Software Vulnerability Manager

Release Notes

December 2017


Software Vulnerability Manager reimagines how software is secured by closing the gap between IT Security and IT Operations by providing industry leading security research, risk assessment and remediation through Software Vulnerability Manager’s key components:

Research: Keep up with the latest software vulnerability research and advisories from Secunia Research
Patching: Remediate software vulnerabilities in third-party applications
Assessment: Discover where software vulnerabilities are installed across your organization

New Features and Enhancements

The following table lists new features and enhancements for Software Vulnerability Manager. The Affected Module(s) column refers to the specific Software Vulnerability Manager module(s) affected by the new feature or enhancement.

Affected Module(s)

Feature or Enhancement Description



Assessment, Settings

Software Vulnerability Manager now scans the Red Hat Enterprise Linux (RHEL) platform.

Go to Software Vulnerability Manager’s Settings > Assessments > Downloads to download the Vulnerable Software Discovery Tool for Red Hat Linux 6 RPM and Vulnerable Software Discovery Tool for Red Hat Linux 7 RPM.

For the online help reference, see:



Under Assessment > Products > Product Details added a label titled Entry Created to record when a Product is added to Software Vulnerability Manager.



Under Assessment > Devices > Device List the column order has been changed to:

Device Name


OS Version

System Score

Secure Products

Insecure Products

EOL Versions

Discontinued Products

Last Scanned

Inventory Source

Under Assessment > Devices > Device List the filter order has been changed to:

Device Name


OS Version

Has EOL Versions

Has Discontinued Products

Days since last Scan



Assessment Reports have the new Flexera logo.



Email notifications have the Software Vulnerability Manager product logo.



In legal and copyright information, “Flexera Software” and “Flexera Software LLC” has been changed to “Flexera”.


Vulnerability Manager, Settings

When a user is removed from a user group’s Watch List, there is now a settings options asking if all enforced Watch List subscriptions should be removed from the remaining user group members.



Resolved Issues

The following table lists resolved issues for Software Vulnerability Manager. The Affected Module(s) column refers to the specific Software Vulnerability Manager module(s) affected by the resolved issue.

Affected Module(s)

Issue Summary




In Analytics > Devices the pie graphs now have on-click filters.

In Analytics > Products the pie graphs can now be filtered.



The following API filters are now working:

Asset list filters vendor_name and product_name
Example: api/product-releases/?vendor_name=DigitByte Studio
Example: api/product-releases/?product_name=001 File Joiner And Splitter Pro
Product_is_os filter is_os
Example: api/product-releases/?is_os=true
Products filter vendor_name
api/products/?vendor_name=Welltek Software



Product data inconsistency has been resolved between Software Vulnerability Manager and databases SVM Research/VIM4/VT to identify orphaned products.


Vulnerability Manager

Export Product Versions for “all products” now generates a .csv file.



Performance issues for more than 30,000 hosts was addressed to ensure accurate counts when filtering, sorting, and exporting advisory and product details.



Under Assessment > Advisories, the Reset button now clears the page’s filters and the Assessment > Advisories page refreshes after the user navigates to other modules within Software Vulnerability Manager.



Sorting is now working in ascending order for Type under Research > Product Database > Product Versions. The Type filter includes the options Software and Operating System. When sorting in ascending order, Operating System appears before Software.



The number of levels of Organizational Unit (OU) restrictions have been removed for navigating Assessment Reports.



The Package filter option under Patching > Deployment now resets properly after clicking Reset.



Under Settings > API > XML Feeds the URLs have been corrected under the XML column.



Devices from deleted accounts are no longer processing data, which create more accurate device counts.



Improved detection logic on 64 bit machines so that publishing 32 bit and 64 bit packages to a 64 bit machine no longer leads to extra product being installed.



“Asset List” references have been replaced with “Watch List” in Watch List email alerts and throughout Settings > Workflow Management > Rules.



Patches filtered by “Affecting My Environment” now include End-of-Life products.



Removed a duplicate verification object when deleting user accounts.



User account created through a migration from VIM4 has a report with sorting by impact type, which Software Vulnerability Manager does not support.



7-Zip and Foxit Reader can now be seen in the Patching console.



Adobe Flash NPAPI v. 17.x is now appearing as a non-assessment patch on Windows Server 2012 and Windows Server 2016.



Links in the Dashboard module for Most critical advisory affecting your security now direct user to the appropriate information under Assessment > Advisories > Advisory Details.



Removing users from User Groups and saving the necessary changes no longer shuts down Software Vulnerability Manager.



User role permissions have been restricted so that non-administrators cannot delete Watch List Groups.



Reports are now successfully generated in PDF format.



Under Analytics > Reports the Add Research Report and Add Assessment Report pages now load.



The BID References link for NVIDIA Multiple Products Multiple Vulnerabilities - CVE-2017-6268 now works.



Fixed patching deployment for the Firefox browser.


Online Help - Introduction

Renamed the section “Account Basics” as “Getting Started with Software Vulnerability Manager”. For details, see:

Added the following subsections:

Logging on to Software Vulnerability Manager:
Download the Vulnerable Software Discovery Tool for Windows, Mac, and Red Hat Linux:


Online Help - Dashboard

Clarified that Flexera’s definition of End-of-Life (EOL) software may differ from a software vendor’s. For details, see:


Online Help - Assessment Scenarios

Updated the section Run Assessment from System Center Configuration Manager (SCCM) to reflect current practice. For details, see:


Online Help - Settings

Added the section Daemon Log File Size. For details, see:



Product Feedback

Have a suggestion for how we can improve this product? Please come share direct feedback with the product team and vote on ideas submitted by other users in our Customer Community feedback page for Software Vulnerability Manager.

System Requirements

The Software Vulnerability Manager User Interface will resize and adapt when being used on different devices. You can access the system from anywhere using any device, such as a smartphone or tablet, running Internet Explorer 11 or higher, Chrome, Opera, Firefox, Safari and mobile browsers with an Internet connection capable of connecting to

Legal Information

Copyright Notice

Copyright © 2017 Flexera. All Rights Reserved.

This publication contains proprietary and confidential information and creative works owned by Flexera and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera is strictly prohibited. Except where expressly provided by Flexera in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera intellectual property rights, whether by estoppel, implication, or otherwise.

All copies of the technology and related information, if allowed by Flexera, must display this notice of copyright and ownership in full.

Intellectual Property

For a list of trademarks and patents that are owned by Flexera, see All other brand and product names mentioned in Flexera products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners.

Restricted Rights Legend

The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software was developed fully at private expense. All other use is prohibited.


Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. The provision of such information does not represent any commitment on the part of Flexera. Flexera makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Flexera shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The software described in this document is furnished by Flexera under a license agreement. The software may be used only in accordance with the terms of that license agreement. It is against the law to copy or use the software, except as specifically allowed in the license agreement. No part of this document may be reproduced or retransmitted in any form or by any means, whether electronically or mechanically, including, but not limited to: photocopying, recording, or information recording and retrieval systems, for any purpose other than the purchaser’s personal use, without the express, prior, written permission of Flexera.