3996 matches found
KLA10975 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Hyper-V can be exploit...
KLA10881 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10879. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA10514 Multiple vulnerabilities in PHP and plugins
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to inject or execute arbitrary code, bypass security restrictions or cause denial of service. Below is a complete list of vulnerabilities 1. Multiple use-after-free vulnerabilities can be...
KLA10341 ACE vulnerability in St. Bernard Open File Manager
A buffer overflow was found in St. Bernard Open File Manager. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request. Original advisories - Related products St-Bernard-Open-File-Manager CVE list...
KLA12535 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visual Studio can be exploited...
KLA12502 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11291 Microsoft Guidance for Lazy Floating Point State Restore
Speculative store bypass vulnerability in Microsoft Windows systems can be exploited to bypass security restrictions. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown involving...
KLA11075 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An access issue can be exploited remotely to execute arbitrary code with...
KLA11035 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome versions earlier than 59.0.3071.86. Malicious users can exploit these vulnerabilities possibly to cause a denial of service, execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete...
KLA10647 Privilege escalation vulnerability in Microsoft System Center
Improper validation input was found in Microsoft System Center. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed website. Original advisories CVE-2015-2420 Related products...
KLA10447 Multiple vulnerabilities in Java SE
Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to cause loss of integrity, denial of service and obtain sensitive information. Below is a complete list of vulnerabilities 1. Vectors relsted to Swing, Hotspot, JAX-WS,...
KLA12187 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A buffer overflow...
KLA11375 ACE vulnerability in Microsoft Skype
Stack buffer overflow vulnerability was found in Microsoft. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Microsoft Skype v7.3.6 ā Stack Overflow Vulnerability Related products Skype-for-Windows CVE list CVE-2017-9948 high Solution Update to the...
KLA11012 Remote code execution vulnerability in the Microsoft Malware Protection Engine
An improper way of scanning files was found in the Microsoft Malware Protection. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Technical details To exploit this vulnerability, a malformed fi...
KLA10751 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability at...
KLA10582 Code execution vulnerability in Microsoft Sharepoint Server
An unspecified vulnerability was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed page content. Original advisories Microsoft bulletin CVE-2015-1700 Related...
KLA11932 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
KLA11681 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely to...
KLA11416 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability in Sk...
KLA11393 Multiple vulnerabilities in Adobe Acrobat and Acrobat Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability can be exploited remotely to execute...
KLA11219 PE vulnerability in Microsoft Products (ESU)
PE vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2018-1038 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
KLA11163 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, inject arbitrary code or spoof user interface. 1. A buffer overflow vulnerability in Direct ...
KLA10988 Information disclosure vulnerability in Windows DirectShow
An improper objects handling in memory was found in Windows DirectShow. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website. Original advisories MS17-021 CVE-2017-0042 Related products...
KLA10882 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory objects handling at Microsoft Vide...
KLA10827 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited...
KLA10382 Multiple vulnerabilities in VMware
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to obtain sensitive information, hijack a session or cause denial of service. Below is a complete list of vulnerabilities 1. Improperly restrictions can be exploited remotely via...
KLA10024 DoS vulnerability in GOM Media Player
An unspecified vulnerability was found in the GOM Media Player. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to an unknown application via a specially designed .AVI file. Original advisories N...
KLA12407 RCE vulnerability in Apache Log4j
Remote code execution vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Fixed in Log4j 2.15.0 Log4j 1.x mitigation CVE-2021-4104 Exploitation Malware exists for this vulnerability. Usually such malware is...
KLA12354 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in IEEE 802.11 dissector can be exploited via special crafted packet to cause denial of...
KLA12043 PE vulnerability in Microsoft SQL Server
An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2021-1636 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-SQL-Server CVE list CVE-2021-1636...
KLA11865 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11384 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities can be exploited remotely to spoof user interface; 2. Multiple memory...
KLA11124 Multiple vulnerabilities in Oracle Virtual Box
Multiple serious vulnerabilities have been found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and obtain sensitive information. Original advisories Oracle Critical Patch Update Advisory Related products...
KLA10119 Multiple vulnerabilities in Mozilla
An unspecified vulnerability was found in Clam Anti-virus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally at a point related to the OLE2 parser via a specially designed file. Below is a complete list of vulnerabilities 1...
KLA60809 Multiple vulnerabilities in 7-Zip
Multiple vulnerabilities were found in 7-Zip. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds memory write vulnerability in SquashFS File Parsing can be exploited to execute arbitrary code. 2. Integer...
KLA12436 PE vulnerability in Apache Tomcat
Privilege escalation vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to gain privileges. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat CVE list...
KLA11513 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security...
KLA11087 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA10804 Code execution vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited remotely via a specially designed content; 2. An...
KLA10067 DoS vulnerabilities in Apache httpd
Multiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to modlogconfig can be exploited remotely via a specially designed cookie; 2. An improper...
KLA61355 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be...
KLA50317 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information, spoof user interface. Below is a complete list of...
KLA12316 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Rich Text Edit Contr...
KLA11743 Multiple vulnerabilities in Microsoft products (ESU)
Multiple vulnerabilities were found in Microsoft products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KLA11720 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in speech recognizer can be exploited to...
KLA11247 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting...
KLA11228 A use-after-free vulnerability in Mozilla Firefox and Firefox ESR
A use-after-free vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service. Original advisories Mozilla Foundation Security Advisory 2018-10 Related products Mozilla-Firefox Mozilla-Firefox-ESR CVE list CVE-2018-5148 critical Solution...
KLA10960 Code execution vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A type confusion vulnerability related to the MessageChannel class can be exploited remotely to...
KLA19252 DoS vulnerability in Wireshark
Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories F5 Ethernet Trailer dissector infinite loop Related products Wireshark CVE list CVE-2022-3190 high Solution Update to the latest version Download...
KLA12288 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely ...