3996 matches found
KLA10782 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer and Microsoft Edge. For details look at KLA10780. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player,...
KLA10668 File access vulnerability in QlikTech QlikView
XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data. Original advisories - Exploitation Public exploits exist for this...
KLA10664 Code execution vulnerability in Yahoo! Messenger
Buffer overflow vulnerability was found in Yahoo! Messenger. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed emoticons.xml file. Technical details Vulnerability caused by...
KLA10642 Obtain sensitive information vulnerability in Mozilla Firefox and Firefox ESR
An unspecified vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via vectors related ti PDF viewer. Technical details There are way to bypass same origin policy and inject...
KLA10503 Multiple vulnerabilities in IBM products
Multiple serious vulnerabilities have been found in IBM products. Below is a complete list of vulnerabilities 1. Improper WAR applications support in IBM Bluemix can be exploited remotely via unspecified vectors related to Java overlay feature; 2. Improper API access restrictions in IBM API...
KLA10265 Multiple vulnerabilities in MySQL
Unspecified vulnerabilities were found in MySQL Server. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and availability. These vulnerabilities can be exploited remotely at vectors related to SRCHAR, SRINFOSC and ENFED. Original advisories - Related...
KLA10318 Vulnerability in Sawmill
An unspecified vulnerability was found in Sawmill. By exploiting this vulnerability malicious users can cause unknown impact. This vulnerability can be exploited remotely via unknown vectors. Original advisories - Related products Sawmill CVE list CVE-2013-4947 high Solution Update to latest...
KLA10304 LPE vulnerability in RSA SecurID Software Token
An untrusted path vulnerability was found in the RSA SecurID Software Token. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a DLL hijack. Original advisories - Related products RSA-SecurID-Software-Token CVE list CVE-2011-4141...
KLA10202 ACE vulnerabilities in IBM Lotus Notes
An unspecified vulnerability was found in IBM products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to gcc keys. Below is a complete list of vulnerabilities 1. A buffer overflow can be exploited by...
KLA10141 SB vulnerability in Anti-Virus software
An unspecified vulnerability was found in several anti-virus programs. By exploiting this vulnerability malicious users can bypass malware detection. This vulnerability can be exploited from the network at a point related to Internet Explorer via specially designed HTML. Original advisories proof...
KLA10063 ACE vulnerability in Avira
A nonsecure function call vulnerability was found in Avira. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited from the network at a point related to the scheduler via a specially designed .exe file. Original advisories detailed description...
KLA10310 ACE vulnerability in RealNetworks
A buffer overflow was found in RealNetworks products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed SWF file. Original advisories RealNetworks bulletin Related products RealPlayer Rhapsody...
KLA71414 PE vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges. 2. An...
KLA65226 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Out of...
KLA65131 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Data Studio can be exploited...
KLA63957 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Azure Kubernetes Service...
KLA61981 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in Microsoft Excel can be exploited remotely ...
KLA48686 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in ANGLE can be exploited to cause deni...
KLA12310 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface, execute arbitrary code, cause denial of service. Below is a complete list of...
KLA12149 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of...
KLA12164 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability for Android can be exploited to perfor...
KLA12134 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in Aura can be exploited to...
KLA12083 DoS vulnerabilities in Apache Tomcat
DoS vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. DoS vulnerability in h2c direct connection can be exploited to cause denial of service. 2. DoS vulnerability in WebSocket...
KLA11784 Security vulnerability in Apache Tomcat
Security vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories Apache Tomcat 7.x vulnerabilities Exploitation Public exploits exist for this vulnerability. Malware exists for this...
KLA11785 Security vulnerability in Apache Tomcat
Security vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories Apache Tomcat 8.x vulnerabilities Apache Tomcat 9.x vulnerabilities Exploitation Public exploits exist for this...
KLA11580 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. Vulnerabilitiy in WebKit can be exploited remotely via specially crafted text file...
KLA11610 ACE vulnerability in Google Chrome
Unspecified vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2019-13698 high Solution Update to the latest version Google Chrome...
KLA11414 OSI vulnerability in Adobe Flash Player
An out-of-bounds vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to obtain sensitive information. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, use the solution from KLA11415 Original advisories...
KLA10934 Arbitrary code execution and denial of service vulnerability in VMware products
An unspecified vulnerability was found in VMware Workstation Pro 12.x before 12.5.2, VMware Workstation Player 12.x before 12.5.2 and VMware Fusion, Fusion Pro 8.x before 8.5.2. By exploiting this vulnerability malicious users can execute arbitrary code on the host OS or cause a denial of service...
KLA10919 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA10911. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA10828 Code execution vulnerabilities in Microsoft JScript and VBScript
An improper memory objects handling was found in Microsoft VBScript and JScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content. Technical details To mitigate this vulnerability you can...
KLA10731 Multiple vulnerabilities in Apple QuickTime
An unspecified vulnerabilities were found in Apple QuickTime. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed movie file. Original advisories Apple advisory Related...
KLA10654 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Use-after-free vulnerability can be exploited remotely...
KLA10636 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service or and obtain sensitive information via specially crafted JavaScript code, specially crafted web site, unspecified linear-time attack, crafted XML data...
KLA10574 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to write local files, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Memory corruption, heap...
KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Firefox before 37.0, Mozilla Firefox ESR 31.x before 31.6, Mozilla Thunderbird before 31.6. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause a denial of service heap memory corruption and bypass an...
KLA10476 Code execution vulnerability in Microsoft products
Buffer overflow was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed packets related to Telnet service. Original advisories MS advisory CVE-2015-0014 Related products...
KLA10611 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface. Below is a complete list of vulnerabilities 1. An improper tokens validation can be exploited remotely via an unspecified...
KLA10505 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and vulnerability. These vulnerabilities can be exploited remotely via an unknown vectors related to JSSE, JAXP, AWT, 2D, Deployment, Libraries,...
KLA10450 ACE vulnerability in RealPlayer
Multiple buffer overflows was found in the RealPlayer. By using this vulnerability malicious user can execute arbitrary code. This vulnerability can be exploited remotely via specially designed MP4 file. Original advisories RealNetworks advisory Related products RealPlayer RealPlayer-Cloud CVE li...
KLA10379 ACE vulnerability in Veritas NetBackup Enterprise Server
A buffer overflow was found in Veritas NetBackup Enterprise Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed packet. Original advisories Symantec bulletin Related products...
KLA70454 Multiple vulnerabilities in Oracle Java SE and GraalVM
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Hotspot can be exploited remotely to execute...
KLA15725 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Policy enforcement vulnerability in Cookies can be exploited to bypass...
KLA12416 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...
KLA12388 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA12301 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An use after free vulnerability in V8 can be exploited to...
KLA12293 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A code execution vulnerability in ImageIO can be exploited via special crafted image to...
KLA12251 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A code execution vulenrability in ImageIO can be exploited via special crafted image to execute arbitrary code. 2. A...
KLA12153 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory access in V8 can be exploited to cause denial of service or execute...
KLA12179 DoS vulnerability in Opera
A heap buffer overflow vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Changelog for Opera 74 Stable Channel Update for Desktop Related products Opera CVE list CVE-2021-21148 critical Solution Update to the latest...