3966 matches found
KLA10977 Multiple vulnerabilities in Microsoft Server Message Block (SMB)
Multiple serious vulnerabilities have been found in Microsoft Server Message Block 1.0SMBv1. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of certain requests can be...
KLA10610 Security bypass vulnerability in Microsoft IIS
Improper wildcard processing was found in Microsoft IIS. By exploiting this vulnerability malicious users can bypass intended rules. This vulnerability can be exploited remotely via a specially designed HTTP request. Original advisories CVE-2014-4078 Related products...
KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service, read and write local files, spoof user interface and bypass security restrictions. Below is a complete list of...
KLA11117 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions, to spoof user interface, execute arbitrary code and perform cross-site scripting attack. Below is a complete list of...
KLA11333 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerabili...
KLA11319 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...
KLA11166 Multiple vunlerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in...
KLA11309 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerabili...
KLA11184 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass...
KLA10002 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to inject arbitrary script or HTML, access restrictions, execute arbitrary code or cause denial of service Vectors related to unknown applications can be exploited to inject...
KLA11208 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability can be exploited remotely to execute arbitrary code; 2. A...
KLA11338 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A sandbox escape vulnerability...
KLA11335 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities were found in Microsoft Exchange. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Exchange can be exploited remotely vi...
KLA11311 Multiple DoS vulnerabilities in Wireshark
Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the Bluetooth AVDTP dissector can be exploited remotely via malformed packet trac...
KLA12392 RCE vulnerability in Microsoft Azure
Remote code execution vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, read local files, spoof user interface and execute arbitrary code. Below is a comple...
KLA11318 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. A memory...
KLA11312 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. ...
KLA11310 ACE vulnerability in Microsoft SQL Server
A buffer overflow vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability via specially crafted query to execute arbitrary code. Original advisories CVE-2018-8273 Related products Microsoft-SQL-Server CVE list CVE-2018-8273 critical KB list 4293808 4293805...
KLA11350 PE vulnerability in Microsoft Server Software
Incorrect requests handling vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2018-8581 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details...
KLA11237 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An unsafe DLL loading...
KLA11316 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An informati...
KLA10979 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service. Below is a complete list of vulnerabilitie...
KLA10473 Code execution vulnerability in Microsoft products
Lack of authentication control was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed UNC share. Original advisories MS advisory CVE-2015-0008 Related products...
KLA11305 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Diagnostic Hub Standard Collector can be...
KLA11327 SB vulnerability in Apache Tomcat
A vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability via specially crafted URI to bypass security restrictions. Original advisories Apache Tomcat 7.x vulnerabilities Apache Tomcat 8.x vulnerabilities Apache Tomcat 9.x vulnerabilities Related products...
KLA11239 ACE vulnerability in Windows Host Compute Service Shim
An remote code execution vulnerability was found in Windows Host Compute Service Shim. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted image container. Original advisories CVE-2018-8115 Exploitation...
KLA11357 Information disclosure Vulnerability in Adobe Acrobat and Reader
Vulnerability related to NTLM SSO hash theft was found in Adobe Acrobat and Reader. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories APSB18-40 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...
KLA11257 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities possibly to execute arbitrary code, cause denial of service, perform cross-site scripting attacks, obtain sensitive information, spoof user interface, bypass security restrictions...
KLA11308 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11307. Original advisories ADV180020 Related products Microsoft-Windows Microsoft-Windows-Server CVE list KB list 4343902 Solution Install necessary updates from the KB section, that are listed in your...
KLA11344 ACE vulnerability in Yammer Desktop App
A remote code execution vulnerability was found in Yammer Desktop Application. Malicious users can exploit this vulnerability remotely via specially crafted website to execute arbitrary code. Original advisories CVE-2018-8569 Related products Yammer-Desktop-App CVE list CVE-2018-8569 high KB list...
KLA11330 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Azure IoT Device Client SDK can be...
KLA11320 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11317. Original advisories ADV180023 Related products Microsoft-Windows Microsoft-Windows-Server CVE list KB list 4457146 Solution Install necessary updates from the KB section, that are listed in your...
KLA11313 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An use after free vulnerabili...
KLA11334 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft...
KLA11345 Guidance for configuring BitLocker to enforce software encryption
Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting drives and recommends customers to use the software only encryption provided by BitLocker Drive Encryption. For the details, see ADV180028 Original advisories ADV180028 Related products...
KLA11303 Multiple ACE vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability can be exploited remotely to execute arbitrary...
KLA11321 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Vulnerability related to TransportSecurityInfo can be...
KLA11349 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A vulnerability in Microsoft Outloo...
KLA11325 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A vulnerability in register allocation in JavaScript c...
KLA11322 Multiple vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability can be exploited remotely to...
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions fain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of...
KLA11324 Multiple vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple out-of-bounds write vulnerabilities can ...
KLA11165 Microsoft vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Subsystem for...
KLA11339 Multiple vulnerabilities in Oracle Virtual Box
Multiple serious vulnerabilities were found in Oracle VM Virtual Box. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Vulnerability in the Oracle VM VirtualBox component of Oracle...
KLA11317 OSI vulnerabilities in Adobe Flash player
A privilege escalation vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to obtain sensitive information, gain privileges. Original advisories APSB18-31 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit...
KLA11323 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, perform cross-site scripting attack, read local files. Below is a complete list of...
KLA11274 Adobe Acrobat XI and Adobe Reader XI end of life
Adobe announced the end of support of Adobe Acrobat XI and Adobe Reader XI. Users should immediately make transition to Adobe Acrobat DC and Adobe Acrobat Reader DC. Original advisories Adobe Acrobat XI and Adobe Reader XI End of Support Related products Adobe-Reader-XI Adobe-Acrobat-XI CVE list...
KLA11331 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited...
KLA11326 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple out-of-bounds Access/Write/Read vulnerabilities releted to parsing...