allow an unauthenticated, remote attacker to takeover\n the Enterprise Manager Base Platform.\n (CVE-2018-1258, CVE-2018-11039, CVE-2018-11040, CVE-2018-1257, CVE-2018-15756)\n\n - Agent Next Gen (IBM Java) vulnerability allows unauthenticated, remote attacker\n unauthorized access to critical data or complete access to all Enterprise Manager\n Base Platform accessible data. (CVE-2018-1656, CVE-2018-12539)\n\n - An information disclosure vulnerability exists in OpenSSL due to the potential\n for a side-channel timing attack. An unauthenticated attacker can exploit\n this to disclose potentially sensitive information. \n (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n # https://support.oracle.com/rs?type=doc&id=2498664.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ba7181fa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019\nOracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1258\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Cloud Control\");\n\n exit(0);\n}\n\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('oracle_rdbms_cpu_func.inc');\ninclude('install_func.inc');\n\nproduct = 'Oracle Enterprise Manager Cloud Control';\ninstall = get_single_install(app_name:product, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nemchome = install['path'];\n\npatchid = NULL;\nmissing = NULL;\npatched = FALSE;\nfix = NULL;\n\nif (version =~ '^13\\\\.3\\\\.0\\\\.0(\\\\.[0-9]+)?$')\n{\n patchid = '29433931';\n fix = '13.3.0.0.190416';\n}\nelse if (version =~ '^13\\\\.2\\\\.0\\\\.0(\\\\.[0-9]+)?$')\n{\n patchid = '29433916';\n fix = '13.2.0.0.190416';\n}\nelse if (version =~ '^12\\\\.1\\\\.0\\\\.5(\\\\.[0-9]+)?$')\n{\n patchid = '29433895';\n fix = '12.1.0.5.190416';\n}\n\nif (isnull(patchid))\n audit(AUDIT_HOST_NOT, 'affected');\n\n# compare version to check if we've already adjusted for patch level during detection\nif (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, product, version, emchome);\n\n# Now look for the affected components\npatchesinstalled = find_patches_in_ohomes(ohomes:make_list(emchome));\nif (isnull(patchesinstalled))\n missing = patchid;\nelse\n{\n foreach applied (keys(patchesinstalled[emchome]))\n {\n if (applied == patchid)\n {\n patched = TRUE;\n break;\n }\n else\n {\n foreach bugid (patchesinstalled[emchome][applied]['bugs'])\n {\n if (bugid == patchid)\n {\n patched = TRUE;\n break;\n }\n }\n if (patched) break;\n }\n }\n if (!patched)\n missing = patchid;\n}\n\nif (empty_or_null(missing))\n audit(AUDIT_HOST_NOT, 'affected');\n\norder = make_list('Product', 'Version', 'Missing patch');\nreport = make_array(\n order[0], product,\n order[1], version,\n order[2], patchid\n);\nreport = report_items_str(report_items:report, ordered_fields:order);\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:23:00", "description": "Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Debian DSA-4452-1 : jackson-databind - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jackson-databind", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4452.NASL", "href": "https://www.tenable.com/plugins/nessus/125416", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4452. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125416);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2019-12086\");\n script_xref(name:\"DSA\", value:\"4452\");\n\n script_name(english:\"Debian DSA-4452-1 : jackson-databind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues were found in jackson-databind, a Java\nlibrary to parse JSON and other data formats which could result in\ninformation disclosure or the execution of arbitrary code.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/jackson-databind\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61134ddf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4452\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jackson-databind packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.8.6-1+deb9u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T23:19:52", "description": "The version of MySQL running on the remote host is 5.7.x prior to 5.7.27. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the April 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server : Pluggable Auth' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-2632)\n\n - An unspecified vulnerability in the 'Server: Compiling (OpenSSL)' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-1559)\n\n - An unspecified vulnerability in the 'InnoDB' subcomponent could allow a high privileged attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service.\n (CVE-2019-2628)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1559", "CVE-2019-2566", "CVE-2019-2581", "CVE-2019-2592", "CVE-2019-2614", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2632", "CVE-2019-2683"], "modified": "2019-04-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700633.PRM", "href": "https://www.tenable.com/plugins/nnm/700633", "sourceData": "Binary data 700633.prm", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-08T14:36:36", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, therefore, affected by multiple vulnerabilities:\n\n - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. (CVE-2018-11763).\n\n - A deserialization vulnerability in jackson-databind, a fast and powerful JSON library for Java, allows an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-19T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1000031", "CVE-2017-9798", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2018-8034"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124170);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2016-1000031\",\n \"CVE-2017-9798\",\n \"CVE-2018-8034\",\n \"CVE-2018-11763\",\n \"CVE-2018-11784\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\"\n );\n script_bugtraq_id(\n 93604,\n 100872,\n 104895,\n 105414,\n 105524\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nUnifier installation running on the remote web server is 16.x prior to\n16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, \ntherefore, affected by multiple vulnerabilities:\n\n - A deserialization vulnerability in Apache Commons\n FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - A denial of service (DoS) vulnerability exists in\n Apache HTTP Server 2.4.17 to 2.4.34, due to a design\n error. An unauthenticated, remote attacker can\n exploit this issue by sending continuous, large\n SETTINGS frames to cause a client to occupy a\n connection, server thread and CPU time without any\n connection timeout coming to effect. This affects\n only HTTP/2 connections. A possible mitigation is to\n not enable the h2 protocol. (CVE-2018-11763).\n\n - A deserialization vulnerability in jackson-databind, a\n fast and powerful JSON library for Java, allows an\n unauthenticated user to perform code execution. The\n issue was resolved by extending the blacklist and\n blocking more classes from polymorphic deserialization.\n (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera Unifier version 16.2.15.7 / 17.12.10 / 18.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1000031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera Unifier\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8002);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera Unifier\", port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"16.1.0.0\", \"fixed_version\" : \"16.2.15.7\" },\n { \"min_version\" : \"17.7.0.0\", \"fixed_version\" : \"17.12.10\" },\n { \"min_version\" : \"18.8.0.0\", \"fixed_version\" : \"18.8.6\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); \n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-13T14:28:47", "description": "Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have been updated to MySQL 5.7.26.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttps://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-26.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-507281 3.html.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-30T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : MySQL vulnerabilities (USN-3957-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2566", "CVE-2019-2581", "CVE-2019-2592", "CVE-2019-2614", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2632", "CVE-2019-2683"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-3957-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124407", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3957-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124407);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2019-2566\", \"CVE-2019-2581\", \"CVE-2019-2592\", \"CVE-2019-2614\", \"CVE-2019-2627\", \"CVE-2019-2628\", \"CVE-2019-2632\", \"CVE-2019-2683\");\n script_xref(name:\"USN\", value:\"3957-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : MySQL vulnerabilities (USN-3957-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in MySQL and this update\nincludes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04\nhave been updated to MySQL 5.7.26.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttps://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-26.html\nhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-507281\n3.html.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3957-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mysql-server-5.7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.26-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.26-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.26-0ubuntu0.18.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.26-0ubuntu0.19.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql-server-5.7\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-06T14:24:05", "description": "icu was updated to fix two security issues. These security issues were fixed :\n\n - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629).\n\n - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629).\n\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) for C/C++ did not ensure that there is a '\\0' character at the end of a certain temporary array, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument (bsc#990636).\n\n - CVE-2017-7868: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (bsc#1034674)\n\n - CVE-2017-7867: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (bsc#1034678)\n\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue (bnc#1067203)\n\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC (bnc#1072193)\n\n - CVE-2017-15422: An integer overflow in icu during persian calendar date processing could lead to incorrect years shown (bnc#1077999)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-24T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2018:1401-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8146", "CVE-2014-8147", "CVE-2016-6293", "CVE-2017-14952", "CVE-2017-15422", "CVE-2017-17484", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:icu", "p-cpe:/a:novell:suse_linux:icu-debuginfo", "p-cpe:/a:novell:suse_linux:icu-debugsource", "p-cpe:/a:novell:suse_linux:libicu-doc", "p-cpe:/a:novell:suse_linux:libicu52_1", "p-cpe:/a:novell:suse_linux:libicu52_1-data", "p-cpe:/a:novell:suse_linux:libicu52_1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1401-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110093", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1401-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110093);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2014-8146\", \"CVE-2014-8147\", \"CVE-2016-6293\", \"CVE-2017-14952\", \"CVE-2017-15422\", \"CVE-2017-17484\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n script_bugtraq_id(74457);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2018:1401-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"icu was updated to fix two security issues. These security issues were\nfixed :\n\n - CVE-2014-8147: The resolveImplicitLevels function in\n common/ubidi.c in the Unicode Bidirectional Algorithm\n implementation in ICU4C in International Components for\n Unicode (ICU) used an integer data type that is\n inconsistent with a header file, which allowed remote\n attackers to cause a denial of service (incorrect malloc\n followed by invalid free) or possibly execute arbitrary\n code via crafted text (bsc#929629).\n\n - CVE-2014-8146: The resolveImplicitLevels function in\n common/ubidi.c in the Unicode Bidirectional Algorithm\n implementation in ICU4C in International Components for\n Unicode (ICU) did not properly track directionally\n isolated pieces of text, which allowed remote attackers\n to cause a denial of service (heap-based buffer\n overflow) or possibly execute arbitrary code via crafted\n text (bsc#929629).\n\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function\n in common/uloc.cpp in International Components for\n Unicode (ICU) for C/C++ did not ensure that there is a\n '\\0' character at the end of a certain temporary array,\n which allowed remote attackers to cause a denial of\n service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument (bsc#990636).\n\n - CVE-2017-7868: International Components for Unicode\n (ICU) for C/C++ 2017-02-13 has an out-of-bounds write\n caused by a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function (bsc#1034674)\n\n - CVE-2017-7867: International Components for Unicode\n (ICU) for C/C++ 2017-02-13 has an out-of-bounds write\n caused by a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function (bsc#1034678)\n\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp in\n International Components for Unicode (ICU) for C/C++\n allowed remote attackers to execute arbitrary code via a\n crafted string, aka a 'redundant UVector entry clean up\n function call' issue (bnc#1067203)\n\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in\n ucnv_u8.cpp in International Components for Unicode\n (ICU) for C/C++ mishandled ucnv_convertEx calls for\n UTF-8 to UTF-8 conversion, which allowed remote\n attackers to cause a denial of service (stack-based\n buffer overflow and application crash) or possibly have\n unspecified other impact via a crafted string, as\n demonstrated by ZNC (bnc#1072193)\n\n - CVE-2017-15422: An integer overflow in icu during\n persian calendar date processing could lead to incorrect\n years shown (bnc#1077999)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1034674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1034678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=929629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=990636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8146/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8147/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6293/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14952/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15422/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17484/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7868/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181401-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ef40e883\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-979=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-979=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-979=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-979=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-979=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-979=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-979=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-979=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-979=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-979=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2018-979=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-979=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:icu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:icu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu52_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu52_1-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu52_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1/2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"icu-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"icu-debugsource-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libicu-doc-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libicu52_1-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libicu52_1-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libicu52_1-data-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libicu52_1-debuginfo-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libicu52_1-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"icu-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"icu-debugsource-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libicu-doc-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libicu52_1-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libicu52_1-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libicu52_1-data-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libicu52_1-debuginfo-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libicu52_1-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"icu-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"icu-debugsource-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libicu-doc-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libicu52_1-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libicu52_1-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libicu52_1-data-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libicu52_1-debuginfo-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libicu52_1-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"icu-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"icu-debugsource-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libicu-doc-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libicu52_1-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libicu52_1-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libicu52_1-data-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libicu52_1-debuginfo-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libicu52_1-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"icu-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"icu-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"icu-debugsource-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libicu52_1-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libicu52_1-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libicu52_1-data-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libicu52_1-debuginfo-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libicu52_1-debuginfo-52.1-8.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T14:24:04", "description": "icu was updated to fix two security issues.\n\nThese security issues were fixed :\n\n - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629).\n\n - CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629).\n\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) for C/C++ did not ensure that there is a '\\0' character at the end of a certain temporary array, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument (bsc#990636).\n\n - CVE-2017-7868: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (bsc#1034674)\n\n - CVE-2017-7867: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (bsc#1034678)\n\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue (bnc#1067203)\n\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC (bnc#1072193)\n\n - CVE-2017-15422: An integer overflow in icu during persian calendar date processing could lead to incorrect years shown (bnc#1077999)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-05-25T00:00:00", "type": "nessus", "title": "openSUSE Security Update : icu (openSUSE-2018-517)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8146", "CVE-2014-8147", "CVE-2016-6293", "CVE-2017-14952", "CVE-2017-15422", "CVE-2017-17484", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:icu", "p-cpe:/a:novell:opensuse:icu-data", "p-cpe:/a:novell:opensuse:icu-debuginfo", "p-cpe:/a:novell:opensuse:icu-debugsource", "p-cpe:/a:novell:opensuse:libicu-devel", "p-cpe:/a:novell:opensuse:libicu-devel-32bit", "p-cpe:/a:novell:opensuse:libicu52_1", "p-cpe:/a:novell:opensuse:libicu52_1-32bit", "p-cpe:/a:novell:opensuse:libicu52_1-data", "p-cpe:/a:novell:opensuse:libicu52_1-debuginfo", "p-cpe:/a:novell:opensuse:libicu52_1-debuginfo-32bit", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-517.NASL", "href": "https://www.tenable.com/plugins/nessus/110107", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-517.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110107);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8146\", \"CVE-2014-8147\", \"CVE-2016-6293\", \"CVE-2017-14952\", \"CVE-2017-15422\", \"CVE-2017-17484\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n\n script_name(english:\"openSUSE Security Update : icu (openSUSE-2018-517)\");\n script_summary(english:\"Check for the openSUSE-2018-517 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"icu was updated to fix two security issues.\n\nThese security issues were fixed :\n\n - CVE-2014-8147: The resolveImplicitLevels function in\n common/ubidi.c in the Unicode Bidirectional Algorithm\n implementation in ICU4C in International Components for\n Unicode (ICU) used an integer data type that is\n inconsistent with a header file, which allowed remote\n attackers to cause a denial of service (incorrect malloc\n followed by invalid free) or possibly execute arbitrary\n code via crafted text (bsc#929629).\n\n - CVE-2014-8146: The resolveImplicitLevels function in\n common/ubidi.c in the Unicode Bidirectional Algorithm\n implementation in ICU4C in International Components for\n Unicode (ICU) did not properly track directionally\n isolated pieces of text, which allowed remote attackers\n to cause a denial of service (heap-based buffer\n overflow) or possibly execute arbitrary code via crafted\n text (bsc#929629).\n\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function\n in common/uloc.cpp in International Components for\n Unicode (ICU) for C/C++ did not ensure that there is a\n '\\0' character at the end of a certain temporary array,\n which allowed remote attackers to cause a denial of\n service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument (bsc#990636).\n\n - CVE-2017-7868: International Components for Unicode\n (ICU) for C/C++ 2017-02-13 has an out-of-bounds write\n caused by a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function (bsc#1034674)\n\n - CVE-2017-7867: International Components for Unicode\n (ICU) for C/C++ 2017-02-13 has an out-of-bounds write\n caused by a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function (bsc#1034678)\n\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp in\n International Components for Unicode (ICU) for C/C++\n allowed remote attackers to execute arbitrary code via a\n crafted string, aka a 'redundant UVector entry clean up\n function call' issue (bnc#1067203)\n\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in\n ucnv_u8.cpp in International Components for Unicode\n (ICU) for C/C++ mishandled ucnv_convertEx calls for\n UTF-8 to UTF-8 conversion, which allowed remote\n attackers to cause a denial of service (stack-based\n buffer overflow and application crash) or possibly have\n unspecified other impact via a crafted string, as\n demonstrated by ZNC (bnc#1072193)\n\n - CVE-2017-15422: An integer overflow in icu during\n persian calendar date processing could lead to incorrect\n years shown (bnc#1077999)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1034674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1034678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1067203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1077999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=929629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=990636\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:icu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:icu-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:icu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:icu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu52_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu52_1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu52_1-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu52_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libicu52_1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"icu-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"icu-data-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"icu-debuginfo-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"icu-debugsource-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libicu-devel-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libicu52_1-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libicu52_1-data-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libicu52_1-debuginfo-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libicu-devel-32bit-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libicu52_1-32bit-52.1-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libicu52_1-debuginfo-32bit-52.1-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu / icu-data / icu-debuginfo / icu-debugsource / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T14:28:35", "description": "icu was updated to fix two security issues.\n\nThese security issues were fixed :\n\nCVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629).\n\nCVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629).\n\nCVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) for C/C++ did not ensure that there is a '\\0' character at the end of a certain temporary array, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument (bsc#990636).\n\nCVE-2017-7868: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function (bsc#1034674)\n\nCVE-2017-7867: International Components for Unicode (ICU) for C/C++ 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function (bsc#1034678)\n\nCVE-2017-14952: Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue (bnc#1067203)\n\nCVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC (bnc#1072193)\n\nCVE-2017-15422: An integer overflow in icu during persian calendar date processing could lead to incorrect years shown (bnc#1077999)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-10-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : icu (SUSE-SU-2018:1401-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8146", "CVE-2014-8147", "CVE-2016-6293", "CVE-2017-14952", "CVE-2017-15422", "CVE-2017-17484", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2022-02-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:icu-debuginfo", "p-cpe:/a:novell:suse_linux:icu-debugsource", "p-cpe:/a:novell:suse_linux:libicu-doc", "p-cpe:/a:novell:suse_linux:libicu52_1", "p-cpe:/a:novell:suse_linux:libicu52_1-data", "p-cpe:/a:novell:suse_linux:libicu52_1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1401-2.NASL", "href": "https://www.tenable.com/plugins/nessus/118258", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1401-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118258);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/07\");\n\n script_cve_id(\"CVE-2014-8146\", \"CVE-2014-8147\", \"CVE-2016-6293\", \"CVE-2017-14952\", \"CVE-2017-15422\", \"CVE-2017-17484\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n script_bugtraq_id(74457);\n\n script_name(english:\"SUSE SLES12 Security Update : icu (SUSE-SU-2018:1401-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"icu was updated to fix two security issues.\n\nThese security issues were fixed :\n\nCVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in\nthe Unicode Bidirectional Algorithm implementation in ICU4C in\nInternational Components for Unicode (ICU) used an integer data type\nthat is inconsistent with a header file, which allowed remote\nattackers to cause a denial of service (incorrect malloc followed by\ninvalid free) or possibly execute arbitrary code via crafted text\n(bsc#929629).\n\nCVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in\nthe Unicode Bidirectional Algorithm implementation in ICU4C in\nInternational Components for Unicode (ICU) did not properly track\ndirectionally isolated pieces of text, which allowed remote attackers\nto cause a denial of service (heap-based buffer overflow) or possibly\nexecute arbitrary code via crafted text (bsc#929629).\n\nCVE-2016-6293: The uloc_acceptLanguageFromHTTP function in\ncommon/uloc.cpp in International Components for Unicode (ICU) for\nC/C++ did not ensure that there is a '\\0' character at the end of a\ncertain temporary array, which allowed remote attackers to cause a\ndenial of service (out-of-bounds read) or possibly have unspecified\nother impact via a call with a long httpAcceptLanguage argument\n(bsc#990636).\n\nCVE-2017-7868: International Components for Unicode (ICU) for C/C++\n2017-02-13 has an out-of-bounds write caused by a heap-based buffer\noverflow related to the utf8TextAccess function in common/utext.cpp\nand the utext_moveIndex32* function (bsc#1034674)\n\nCVE-2017-7867: International Components for Unicode (ICU) for C/C++\n2017-02-13 has an out-of-bounds write caused by a heap-based buffer\noverflow related to the utf8TextAccess function in common/utext.cpp\nand the utext_setNativeIndex* function (bsc#1034678)\n\nCVE-2017-14952: Double free in i18n/zonemeta.cpp in International\nComponents for Unicode (ICU) for C/C++ allowed remote attackers to\nexecute arbitrary code via a crafted string, aka a 'redundant UVector\nentry clean up function call' issue (bnc#1067203)\n\nCVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in\nInternational Components for Unicode (ICU) for C/C++ mishandled\nucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allowed\nremote attackers to cause a denial of service (stack-based buffer\noverflow and application crash) or possibly have unspecified other\nimpact via a crafted string, as demonstrated by ZNC (bnc#1072193)\n\nCVE-2017-15422: An integer overflow in icu during persian calendar\ndate processing could lead to incorrect years shown (bnc#1077999)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1034674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1034678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087932\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=929629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=990636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8146/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8147/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6293/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14952/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15422/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17484/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7868/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181401-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ffccb188\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-979=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-17484\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:icu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:icu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu52_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu52_1-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu52_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"icu-debuginfo-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"icu-debugsource-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libicu-doc-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libicu52_1-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libicu52_1-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libicu52_1-data-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libicu52_1-debuginfo-32bit-52.1-8.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libicu52_1-debuginfo-52.1-8.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:08", "description": "Security Fix(es) :\n\n - Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.\n (CVE-2018-3620, CVE-2018-3646)\n\n - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side- channel attacks. (CVE-2018-3693)\n\n - kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\n - kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861)\n\n - kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)\n\n - kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566)\n\n - kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004)\n\nBug Fix(es) :\n\n - The Least recently used (LRU) operations are batched by caching pages in per-cpu page vectors to prevent contention of the heavily used lru_lock spinlock. The page vectors can hold even the compound pages.\n Previously, the page vectors were cleared only if they were full. Subsequently, the amount of memory held in page vectors, which is not reclaimable, was sometimes too high. Consequently the page reclamation started the Out of Memory (OOM) killing processes. With this update, the underlying source code has been fixed to clear LRU page vectors each time when a compound page is added to them. As a result, OOM killing processes due to high amounts of memory held in page vectors no longer occur.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-16T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180814) (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0861", "CVE-2017-15265", "CVE-2018-1000004", "CVE-2018-10901", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-7566"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-firmware", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180814_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/111777", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111777);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2017-0861\", \"CVE-2017-15265\", \"CVE-2018-1000004\", \"CVE-2018-10901\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-3693\", \"CVE-2018-7566\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180814) (Foreshadow)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - Modern operating systems implement virtualization of\n physical memory to efficiently use available system\n resources and provide inter-domain protection through\n access control and isolation. The L1TF issue was found\n in the way the x86 microprocessor designs have\n implemented speculative execution of instructions (a\n commonly used performance optimisation) in combination\n with handling of page-faults caused by terminated\n virtual to physical address resolving process. As a\n result, an unprivileged attacker could use this flaw to\n read privileged memory of the kernel or other processes\n and/or cross guest/host boundaries to read host memory\n by conducting targeted cache side-channel attacks.\n (CVE-2018-3620, CVE-2018-3646)\n\n - An industry-wide issue was found in the way many modern\n microprocessor designs have implemented speculative\n execution of instructions past bounds check. The flaw\n relies on the presence of a precisely-defined\n instruction sequence in the privileged code and the fact\n that memory writes occur to an address which depends on\n the untrusted value. Such writes cause an update into\n the microprocessor's data cache even for speculatively\n executed instructions that never actually commit\n (retire). As a result, an unprivileged attacker could\n use this flaw to influence speculative execution and/or\n read privileged memory by conducting targeted cache\n side- channel attacks. (CVE-2018-3693)\n\n - kernel: kvm: vmx: host GDT limit corruption\n (CVE-2018-10901)\n\n - kernel: Use-after-free in snd_pcm_info function in ALSA\n subsystem potentially leads to privilege escalation\n (CVE-2017-0861)\n\n - kernel: Use-after-free in snd_seq_ioctl_create_port()\n (CVE-2017-15265)\n\n - kernel: race condition in snd_seq_write() may lead to\n UAF or OOB-access (CVE-2018-7566)\n\n - kernel: Race condition in sound system can lead to\n denial of service (CVE-2018-1000004)\n\nBug Fix(es) :\n\n - The Least recently used (LRU) operations are batched by\n caching pages in per-cpu page vectors to prevent\n contention of the heavily used lru_lock spinlock. The\n page vectors can hold even the compound pages.\n Previously, the page vectors were cleared only if they\n were full. Subsequently, the amount of memory held in\n page vectors, which is not reclaimable, was sometimes\n too high. Consequently the page reclamation started the\n Out of Memory (OOM) killing processes. With this update,\n the underlying source code has been fixed to clear LRU\n page vectors each time when a compound page is added to\n them. As a result, OOM killing processes due to high\n amounts of memory held in page vectors no longer occur.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1808&L=scientific-linux-errata&F=&S=&P=1270\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d03c589b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-common-i686-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-05T15:24:46", "description": "According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.(CVE-2017-7867)\n\n - Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.(CVE-2014-7923)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\n - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : icu (EulerOS-SA-2019-2594)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7923", "CVE-2014-7926", "CVE-2014-9654", "CVE-2015-4844", "CVE-2016-6293", "CVE-2016-7415", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libicu", "p-cpe:/a:huawei:euleros:libicu-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2594.NASL", "href": "https://www.tenable.com/plugins/nessus/132129", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132129);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-9654\",\n \"CVE-2015-4844\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72288,\n 72980\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : icu (EulerOS-SA-2019-2594)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2594\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?57a73d45\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h5\",\n \"libicu-devel-50.1.2-15.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:41", "description": "Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-02-19T00:00:00", "type": "nessus", "title": "Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7051", "CVE-2018-1000873", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bouncycastle", "p-cpe:/a:fedoraproject:fedora:eclipse-jgit", "p-cpe:/a:fedoraproject:fedora:eclipse-linuxtools", "p-cpe:/a:fedoraproject:fedora:jackson-annotations", "p-cpe:/a:fedoraproject:fedora:jackson-bom", "p-cpe:/a:fedoraproject:fedora:jackson-core", "p-cpe:/a:fedoraproject:fedora:jackson-databind", "p-cpe:/a:fedoraproject:fedora:jackson-dataformat-xml", "p-cpe:/a:fedoraproject:fedora:jackson-dataformats-binary", "p-cpe:/a:fedoraproject:fedora:jackson-dataformats-text", "p-cpe:/a:fedoraproject:fedora:jackson-datatype-jdk8", "p-cpe:/a:fedoraproject:fedora:jackson-datatype-joda", "p-cpe:/a:fedoraproject:fedora:jackson-datatypes-collections", "p-cpe:/a:fedoraproject:fedora:jackson-jaxrs-providers", "p-cpe:/a:fedoraproject:fedora:jackson-module-jsonSchema", "p-cpe:/a:fedoraproject:fedora:jackson-modules-base", "p-cpe:/a:fedoraproject:fedora:jackson-parent", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-DF57551F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/122290", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-df57551f6d.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122290);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2016-7051\", \"CVE-2018-1000873\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n script_xref(name:\"FEDORA\", value:\"2019-df57551f6d\");\n\n script_name(english:\"Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361\nCVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720\nCVE-2018-14721 and CVE-2016-7051.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-df57551f6d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:eclipse-jgit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:eclipse-linuxtools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-annotations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-bom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-dataformat-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-dataformats-binary\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-dataformats-text\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-datatype-jdk8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-datatype-joda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-datatypes-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-jaxrs-providers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-module-jsonSchema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-modules-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jackson-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"bouncycastle-1.61-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"eclipse-jgit-5.2.0-4.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"eclipse-linuxtools-7.1.0-3.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-annotations-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-bom-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-core-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-databind-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-dataformat-xml-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-dataformats-binary-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-dataformats-text-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-datatype-jdk8-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-datatype-joda-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-datatypes-collections-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-jaxrs-providers-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-module-jsonSchema-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-modules-base-2.9.8-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"jackson-parent-2.9.1.2-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bouncycastle / eclipse-jgit / eclipse-linuxtools / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T15:34:50", "description": "According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\n - Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.(CVE-2017-15422)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.(CVE-2014-7923)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.(CVE-2014-7926)\n\n - The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\n\n - The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.(CVE-2017-7867)\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : icu (EulerOS-SA-2019-2390)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7923", "CVE-2014-7926", "CVE-2014-7940", "CVE-2014-9654", "CVE-2015-4844", "CVE-2016-6293", "CVE-2016-7415", "CVE-2017-15422", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libicu", "p-cpe:/a:huawei:euleros:libicu-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2390.NASL", "href": "https://www.tenable.com/plugins/nessus/131882", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131882);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-7940\",\n \"CVE-2014-9654\",\n \"CVE-2015-4844\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-15422\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72288,\n 72980\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : icu (EulerOS-SA-2019-2390)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - Integer overflow in international date handling in\n International Components for Unicode (ICU) for C/C++\n before 60.1, as used in V8 in Google Chrome prior to\n 63.0.3239.84 and other products, allowed a remote\n attacker to perform an out of bounds memory read via a\n crafted HTML page.(CVE-2017-15422)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The collator implementation in i18n/ucol.cpp in\n International Components for Unicode (ICU) 52 through\n SVN revision 293126, as used in Google Chrome before\n 40.0.2214.91, does not initialize memory for a data\n structure, which allows remote attackers to cause a\n denial of service or possibly have unspecified other\n impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2390\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76e7c95c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h4\",\n \"libicu-devel-50.1.2-15.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:48:47", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 16th August 2018] The original errata text was missing reference to CVE-2018-5390 fix. We have updated the errata text to correct this issue. No changes have been made to the packages.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3620, CVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3693)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.\n(CVE-2018-5390)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\n* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Intel OSSIRT (Intel.com) for reporting CVE-2018-3620 and CVE-2018-3646; Vladimir Kiriansky (MIT) and Carl Waldspurger (Carl Waldspurger Consulting) for reporting CVE-2018-3693;\nJuha-Matti Tilli (Aalto University, Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390; and Vegard Nossum (Oracle Corporation) for reporting CVE-2018-10901.\n\nBug Fix(es) :\n\n* The Least recently used (LRU) operations are batched by caching pages in per-cpu page vectors to prevent contention of the heavily used lru_lock spinlock. The page vectors can hold even the compound pages. Previously, the page vectors were cleared only if they were full. Subsequently, the amount of memory held in page vectors, which is not reclaimable, was sometimes too high. Consequently the page reclamation started the Out of Memory (OOM) killing processes. With this update, the underlying source code has been fixed to clear LRU page vectors each time when a compound page is added to them. As a result, OOM killing processes due to high amounts of memory held in page vectors no longer occur. (BZ#1575819)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2018:2390) (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0861", "CVE-2017-15265", "CVE-2018-1000004", "CVE-2018-10901", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-7566"], "modified": "2022-01-28T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2018-2390.NASL", "href": "https://www.tenable.com/plugins/nessus/111731", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2390. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111731);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/28\");\n\n script_cve_id(\"CVE-2017-0861\", \"CVE-2017-15265\", \"CVE-2018-1000004\", \"CVE-2018-10901\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-3693\", \"CVE-2018-5390\", \"CVE-2018-7566\");\n script_xref(name:\"RHSA\", value:\"2018:2390\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2018:2390) (Foreshadow)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\n[Updated 16th August 2018] The original errata text was missing\nreference to CVE-2018-5390 fix. We have updated the errata text to\ncorrect this issue. No changes have been made to the packages.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* Modern operating systems implement virtualization of physical memory\nto efficiently use available system resources and provide inter-domain\nprotection through access control and isolation. The L1TF issue was\nfound in the way the x86 microprocessor designs have implemented\nspeculative execution of instructions (a commonly used performance\noptimisation) in combination with handling of page-faults caused by\nterminated virtual to physical address resolving process. As a result,\nan unprivileged attacker could use this flaw to read privileged memory\nof the kernel or other processes and/or cross guest/host boundaries to\nread host memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3620, CVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern\nmicroprocessor designs have implemented speculative execution of\ninstructions past bounds check. The flaw relies on the presence of a\nprecisely-defined instruction sequence in the privileged code and the\nfact that memory writes occur to an address which depends on the\nuntrusted value. Such writes cause an update into the microprocessor's\ndata cache even for speculatively executed instructions that never\nactually commit (retire). As a result, an unprivileged attacker could\nuse this flaw to influence speculative execution and/or read\nprivileged memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3693)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel\nhandled specially crafted TCP packets. A remote attacker could use\nthis flaw to trigger time and calculation expensive calls to\ntcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by\nsending specially modified packets within ongoing TCP sessions which\ncould lead to a CPU saturation and hence a denial of service on the\nsystem. Maintaining the denial of service condition requires\ncontinuous two-way TCP sessions to a reachable open port, thus the\nattacks cannot be performed using spoofed IP addresses.\n(CVE-2018-5390)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\n* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem\npotentially leads to privilege escalation (CVE-2017-0861)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port()\n(CVE-2017-15265)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or\nOOB-access (CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service\n(CVE-2018-1000004)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Intel OSSIRT (Intel.com) for reporting\nCVE-2018-3620 and CVE-2018-3646; Vladimir Kiriansky (MIT) and Carl\nWaldspurger (Carl Waldspurger Consulting) for reporting CVE-2018-3693;\nJuha-Matti Tilli (Aalto University, Department of Communications and\nNetworking and Nokia Bell Labs) for reporting CVE-2018-5390; and\nVegard Nossum (Oracle Corporation) for reporting CVE-2018-10901.\n\nBug Fix(es) :\n\n* The Least recently used (LRU) operations are batched by caching\npages in per-cpu page vectors to prevent contention of the heavily\nused lru_lock spinlock. The page vectors can hold even the compound\npages. Previously, the page vectors were cleared only if they were\nfull. Subsequently, the amount of memory held in page vectors, which\nis not reclaimable, was sometimes too high. Consequently the page\nreclamation started the Out of Memory (OOM) killing processes. With\nthis update, the underlying source code has been fixed to clear LRU\npage vectors each time when a compound page is added to them. As a\nresult, OOM killing processes due to high amounts of memory held in\npage vectors no longer occur. (BZ#1575819)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/vulnerabilities/L1TF\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-0861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-15265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-3620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-3646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-3693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-7566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10901\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1000004\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-0861\", \"CVE-2017-15265\", \"CVE-2018-1000004\", \"CVE-2018-10901\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-3693\", \"CVE-2018-5390\", \"CVE-2018-7566\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2018:2390\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2390\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-754.3.5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:48:56", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-2390 advisory.\n\n - Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. (CVE-2017-0861)\n\n - Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. (CVE-2017-15265)\n\n - In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. (CVE-2018-1000004)\n\n - Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. (CVE-2018-5390)\n\n - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. (CVE-2018-3620)\n\n - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. (CVE-2018-3693)\n\n - The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. (CVE-2018-7566)\n\n - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. (CVE-2018-3646)\n\n - A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. (CVE-2018-10901)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : kernel (ELSA-2018-2390)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0861", "CVE-2017-15265", "CVE-2018-1000004", "CVE-2018-10901", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-7566"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2018-2390.NASL", "href": "https://www.tenable.com/plugins/nessus/111724", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2018-2390.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111724);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2017-0861\",\n \"CVE-2017-15265\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-3693\",\n \"CVE-2018-5390\",\n \"CVE-2018-7566\",\n \"CVE-2018-10901\",\n \"CVE-2018-1000004\"\n );\n script_xref(name:\"RHSA\", value:\"2018:2390\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2018-2390)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2018-2390 advisory.\n\n - Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows\n attackers to gain privileges via unspecified vectors. (CVE-2017-0861)\n\n - Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a\n denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq\n ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. (CVE-2017-15265)\n\n - In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in\n the sound system, this can lead to a deadlock and denial of service condition. (CVE-2018-1000004)\n\n - Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and\n tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. (CVE-2018-5390)\n\n - Systems with microprocessors utilizing speculative execution and address translations may allow\n unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access\n via a terminal page fault and a side-channel analysis. (CVE-2018-3620)\n\n - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized\n disclosure of information to an attacker with local user access via a speculative buffer overflow and\n side-channel analysis. (CVE-2018-3693)\n\n - The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation\n to /dev/snd/seq by a local user. (CVE-2018-7566)\n\n - Systems with microprocessors utilizing speculative execution and address translations may allow\n unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access\n with guest OS privilege via a terminal page fault and a side-channel analysis. (CVE-2018-3646)\n\n - A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the\n GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's\n userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu\n variables. An attacker can use this to escalate their privileges. (CVE-2018-10901)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2018-2390.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10901\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-754.3.5.el6'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2018-2390');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-abi-whitelists-2.6.32-754.3.5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-2.6.32'},\n {'reference':'kernel-debug-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-firmware-2.6.32-754.3.5.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-firmware-2.6.32'},\n {'reference':'kernel-headers-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'kernel-headers-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'perf-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.3.5.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.3.5.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:48:29", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 16th August 2018] The original errata text was missing reference to CVE-2018-5390 fix. We have updated the errata text to correct this issue. No changes have been made to the packages.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3620, CVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3693)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.\n(CVE-2018-5390)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\n* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Intel OSSIRT (Intel.com) for reporting CVE-2018-3620 and CVE-2018-3646; Vladimir Kiriansky (MIT) and Carl Waldspurger (Carl Waldspurger Consulting) for reporting CVE-2018-3693;\nJuha-Matti Tilli (Aalto University, Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390; and Vegard Nossum (Oracle Corporation) for reporting CVE-2018-10901.\n\nBug Fix(es) :\n\n* The Least recently used (LRU) operations are batched by caching pages in per-cpu page vectors to prevent contention of the heavily used lru_lock spinlock. The page vectors can hold even the compound pages. Previously, the page vectors were cleared only if they were full. Subsequently, the amount of memory held in page vectors, which is not reclaimable, was sometimes too high. Consequently the page reclamation started the Out of Memory (OOM) killing processes. With this update, the underlying source code has been fixed to clear LRU page vectors each time when a compound page is added to them. As a result, OOM killing processes due to high amounts of memory held in page vectors no longer occur. (BZ#1575819)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "CentOS 6 : kernel (CESA-2018:2390) (Foreshadow)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0861", "CVE-2017-15265", "CVE-2018-1000004", "CVE-2018-10901", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-7566"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2018-2390.NASL", "href": "https://www.tenable.com/plugins/nessus/111704", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2390 and \n# CentOS Errata and Security Advisory 2018:2390 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111704);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2017-0861\", \"CVE-2017-15265\", \"CVE-2018-1000004\", \"CVE-2018-10901\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-3693\", \"CVE-2018-5390\", \"CVE-2018-7566\");\n script_xref(name:\"RHSA\", value:\"2018:2390\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2018:2390) (Foreshadow)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\n[Updated 16th August 2018] The original errata text was missing\nreference to CVE-2018-5390 fix. We have updated the errata text to\ncorrect this issue. No changes have been made to the packages.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* Modern operating systems implement virtualization of physical memory\nto efficiently use available system resources and provide inter-domain\nprotection through access control and isolation. The L1TF issue was\nfound in the way the x86 microprocessor designs have implemented\nspeculative execution of instructions (a commonly used performance\noptimisation) in combination with handling of page-faults caused by\nterminated virtual to physical address resolving process. As a result,\nan unprivileged attacker could use this flaw to read privileged memory\nof the kernel or other processes and/or cross guest/host boundaries to\nread host memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3620, CVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern\nmicroprocessor designs have implemented speculative execution of\ninstructions past bounds check. The flaw relies on the presence of a\nprecisely-defined instruction sequence in the privileged code and the\nfact that memory writes occur to an address which depends on the\nuntrusted value. Such writes cause an update into the microprocessor's\ndata cache even for speculatively executed instructions that never\nactually commit (retire). As a result, an unprivileged attacker could\nuse this flaw to influence speculative execution and/or read\nprivileged memory by conducting targeted cache side-channel attacks.\n(CVE-2018-3693)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel\nhandled specially crafted TCP packets. A remote attacker could use\nthis flaw to trigger time and calculation expensive calls to\ntcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by\nsending specially modified packets within ongoing TCP sessions which\ncould lead to a CPU saturation and hence a denial of service on the\nsystem. Maintaining the denial of service condition requires\ncontinuous two-way TCP sessions to a reachable open port, thus the\nattacks cannot be performed using spoofed IP addresses.\n(CVE-2018-5390)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\n* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem\npotentially leads to privilege escalation (CVE-2017-0861)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port()\n(CVE-2017-15265)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or\nOOB-access (CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service\n(CVE-2018-1000004)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Intel OSSIRT (Intel.com) for reporting\nCVE-2018-3620 and CVE-2018-3646; Vladimir Kiriansky (MIT) and Carl\nWaldspurger (Carl Waldspurger Consulting) for reporting CVE-2018-3693;\nJuha-Matti Tilli (Aalto University, Department of Communications and\nNetworking and Nokia Bell Labs) for reporting CVE-2018-5390; and\nVegard Nossum (Oracle Corporation) for reporting CVE-2018-10901.\n\nBug Fix(es) :\n\n* The Least recently used (LRU) operations are batched by caching\npages in per-cpu page vectors to prevent contention of the heavily\nused lru_lock spinlock. The page vectors can hold even the compound\npages. Previously, the page vectors were cleared only if they were\nfull. Subsequently, the amount of memory held in page vectors, which\nis not reclaimable, was sometimes too high. Consequently the page\nreclamation started the Out of Memory (OOM) killing processes. With\nthis update, the underlying source code has been fixed to clear LRU\npage vectors each time when a compound page is added to them. As a\nresult, OOM killing processes due to high amounts of memory held in\npage vectors no longer occur. (BZ#1575819)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-August/022983.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b134625a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5390\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-754.3.5.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-754.3.5.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:52:13", "description": "The remote Oracle Database Server is missing the April 2019 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities :\n\n - An authenticated local Portable Clusterware takeover vulnerability exists in the Oracle RDBMS. An authenticated, local attacker with the Grid Infrastructure User privilege with logon to the infrastructure where Portable Clusterware executes can exploit this to take over the Portable Clusterware component of Oracle RDBMS, resulting in the disclosure or manipulation of arbitrary data. (CVE-2019-2516) (CVE-2019-2619)\n\n - An authenticated remote database takeover vulnerability exists in the Oracle RDBMS. An authenticated, remote attacker with the DBFS_ROLE privilege can exploit this via the Oracle Net protocol to take over the back-end database, resulting in the disclosure or manipulation of arbitrary data. (CVE-2019-2517)\n\n - An authenticated remote Java VM takeover vulnerability exists in the Oracle RDBMS. An authenticated, remote attacker with the Create Session, Create Procedure privileges can exploit this to take over the Java VM. (CVE-2019-2518)\n\n - An authenticated remote RDBMS DataPump takeover vulnerability exists in the Oracle RDBMS. An authenticated, remote attacker with the DBA role privilege can exploit this via the Oracle Net protocol to take over the RDBMS DataPump component of Oracle RDBMS. (CVE-2019-2571)\n\n - An unauthenticated remote information disclosure vulnerability exists in the Oracle RDBMS. An unauthenticated, remote attacker can exploit this via the Oracle Net protocol to obtain read access to a unspecified subset of Core RDBMS accessible data.\n (CVE-2019-2582)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "Oracle Database Server Multiple Vulnerabilities (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2516", "CVE-2019-2517", "CVE-2019-2518", "CVE-2019-2571", "CVE-2019-2582", "CVE-2019-2619"], "modified": "2022-10-21T00:00:00", "cpe": ["cpe:/a:oracle:database_server"], "id": "ORACLE_RDBMS_CPU_APR_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/124155", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124155);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/21\");\n\n script_cve_id(\n \"CVE-2019-2516\",\n \"CVE-2019-2517\",\n \"CVE-2019-2518\",\n \"CVE-2019-2571\",\n \"CVE-2019-2582\",\n \"CVE-2019-2619\"\n );\n script_bugtraq_id(\n 107919,\n 107936,\n 107940,\n 107945\n );\n\n script_xref(name:\"IAVA\", value:\"2019-A-0123-S\");\n\n script_name(english:\"Oracle Database Server Multiple Vulnerabilities (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Database Server is missing the April 2019\nCritical Patch Update (CPU). It is, therefore, affected by multiple\nvulnerabilities :\n\n - An authenticated local Portable Clusterware takeover\n vulnerability exists in the Oracle RDBMS. An authenticated, local\n attacker with the Grid Infrastructure User privilege with logon\n to the infrastructure where Portable Clusterware executes can\n exploit this to take over the Portable Clusterware component of\n Oracle RDBMS, resulting in the disclosure or manipulation of\n arbitrary data. (CVE-2019-2516) (CVE-2019-2619)\n\n - An authenticated remote database takeover vulnerability exists in\n the Oracle RDBMS. An authenticated, remote attacker with the\n DBFS_ROLE privilege can exploit this via the Oracle Net protocol\n to take over the back-end database, resulting in the disclosure\n or manipulation of arbitrary data. (CVE-2019-2517)\n\n - An authenticated remote Java VM takeover vulnerability exists in\n the Oracle RDBMS. An authenticated, remote attacker with the\n Create Session, Create Procedure privileges can exploit this to\n take over the Java VM. (CVE-2019-2518)\n\n - An authenticated remote RDBMS DataPump takeover vulnerability\n exists in the Oracle RDBMS. An authenticated, remote attacker\n with the DBA role privilege can exploit this via the Oracle Net\n protocol to take over the RDBMS DataPump component of Oracle\n RDBMS. (CVE-2019-2571)\n\n - An unauthenticated remote information disclosure vulnerability\n exists in the Oracle RDBMS. An unauthenticated, remote attacker\n can exploit this via the Oracle Net protocol to obtain read\n access to a unspecified subset of Core RDBMS accessible data.\n (CVE-2019-2582)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixDB\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ee33210c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2517\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:database_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_rdbms_query_patch_info.nbin\", \"oracle_rdbms_patch_info.nbin\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_rdbms::get_app_info();\n\nvar constraints = [\n # RDBMS:\n {'min_version': '18.6', 'fixed_version': '18.6.0.0.190416', 'missing_patch':'29301631', 'os':'unix', 'component':'db'},\n {'min_version': '18.0', 'fixed_version': '18.6.0.0.190416', 'missing_patch':'29589622', 'os':'win', 'component':'db'},\n {'min_version': '18.5', 'fixed_version': '18.5.1.0.190416', 'missing_patch':'29230887', 'os':'unix', 'component':'db'},\n {'min_version': '18.0', 'fixed_version': '18.4.2.0.190416', 'missing_patch':'29230809', 'os':'unix', 'component':'db'},\n\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.190416', 'missing_patch':'29314339, 29230821, 29230950', 'os':'unix', 'component':'db'},\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.190416', 'missing_patch':'29394003', 'os':'win', 'component':'db'},\n\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.190416', 'missing_patch':'29141015, 29141038', 'os':'unix', 'component':'db'},\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.190416', 'missing_patch':'29413116', 'os':'win', 'component':'db'},\n\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.190416', 'missing_patch':'29141056, 29257245', 'os':'unix', 'component':'db'},\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.190416', 'missing_patch':'29218820', 'os':'win', 'component':'db'},\n\n\n # OJVM :\n {'min_version': '19.0', 'fixed_version': '19.3.0.0.190416', 'missing_patch':'29548437', 'os':'unix', 'component':'ojvm'},\n\n {'min_version': '18.0', 'fixed_version': '18.6.0.0.190416', 'missing_patch':'29249584', 'os':'unix', 'component':'ojvm'},\n {'min_version': '18.0', 'fixed_version': '18.6.0.0.190416', 'missing_patch':'29249584', 'os':'win', 'component':'ojvm'},\n\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.190416', 'missing_patch':'29249637', 'os':'unix', 'component':'ojvm'},\n {'min_version': '12.2.0.1', 'fixed_version': '12.2.0.1.190416', 'missing_patch':'29281550', 'os':'win', 'component':'ojvm'},\n\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.190416', 'missing_patch':'29251241', 'os':'unix', 'component':'ojvm'},\n {'min_version': '12.1.0.2', 'fixed_version': '12.1.0.2.190416', 'missing_patch':'29447962', 'os':'win', 'component':'ojvm'},\n\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.190416', 'missing_patch':'29251270', 'os':'unix', 'component':'ojvm'},\n {'min_version': '11.2.0.4', 'fixed_version': '11.2.0.4.190416', 'missing_patch':'29447971', 'os':'win', 'component':'ojvm'}\n];\n\nvcf::oracle_rdbms::check_version_and_report(app_info:app_info, severity:SECURITY_HOLE, constraints:constraints);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:15", "description": "The version of MySQL running on the remote host is 5.7.x prior to 5.7.26. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the April 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server : Pluggable Auth' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-2632)\n\n - An unspecified vulnerability in the 'Server: Compiling (OpenSSL)' subcomponent could allow an unauthenticated attacker to gain complete access to all MySQL Server accessible data. (CVE-2019-1559)\n\n - An unspecified vulnerability in the 'InnoDB' subcomponent could allow a high privileged attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service.\n (CVE-2019-2628)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "MySQL 5.7.x < 5.7.26 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1547", "CVE-2019-1559", "CVE-2019-2566", "CVE-2019-2581", "CVE-2019-2592", "CVE-2019-2614", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2632", "CVE-2019-2683", "CVE-2019-2755"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_7_27.NASL", "href": "https://www.tenable.com/plugins/nessus/124159", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124159);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-1547\",\n \"CVE-2019-2632\",\n \"CVE-2019-1559\",\n \"CVE-2019-2628\",\n \"CVE-2019-2566\",\n \"CVE-2019-2581\",\n \"CVE-2019-2683\",\n \"CVE-2019-2592\",\n \"CVE-2019-2627\",\n \"CVE-2019-2614\",\n \"CVE-2019-2755\"\n );\n script_bugtraq_id(107174, 107924, 107927);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"MySQL 5.7.x < 5.7.26 Multiple Vulnerabilities (Apr 2019 CPU) (Jul 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.7.x prior to\n5.7.26. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nApril 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the\n 'Server : Pluggable Auth' subcomponent could allow an\n unauthenticated attacker to gain complete access to all\n MySQL Server accessible data. (CVE-2019-2632)\n\n - An unspecified vulnerability in the\n 'Server: Compiling (OpenSSL)' subcomponent could allow\n an unauthenticated attacker to gain complete access to\n all MySQL Server accessible data. (CVE-2019-1559)\n\n - An unspecified vulnerability in the 'InnoDB'\n subcomponent could allow a high privileged attacker to\n cause the server to hang or to, via a frequently\n repeatable crash, cause a complete denial of service.\n (CVE-2019-2628)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6252734\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.7.26 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2632\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"mysql_version_local.nasl\", \"mysql_win_installed.nbin\", \"macosx_mysql_installed.nbin\");\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.7.0', 'fixed_version' : '5.7.26'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-06T14:18:03", "description": "According to the versions of the icu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.(CVE-2015-4844)\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.(CVE-2017-7867)\n\n - The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.(CVE-2014-7923)\n\n - Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.(CVE-2017-15422)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-16T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : icu (EulerOS-SA-2020-1454)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7923", "CVE-2014-7926", "CVE-2014-7940", "CVE-2014-9654", "CVE-2015-4844", "CVE-2016-0494", "CVE-2016-6293", "CVE-2016-7415", "CVE-2017-15422", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libicu", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2020-1454.NASL", "href": "https://www.tenable.com/plugins/nessus/135616", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135616);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-7923\",\n \"CVE-2014-7926\",\n \"CVE-2014-7940\",\n \"CVE-2014-9654\",\n \"CVE-2015-4844\",\n \"CVE-2016-0494\",\n \"CVE-2016-6293\",\n \"CVE-2016-7415\",\n \"CVE-2017-15422\",\n \"CVE-2017-7867\",\n \"CVE-2017-7868\"\n );\n script_bugtraq_id(\n 72288,\n 72980\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : icu (EulerOS-SA-2020-1454)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the icu package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Unspecified vulnerability in the Java SE and Java SE\n Embedded components in Oracle Java SE 6u105, 7u91, and\n 8u66 and Java SE Embedded 8u65 allows remote attackers\n to affect confidentiality, integrity, and availability\n via unknown vectors related to 2D.(CVE-2016-0494)\n\n - Unspecified vulnerability in Oracle Java SE 6u101,\n 7u85, and 8u60, and Java SE Embedded 8u51, allows\n remote attackers to affect confidentiality, integrity,\n and availability via unknown vectors related to\n 2D.(CVE-2015-4844)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function.(CVE-2017-7868)\n\n - International Components for Unicode (ICU) for C/C++\n before 2017-02-13 has an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function.(CVE-2017-7867)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) for C/C++ before\n 2014-12-03, as used in Google Chrome before\n 40.0.2214.91, calculates certain values without\n ensuring that they can be represented in a 24-bit\n field, which allows remote attackers to cause a denial\n of service (memory corruption) or possibly have\n unspecified other impact via a crafted string, a\n related issue to CVE-2014-7923.(CVE-2014-9654)\n\n - Stack-based buffer overflow in the Locale class in\n common/locid.cpp in International Components for\n Unicode (ICU) through 57.1 for C/C++ allows remote\n attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a\n long locale string.(CVE-2016-7415)\n\n - The uloc_acceptLanguageFromHTTP function in\n common/uloc.cpp in International Components for Unicode\n (ICU) through 57.1 for C/C++ does not ensure that there\n is a '\\0' character at the end of a certain temporary\n array, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long\n httpAcceptLanguage argument.(CVE-2016-6293)\n\n - The collator implementation in i18n/ucol.cpp in\n International Components for Unicode (ICU) 52 through\n SVN revision 293126, as used in Google Chrome before\n 40.0.2214.91, does not initialize memory for a data\n structure, which allows remote attackers to cause a\n denial of service or possibly have unspecified other\n impact via a crafted character sequence.(CVE-2014-7940)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a zero-length\n quantifier.(CVE-2014-7926)\n\n - The Regular Expressions package in International\n Components for Unicode (ICU) 52 before SVN revision\n 292944, as used in Google Chrome before 40.0.2214.91,\n allows remote attackers to cause a denial of service\n (memory corruption) or possibly have unspecified other\n impact via vectors related to a look-behind\n expression.(CVE-2014-7923)\n\n - Integer overflow in international date handling in\n International Components for Unicode (ICU) for C/C++\n before 60.1, as used in V8 in Google Chrome prior to\n 63.0.3239.84 and other products, allowed a remote\n attacker to perform an out of bounds memory read via a\n crafted HTML page.(CVE-2017-15422)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1454\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ad5439c0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected icu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libicu-50.1.2-15.h7.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:21:56", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread.\n This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. (CVE-2017-3735)\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.\n (CVE-2018-0495)\n\n - OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key. (CVE-2018-0737)\n\n - Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).\n Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).\n (CVE-2018-0739)\n\n - A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. (CVE-2018-5407)\n\n - During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o). (CVE-2018-0732)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0065)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-3735", "CVE-2018-0495", "CVE-2018-0732", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-5407"], "modified": "2022-05-19T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0065_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/127262", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0065. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127262);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2017-3735\",\n \"CVE-2018-0495\",\n \"CVE-2018-0732\",\n \"CVE-2018-0737\",\n \"CVE-2018-0739\",\n \"CVE-2018-5407\"\n );\n script_bugtraq_id(103518, 103766, 104442);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0065)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected\nby multiple vulnerabilities:\n\n - While parsing an IPAddressFamily extension in an X.509\n certificate, it is possible to do a one-byte overread.\n This would result in an incorrect text display of the\n certificate. This bug has been present since 2006 and is\n present in all versions of OpenSSL before 1.0.2m and\n 1.1.0g. (CVE-2017-3735)\n\n - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a\n memory-cache side-channel attack on ECDSA signatures\n that can be mitigated through the use of blinding during\n the signing process in the _gcry_ecc_ecdsa_sign function\n in cipher/ecc-ecdsa.c, aka the Return Of the Hidden\n Number Problem or ROHNP. To discover an ECDSA key, the\n attacker needs access to either the local machine or a\n different virtual machine on the same physical host.\n (CVE-2018-0495)\n\n - OpenSSL RSA key generation was found to be vulnerable to\n cache side-channel attacks. An attacker with sufficient\n access to mount cache timing attacks during the RSA key\n generation process could recover parts of the private\n key. (CVE-2018-0737)\n\n - Constructed ASN.1 types with a recursive definition\n (such as can be found in PKCS7) could eventually exceed\n the stack given malicious input with excessive\n recursion. This could result in a Denial Of Service\n attack. There are no such structures used within SSL/TLS\n that come from untrusted sources so this is considered\n safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g).\n Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).\n (CVE-2018-0739)\n\n - A microprocessor side-channel vulnerability was found on\n SMT (e.g, Hyper-Threading) architectures. An attacker\n running a malicious process on the same core of the\n processor as the victim process can extract certain\n secret information. (CVE-2018-5407)\n\n - During key agreement in a TLS handshake using a DH(E)\n based ciphersuite a malicious server can send a very\n large prime value to the client. This will cause the\n client to spend an unreasonably long period of time\n generating a key for this prime resulting in a hang\n until the client has finished. This could be exploited\n in a Denial Of Service attack. Fixed in OpenSSL\n 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL\n 1.0.2p-dev (Affected 1.0.2-1.0.2o). (CVE-2018-0732)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0065\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-3735\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-0737\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"openssl-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\",\n \"openssl-crypto-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\",\n \"openssl-debuginfo-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\",\n \"openssl-devel-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\",\n \"openssl-libs-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\",\n \"openssl-perl-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\",\n \"openssl-static-1.0.2k-16.el7_6.1.cgslv5.0.1.g94e9187.lite\"\n ],\n \"CGSL MAIN 5.04\": [\n \"openssl-1.0.2k-16.el7_6.1.cgslv5\",\n \"openssl-debuginfo-1.0.2k-16.el7_6.1.cgslv5\",\n \"openssl-devel-1.0.2k-16.el7_6.1.cgslv5\",\n \"openssl-libs-1.0.2k-16.el7_6.1.cgslv5\",\n \"openssl-perl-1.0.2k-16.el7_6.1.cgslv5\",\n \"openssl-static-1.0.2k-16.el7_6.1.cgslv5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T15:06:47", "description": "According to the versions of the cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks.\n\n - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side-channel attacks.\n\n - A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.\n\n - A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.\n\n - Use-after-free vulnerability in the snd_pcm_info() function in the ALSA subsystem in the Linux kernel allows attackers to induce a kernel memory corruption and possibly crash or lock up a system. Due to the nature of the flaw, a privilege escalation cannot be fully ruled out, although we believe it is unlikely.\n\n - ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, and this may lead to UAF or out-of-bound access.\n\n - In the Linux kernel versions 4.12, 3.10, 2.6, and possibly earlier, a race condition vulnerability exists in the sound system allowing for a potential deadlock and memory corruption due to use-after-free condition and thus denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-20T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-055)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0861", "CVE-2018-1000004", "CVE-2018-10901", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-7566"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:cpupools", "p-cpe:/a:virtuozzo:virtuozzo:cpupools-features", "p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzpkgenvdebx64", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZA-2018-055.NASL", "href": "https://www.tenable.com/plugins/nessus/112018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112018);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-0861\",\n \"CVE-2018-1000004\",\n \"CVE-2018-10901\",\n \"CVE-2018-3620\",\n \"CVE-2018-3646\",\n \"CVE-2018-3693\",\n \"CVE-2018-5390\",\n \"CVE-2018-7566\"\n );\n\n script_name(english:\"Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-055)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the cpupools / cpupools-features / etc\npackages installed, the Virtuozzo installation on the remote host is\naffected by the following vulnerabilities :\n\n - Modern operating systems implement virtualization of\n physical memory to efficiently use available system\n resources and provide inter-domain protection through\n access control and isolation. The L1TF issue was found\n in the way the x86 microprocessor designs have\n implemented speculative execution of instructions (a\n commonly used performance optimisation) in combination\n with handling of page-faults caused by terminated\n virtual to physical address resolving process. As a\n result, an unprivileged attacker could use this flaw to\n read privileged memory of the kernel or other processes\n and/or cross guest/host boundaries to read host memory\n by conducting targeted cache side-channel attacks.\n\n - An industry-wide issue was found in the way many modern\n microprocessor designs have implemented speculative\n execution of instructions past bounds check. The flaw\n relies on the presence of a precisely-defined\n instruction sequence in the privileged code and the\n fact that memory writes occur to an address which\n depends on the untrusted value. Such writes cause an\n update into the microprocessor's data cache even for\n speculatively executed instructions that never actually\n commit (retire). As a result, an unprivileged attacker\n could use this flaw to influence speculative execution\n and/or read privileged memory by conducting targeted\n cache side-channel attacks.\n\n - A flaw named SegmentSmack was found in the way the\n Linux kernel handled specially crafted TCP packets. A\n remote attacker could use this flaw to trigger time and\n calculation expensive calls to tcp_collapse_ofo_queue()\n and tcp_prune_ofo_queue() functions by sending\n specially modified packets within ongoing TCP sessions\n which could lead to a CPU saturation and hence a denial\n of service on the system. Maintaining the denial of\n service condition requires continuous two-way TCP\n sessions to a reachable open port, thus the attacks\n cannot be performed using spoofed IP addresses.\n\n - A flaw was found in Linux kernel's KVM virtualization\n subsystem. The VMX code does not restore the GDT.LIMIT\n to the previous host value, but instead sets it to\n 64KB. With a corrupted GDT limit a host's userspace\n code has an ability to place malicious entries in the\n GDT, particularly to the per-cpu variables. An attacker\n can use this to escalate their privileges.\n\n - Use-after-free vulnerability in the snd_pcm_info()\n function in the ALSA subsystem in the Linux kernel\n allows attackers to induce a kernel memory corruption\n and possibly crash or lock up a system. Due to the\n nature of the flaw, a privilege escalation cannot be\n fully ruled out, although we believe it is unlikely.\n\n - ALSA sequencer core initializes the event pool on\n demand by invoking snd_seq_pool_init() when the first\n write happens and the pool is empty. A user can reset\n the pool size manually via ioctl concurrently, and this\n may lead to UAF or out-of-bound access.\n\n - In the Linux kernel versions 4.12, 3.10, 2.6, and\n possibly earlier, a race condition vulnerability exists\n in the sound system allowing for a potential deadlock\n and memory corruption due to use-after-free condition\n and thus denial of service. Due to the nature of the\n flaw, privilege escalation cannot be fully ruled out,\n although we believe it is unlikely.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2952230\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/3553061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/vulnerabilities/L1TF\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cpupools / cpupools-features / etc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:cpupools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:cpupools-features\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzpkgenvdebx64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"cpupools-6.0.12-51\",\n \"cpupools-features-6.0.12-51\",\n \"parallels-server-bm-release-6.0.12-3713\",\n \"vzkernel-2.6.32-042stab133.1\",\n \"vzkernel-devel-2.6.32-042stab133.1\",\n \"vzkernel-firmware-2.6.32-042stab133.1\",\n \"vzmodules-2.6.32-042stab133.1\",\n \"vzmodules-devel-2.6.32-042stab133.1\",\n \"vzpkgenvdebx64-6.0.12-23\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cpupools / cpupools-features / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-06T14:24:41", "description": "This update for icu fixes the following issues :\n\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp did not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument. (bsc#990636)\n\n - CVE-2017-7868: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. (bsc#1034674)\n\n - CVE-2017-7867: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. (bsc#1034678)\n\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue. (bsc#1067203)\n\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC.\n (bsc#1072193)\n\n - CVE-2017-15422: An integer overflow in persian calendar calculation was fixed, which could show wrong years.\n (bsc#1077999)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-11T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : icu (SUSE-SU-2018:1602-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6293", "CVE-2017-14952", "CVE-2017-15422", "CVE-2017-17484", "CVE-2017-7867", "CVE-2017-7868"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libicu", "p-cpe:/a:novell:suse_linux:libicu-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-1602-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110443", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1602-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110443);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6293\", \"CVE-2017-14952\", \"CVE-2017-15422\", \"CVE-2017-17484\", \"CVE-2017-7867\", \"CVE-2017-7868\");\n\n script_name(english:\"SUSE SLES11 Security Update : icu (SUSE-SU-2018:1602-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for icu fixes the following issues :\n\n - CVE-2016-6293: The uloc_acceptLanguageFromHTTP function\n in common/uloc.cpp did not ensure that there is a '\\0'\n character at the end of a certain temporary array, which\n allows remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via a call with a long httpAcceptLanguage\n argument. (bsc#990636)\n\n - CVE-2017-7868: ICU had an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_moveIndex32* function. (bsc#1034674)\n\n - CVE-2017-7867: ICU had an out-of-bounds write caused by\n a heap-based buffer overflow related to the\n utf8TextAccess function in common/utext.cpp and the\n utext_setNativeIndex* function. (bsc#1034678)\n\n - CVE-2017-14952: Double free in i18n/zonemeta.cpp allowed\n remote attackers to execute arbitrary code via a crafted\n string, aka a 'redundant UVector entry clean up function\n call' issue. (bsc#1067203)\n\n - CVE-2017-17484: The ucnv_UTF8FromUTF8 function in\n ucnv_u8.cpp mishandled ucnv_convertEx calls for UTF-8 to\n UTF-8 conversion, which allows remote attackers to cause\n a denial of service (stack-based buffer overflow and\n application crash) or possibly have unspecified other\n impact via a crafted string, as demonstrated by ZNC.\n (bsc#1072193)\n\n - CVE-2017-15422: An integer overflow in persian calendar\n calculation was fixed, which could show wrong years.\n (bsc#1077999)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1034674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1034678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=990636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6293/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14952/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15422/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17484/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7868/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181602-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6419d1eb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-icu-13646=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-icu-13646=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-icu-13646=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libicu-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libicu-32bit-4.0-47.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libicu-32bit-4.0-47.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libicu-4.0-47.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libicu-doc-4.0-47.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:20:12", "description": "According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.16, 16.x prior to 16.2.9, 17.x prior to 17.12.4, or 18.x prior to 18.8.6. It is, therefore, affected by multiple vulnerabilities:\n\n - An unspecified vulnerability in the Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch allows an a malicious user to add a range header with a high number of ranges, or with wide ranges that overlap, or both, to cause a denial of service. (CVE-2018-15756)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. (CVE-2018-19360)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. (CVE-2018-19361)\n\n - FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. (CVE-2018-19362)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-19T00:00:00", "type": "nessus", "title": "Oracle Primavera Gateway Multiple Vulnerabilities (Jul 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15756", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2022-12-06T00:00:00", "cpe": ["cpe:/a:oracle:primavera_gateway"], "id": "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/126828", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126828);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2018-15756\",\n \"CVE-2018-19360\",\n \"CVE-2018-19361\",\n \"CVE-2018-19362\"\n )

Oracle Critical Patch Update Advisory - April 2019

Description

Related