3996 matches found
KLA11574 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of...
KLA11127 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes for Windows. These vulnerabilities have been found in WebKit component and can be exploited remotely to execute arbitrary code, perform cross-site scripting, bypass security restrictions and obtain sensitive information. NB: Not eve...
KLA11067 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An informati...
KLA10984 Privilege escalation vulnerabilities in Windows kernel
Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An improper check of a buffer length prior to copying memory to the buffer can be exploited remotely ...
KLA10773 Code execution vulnerability in Apple Software Update
Weak networking protocol usage was found in Apple Software Update. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via man-in-the-middle attack. Technical details Instead of usage HTTPS for downloading updates unprotected...
KLA10743 Multiple vulnerabilities in Oracle Java SE
An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can affect application confidentiality, integrity and availability. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, AWT, Libraries, Networking,...
KLA10614 Code injection vulnerability in Microsoft ASP.NET MVC
XSS vulnerability was found in ASP.NET MVC. By exploiting this vulnerability malicious users can inject arbitrary script. This vulnerability can be exploited remotely via a specially designed web page. Original advisories CVE-2014-4075 Related products Microsoft-ASP.NET-MVC CVE list CVE-2014-4075...
KLA60559 ACE vulnerability in Adobe Acrobat and Adobe Acrobat Reader
Out of bounds write vulnerability was found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories APSB23-34 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...
KLA12387 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11942 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...
KLA11388 Multiple vulnerabilities in Microsoft Browsers
Multiple serious vulnerabilities were found in Microsoft Browsers Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially craft...
KLA11370 ACE vulnerability in VMware Workstation and Fusion
Integer overflow vulnerability was found in VMware Workstation and Fusion. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories VMSA-2018-0030 Related products VMware-Workstation VMware-Fusion CVE list CVE-2018-6983 high Solution Update to the latest versi...
KLA11265 Multiple vulnerabilities in Microsoft Internet Explorer & Edge
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting...
KLA10885 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information or gain privileges. Below is a complete list of vulnerabilities 1. An improper memory objects handlin...
KLA62824 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service, execute arbitrary code. Below is a...
KLA20158 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of...
KLA11551 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A spoofing...
KLA11395 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Exchange can be...
KLA11365 ACE vulnerability in Adobe Flash Player
A type confusion vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability remotely to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, use the solution from KLA11366 Original advisori...
KLA11277 Multiple vulnerabilities in VMware products
Multiple out-of-bounds read vulnerabilities have been found in VMware Workstation and Fusion. Malicious users can exploit these vulnerabilities to obtain sensitive information or gain privileges. Original advisories VMSA-2018-0016 Related products VMware-Workstation VMware-Fusion CVE list...
KLA10744 Multiple vulnerabilities in Oracle VM VirtualBox
An unspecified vulnerabilities were found in Oracle VirtualBox. By exploiting these vulnerabilities malicious users can affect availability, integrity and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to Core and Windows Installer. Original...
KLA10757 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Lack of URL schemes validation at Developer Tools can be exploited remote...
KLA10702 Code execution vulnerability in Google Picasa
Integer overflow was found in Google Picasa. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed CAMF section in FOVb image. Original advisories - CVE list CVE-2015-8221 critical Solution Update to the...
KLA10369 ACE vulnerability in Trend Micro
Buffer overflows were found in the Trend Micro products. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via specially designed parameters. Original advisories - Related products Trend-Micro-HouseCall-ActiveX-Control...
KLA12534 RCE vulnerability in Microsoft Azure
A remote code execution vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2022-29972 ADV220001 Related products Microsoft-Azure CVE list CVE-2022-29972 unknown Solution Install necessary updates from the K...
KLA12471 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in fullscreen...
KLA12005 Multiple vulnerabilities in PostgreSQL
Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A code execution vulnerability in psql session can be exploited to execute arbitrary code. ...
KLA11503 ACE vulnerabilities in Google Chrome
A use-after-free vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2019-5842 warning Solution Update to the latest version. File with...
KLA11172 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft .NET Core, ASP.NET Core, Microsoft Excel and Microsoft Office Compatibility Pack. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions and gain privileges...
KLA11146 Multiple vulnerabilities in Apple Safari
Multiple serious vulnerabilities have been found in Apple Safari. Vulnerabilities in the WebKit componenent can be exploited remotely via crafted web site to execute arbitrary code. Original advisories About the security content of Safari 11.0.1 Exploitation Public exploits exist for this...
KLA73227 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service, spoof user interface, bypass security restrictions. Below is a complete list of...
KLA51717 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing...
KLA12525 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability ...
KLA12389 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11636 Use-after-free vulnerability in Google Chrome
Use-after-free vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2020-6377 high Solution Update to the latest version Download Googl...
KLA11568 DoS vulnerability in Wireshark
Unspecified vulnerability was found in Wireshark. Malicious users can exploit this vulnerability via injecting a malformed packet to cause denial of service. Original advisories wnpa-sec-2019-19 Related products Wireshark CVE list CVE-2019-12295 warning Solution Update to latest version Get...
KLA10929 Denial of service vulnerability in PHP
An improper unserialize implementation in ext/standard/var.c was found in PHP 7.x before 7.0.14. By exploiting this vulnerability malicious users can cause a denial of service. Other unspecified impacts are also possible. This vulnerability can be exploited remotely via specially designed...
KLA10924 Privilege escalation and information disclosure vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information or gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory while running a Windows Crypto...
KLA10920 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in Microsoft...
KLA10897 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory...
KLA11914 Multiple vulnerability in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA10748 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface and execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple memory safety...
KLA10013 OSI vulnerability in multiple Microsoft XML Core Services
By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network at a point related to MSXML via a specially designed website. It is caused by a missing property information restriction. Original advisories MS Bulletin...
KLA10414 ACe vulnerability in Avast! Antivirus
Improper input validation was found in Avast! Antivirus. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed IOCTL request. Original advisories - Related products...
KLA11750 Multiple vulnerability in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Dynamics Business...
KLA11449 SB vulnerability in WinSCP
Buffer overflow vulnerability was found in WinSCP. Malicious users can exploit this vulnerability remotely to bypass security restrictions. Original advisories Bug 1675 – Prevent SCP server sending files that were not requested Related products WinSCP CVE list CVE-2018-20684 high Solution Update ...
KLA11287 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering vulnerability in Microsoft Office...
KLA11259 DoS vulnerability in Mozilla Firefox and Firefox ESR
A heap buffer overflow vulnerability was found in the Skia library. By exploiting this vulnerability malicious users can cause denial of service via specially crafted SVG file with anti-aliasing turned off. Original advisories Mozilla Foundation Security Advisory 2018-14 Exploitation Public...
KLA11106 Multiple vulnerabilities in Apache Tomcat
Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A vulnerability related to VirtualDirConte...
KLA11032 Denial of service vulnerabilities in VideoLAN VLC media player
Multiple serious vulnerabilities have been found in VideoLAN VLC media player. Malicious users can exploit these vulnerabilities to cause a denial of service or possibly have another unspecified impact. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in...