Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
77 WINDOWS CVEs: CVE-2021-28355, CVE-2021-2641...
- Loading branch information
1 parent
ebc76b9
commit 2005a87
Showing
1,030 changed files
with
18,038 additions
and
0 deletions.
There are no files selected for viewing
232 changes: 232 additions & 0 deletions
232
repository/definitions/vulnerability/oval_com.jovalcm.ms.cve_def_2021264130000.xml
Large diffs are not rendered by default.
Oops, something went wrong.
232 changes: 232 additions & 0 deletions
232
repository/definitions/vulnerability/oval_com.jovalcm.ms.cve_def_2021264150000.xml
Large diffs are not rendered by default.
Oops, something went wrong.
84 changes: 84 additions & 0 deletions
84
repository/definitions/vulnerability/oval_com.jovalcm.ms.cve_def_2021264160000.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:com.jovalcm.ms.cve:def:2021264160000" version="0"> | ||
<metadata> | ||
<title>Windows Hyper-V Denial of Service Vulnerability - CVE-2021-26416</title> | ||
<affected family="windows"> | ||
<platform>Microsoft Windows 10</platform> | ||
<platform>Microsoft Windows Server 2016</platform> | ||
<platform>Microsoft Windows Server 2019</platform> | ||
</affected> | ||
<reference ref_id="CVE-2021-26416" source="CVE" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26416"/> | ||
<reference ref_id="MSRC-CVE-2021-26416" source="Vendor Advisory" ref_url="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26416"/> | ||
<reference ref_id="KB5001347" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001347"/> | ||
<reference ref_id="KB5001342" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001342"/> | ||
<reference ref_id="KB5001337" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001337"/> | ||
<reference ref_id="KB5001330" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001330"/> | ||
<description/> | ||
<oval_repository> | ||
<dates> | ||
<submitted date="2021-04-16T13:39:16"> | ||
<contributor organization="JovalCM.com">David Ries</contributor> | ||
</submitted> | ||
</dates> | ||
<status>INITIAL SUBMISSION</status> | ||
<min_schema_version>5.11.2</min_schema_version> | ||
</oval_repository> | ||
</metadata> | ||
<criteria operator="OR"> | ||
<criteria comment="Windows Server 2016 is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2016 is installed" definition_ref="oval:org.cisecurity:def:1269"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160001" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.14393.4350"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160002" comment="hvax64.exe (10.x) version is less than 10.0.14393.4350"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1607 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1607 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:1379"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160001" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.14393.4350"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160002" comment="hvax64.exe (10.x) version is less than 10.0.14393.4350"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2016 (Server Core installation) is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2016 (Server Core installation) is installed" definition_ref="oval:org.cisecurity:def:3529"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160001" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.14393.4350"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160002" comment="hvax64.exe (10.x) version is less than 10.0.14393.4350"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1809 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:5821"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160003" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.17763.1879"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160004" comment="hvax64.exe (10.x) version is less than 10.0.17763.1879"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2019 is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2019 is installed" definition_ref="oval:org.cisecurity:def:5761"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160003" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.17763.1879"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160004" comment="hvax64.exe (10.x) version is less than 10.0.17763.1879"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:7268"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160005" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.18362.1500"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160006" comment="hvax64.exe (10.x) version is less than 10.0.18362.1500"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 2004 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:8477" comment="Microsoft Windows 10 Version 2004 (x64) is installed"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160008" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.19041.928"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160009" comment="hvax64.exe (10.x) version is less than 10.0.19041.928"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:8452" comment="Microsoft Windows 10 Version 20H2 (x64) is installed"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160008" comment="hvax64.exe (32-bit) (10.x) version is less than 10.0.19041.928"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264160009" comment="hvax64.exe (10.x) version is less than 10.0.19041.928"/> | ||
</criteria> | ||
</criteria> | ||
</criteria> | ||
</definition> |
77 changes: 77 additions & 0 deletions
77
repository/definitions/vulnerability/oval_com.jovalcm.ms.cve_def_2021264170000.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:com.jovalcm.ms.cve:def:2021264170000" version="0"> | ||
<metadata> | ||
<title>Windows Overlay Filter Information Disclosure Vulnerability - CVE-2021-26417</title> | ||
<affected family="windows"> | ||
<platform>Microsoft Windows 10</platform> | ||
<platform>Microsoft Windows Server 2019</platform> | ||
</affected> | ||
<reference ref_id="CVE-2021-26417" source="CVE" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26417"/> | ||
<reference ref_id="MSRC-CVE-2021-26417" source="Vendor Advisory" ref_url="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26417"/> | ||
<reference ref_id="KB5001342" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001342"/> | ||
<reference ref_id="KB5001337" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001337"/> | ||
<reference ref_id="KB5001330" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5001330"/> | ||
<description/> | ||
<oval_repository> | ||
<dates> | ||
<submitted date="2021-04-16T13:39:16"> | ||
<contributor organization="JovalCM.com">David Ries</contributor> | ||
</submitted> | ||
</dates> | ||
<status>INITIAL SUBMISSION</status> | ||
<min_schema_version>5.11.2</min_schema_version> | ||
</oval_repository> | ||
</metadata> | ||
<criteria operator="OR"> | ||
<criteria comment="Windows 10 Version 1809 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:5824"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170001" comment="wof.sys (10.x) version is less than 10.0.17763.1879"/> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1809 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:5821"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170002" comment="wof.sys (32-bit) (10.x) version is less than 10.0.17763.1879"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170001" comment="wof.sys (10.x) version is less than 10.0.17763.1879"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2019 is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2019 is installed" definition_ref="oval:org.cisecurity:def:5761"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170002" comment="wof.sys (32-bit) (10.x) version is less than 10.0.17763.1879"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170001" comment="wof.sys (10.x) version is less than 10.0.17763.1879"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:7269"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170003" comment="wof.sys (10.x) version is less than 10.0.18362.1500"/> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:7268"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170004" comment="wof.sys (32-bit) (10.x) version is less than 10.0.18362.1500"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170003" comment="wof.sys (10.x) version is less than 10.0.18362.1500"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 2004 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:8447" comment="Microsoft Windows 10 Version 2004 (x86) is installed"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170006" comment="wof.sys (10.x) version is less than 10.0.19041.928"/> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 2004 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:8477" comment="Microsoft Windows 10 Version 2004 (x64) is installed"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170007" comment="wof.sys (32-bit) (10.x) version is less than 10.0.19041.928"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170006" comment="wof.sys (10.x) version is less than 10.0.19041.928"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:8452" comment="Microsoft Windows 10 Version 20H2 (x64) is installed"/> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170007" comment="wof.sys (32-bit) (10.x) version is less than 10.0.19041.928"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170006" comment="wof.sys (10.x) version is less than 10.0.19041.928"/> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:8457" comment="Microsoft Windows 10 Version 20H2 (x86) is installed"/> | ||
<criterion test_ref="oval:com.jovalcm.ms.cve:tst:2021264170006" comment="wof.sys (10.x) version is less than 10.0.19041.928"/> | ||
</criteria> | ||
</criteria> | ||
</definition> |
Oops, something went wrong.