3965 matches found
KLA11240 Critical vulnerability in 7-Zip
A critical vulnerability was found in 7-Zip. By exploiting this vulnerability malicious users can cause denial or service or execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted RAR archive. NB: This vulnerability does not have any public CVSS rating, so...
KLA11039 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...
KLA10901 Multiple vulnerabilities in Microsoft SQL Server
Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper pointer casting handling can be exploited by remotely...
KLA10915 Arbitrary code execution vulnerability in 7-Zip
A heap-based-overflow was found in 7-Zip before 16.00. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HFS+ image. Technical details Vulnerability occurs in method...
KLA10601 Multiple vulnerabilities in Microsoft products
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA11294 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities were found in Oracle Java SE, Java SE Embedded and JRockit. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A...
KLA11178 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability ...
KLA11190 Multiple vulnerabilities in 7-Zip
Multiple serious vulnerabilities have been found in 7-Zip. Malicious users can exploit these vulnerabilities to cause denial of service and possibly to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilities in RAR3 handler can be exploited remote...
KLA11047 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Original advisories - Exploitation Public exploits exist for this vulnerability. Malware exists for this...
KLA11234 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service and perform unspecified attacks. Below is a complete list of...
KLA10616 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office products. Malicious users can exploit these vulnerabilities to run arbitrary code, cause denial of service, loss of integrity, security bypass, privilege escalation and obtain sensitive information. Below is a complete list of...
KLA11122 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in subcomponent Smart Card IO can be...
KLA10995 Multiple arbitrary code execution vulnerabilities in Microsoft office
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of input before loading DLL files can be exploited remotely via a specially...
KLA11138 Multiple vulnerabilities in Adobe Acrobat&Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service or bypass security restrictions. Original advisories Adobe Security Bulletin...
KLA11187 ACE vulnerability in Mozilla Firefox
An unspecified vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a unsanitized output in the browser UI. Original advisories Mozilla Foundation Security Advisory 2018-05 Related...
KLA11191 Multiple use-after-free vulnerabilities in Adobe Flash Player
Multiple use-after-free vulnerabilitires was found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially crafted Office documents with embedded malicious Flash content. Technical detai...
KLA11389 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1...
KLA11970 ACE vulnerability in Adobe Flash Player
A NULL Pointer Dereference vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories APSB20-58 Related products Adobe-Flash-Player-ActiveX Adobe-Flash-Player-NPAPI Adobe-Flash-Player-PPAPI CVE list CVE-2020-9746...
KLA12390 RCE vulnerability in Apache Log4j
Remote code execution vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Apache Log4j Security Vulnerabilities Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability...
KLA11185 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information and perform cross-site scripting attack. Below ...
KLA11380 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability can be exploited remotely via specially crafted file to...
KLA11241 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerabili...
KLA11262 Obsolete Adobe Flash player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11261 Original advisories - Related products Microsoft-Windows CVE list KB list Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update usually can be...
KLA11204 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities possibly to cause denial of service or spoof user interface. Below is a complete list of vulnerabilities: 1. Incorrect processing of AppMenifests can be exploited remotely to perfo...
KLA10980 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Windows GDI can be exploited remotely via...
KLA11161 UXSS vulnerability in Google Chrome
An unspecified vulnerability was found in Google Chrome. By exploiting this vulnerability malicious users can perform cross-site scripting. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2017-15429 warning Solution Update to the latest version...
KLA11285 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Windows kernel ca...
KLA11261 Multiple vulnerabilities in Adobe Flash player
Multiple serious vulnerabilities have been found in Adobe Flash player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Type Confusion vulnerability in Adobe Flash player can be exploited...
KLA11352 SUI vulnerability in Adobe Flash Player
Out-of-bounds read vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to spoof user interface. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original...
KLA10729 Privilege escalation vulnerability in WinRAR
Improper files handling was found in WinRAR. By exploiting this vulnerability malicious users can execute arbitrary code with WinRAR privileges. This vulnerability can be exploited remotely via a specially designed archive. Technical details This vulnerability related to two WinRAR functions:one...
KLA11381 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11380. Original advisories ADV180031 Related products Adobe-Flash CVE list KB list 4471331 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update...
KLA11306 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory...
KLA11315 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in System.IO.Pipelines ca...
KLA11399 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsof...
KLA11195 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation...
KLA11211 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11208. Original advisories ADV180006 Related products Microsoft-Windows CVE list KB list 4088785 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11693 ACE vulnerability in Microsoft Windows
A remote code execution vulnerability in Windows SMBv3 Client/Server can be exploited remotely via specially crafted packet to execute arbitrary code. Original advisories CVE-2020-0796 Exploitation This vulnerability can be exploited by the following malware:...
KLA11354 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An information...
KLA11340 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unspecified...
KLA11238 Critical vulnerability in Google Chrome
An use-after-free vulnerability related to Media Cache was found in Google Chrome. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time. N...
KLA11427 Multiple ACE vulnerabilities in WinRAR
Multiple vulnerabilities were found in WinRAR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A logical issue can be exploited locally via specially crafted filename of the ACE archive to...
KLA11231 Multiple vulnerabilities in Node.js
Multiple serious vulnerabilities have been found in Node.js. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the HTTP parser can be exploited remotely via Content-Length parameter to...
KLA10004 Multiple Adobe Acrobat & Reader vulnerabilities
Multiple serious vulnerabilities have been found in Adobe Reader & Adobe Acrobat versions X and XI. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass a sandbox protection, cause a denial of service or obtain sensitive information. Below is a complete list of...
KLA11188 Unspecified vulnerability in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and perform unspecified attacks. Below is a complete list of vulnerabilities: 1. A data validation vulnerability in the...
KLA11199 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge c...
KLA11101 Arbitrary code execution vulnerability in Microsoft .NET Framework
An improper validation of untrusted input was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document or application. Technical details NB: This vulnerability doe...
KLA11356 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11352. Original advisories ADV180025 Related products Microsoft-Windows CVE list KB list 4467694 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11214 Unspecified vulnerability in Google Chrome
An unspecified vulnerability was found in Google Chrome. More information will be published soon. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list Solution Update to the latest version. File with name oldchrome can be still detected after update. It...
KLA11251 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. Multiple memo...
KLA10761 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via a specially designed regular...