747 matches found
Apple iTunes < 12.9.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.2. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209345 advisory. - Visiting a malicious website may lead to address bar spoofing CVE-2018-4440 - Visiting a malicious website may lead...
KLA11382 SUI vulnerability in Microsoft Dynamics
Cross-site-scripting XSS vulnerability was found in Microsoft Dynamics NAV. Malicious users can exploit this vulnerability remotely via specially crafted web page to spoof user interface. Original advisories CVE-2018-8651 Related products Microsoft-Dynamics-365 CVE list CVE-2018-8651 warning KB...
About the security content of Safari 12.0.2
About the security content of Safari 12.0.2 This document describes the security content of Safari 12.0.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
KLA11376 Spoofing vulnerability in Microsoft Windows
A vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Technical details The certificates were inadvertently disclosed by the Sennheiser HeadSetup and HeadSetup Pro software. Original advisories ADV180029 Related products...
Apple iOS Messages UI Spoofing Vulnerability (CNVD-2018-26504)
Apple iOS is an operating system for mobile devices developed by Apple Inc. Messages is a component of the application used to send text, photos and videos. A security vulnerability exists in the Messages component in Apple iOS versions prior to 12.1. The vulnerability can be exploited by an...
Apple macOS Mojave Mail UI Spoofing Vulnerability
Apple macOS Mojave is a specialized operating system developed by Apple Inc. for Mac computers.The App Store is a platform for online distribution of applications.Mail is an email component of the... A security vulnerability exists in the Mail component of Apple macOS Mojave version 10.14. The...
KLA11898 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products ESU. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory...
[SECURITY] [DSA 4330-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4330-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 02, 2018 https://www.debian.org/security/faq -...
KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, read local files, spoof user interface and execute arbitrary code. Below is a comple...
KLA11338 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A sandbox escape vulnerability...
Apple Safari Security Updates (HT209109)
Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...
About the security content of Safari 12
About the security content of Safari 12 This document describes the security content of Safari 12. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
KLA11312 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. ...
KLA11306 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory...
Debian DSA-4256-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-4117 AhsanEjaz discovered an information leak. - CVE-2018-6044 Rob Wu discovered a way to escalate privileges using extensions. - CVE-2018-6150 Rob Wu discovered an information disclosure issue this problem was...
KLA11288 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering...
Debian DSA-4237-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-6118 Ned Williamson discovered a use-after-free issue. - CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library. - CVE-2018-6121 It was discovered that malicious extensions could...
Apple iOS inkPresentation UI fraud vulnerability
Apple iOS is an operating system developed by Apple for its mobile devices.LinkPresentation is one of the presentation display components. A security vulnerability exists in the handling of URLs in the linkPresentation component in Apple iOS versions prior to 11.3.1. The vulnerability can be...
KLA11282 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in CoreGraphics...
About the security content of Safari 11.0.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...