3996 matches found
KLA10170 LPE vulnerability in Emacs
An untrusted path vulnerability was found in GNU Emacs. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed Lisp expression. Original advisories - Related products GNU-Emacs CVE list CVE-2012-0035 critical...
KLA10184 Vulnerability in Fenrir Grani
Script interaction prevention was missing in Fenrir Grani. By exploiting this vulnerability malicious users can modify clipboard content. This vulnerability can be exploited remotely via a specially designed web site. Original advisories Original bulletin Related products Sleipnir Grani CVE list...
KLA10148 ACE vulnerability in Quiksoft Easymail Objects
A buffer overflow was found in QuikSoft EasyMail Objects. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to the connection method. Original advisories - Related products...
KLA10388 WLF vulnerability in AceBIT WISE-FTP
A directory traversal vulnerability was found in WISE-FTP. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited remotely via a specially designed response. Original advisories - Related products WISE-FTP CVE list CVE-2008-2889 high...
KLA10161 ACE vulnerability in FlashFXP
A buffer overflow was found in FlashFXP. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed hostname or PASV reply. Original advisories Security issue Related products FlashFXP CVE list Solution Update...
KLA65276 OSI vulnerability in Microsoft Developer Tools
An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-29059 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-.NET-Framework...
KLA51716 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure Apache...
KLA49377 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Use after free...
KLA20237 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security...
KLA12479 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, gain privileges, bypass security restrictions. Below is a complete list of...
KLA12260 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Dynamics 365 on-premises can be exploite...
KLA12217 SB vulnerability in Apache Tomcat
A security bypass vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat...
KLA12137 Multiple vulnerabilities in Microsoft Exchange Server
Remote code execution vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-28480 CVE-2021-28482 CVE-2021-28483 CVE-2021-28481 Exploitation Public exploits exist for this vulnerability. Malwa...
KLA11997 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory Corruption vulnerability in Internet Explorer can be exploited remotely to execute arbitrary code. 2. A...
KLA11670 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. A write-operation memory vulnerability can be...
KLA11627 SB vulnerability in Apache Tomcat
Unspecified vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories http://tomcat.apache.org/security-9.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-7.html Related products...
KLA11549 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, spoof user interface, perform cross-site scripting attack, cause denial of service, and obtain sensitive information. Below is a...
KLA11433 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A tampering vulnerability in NuGet Package Manager can be exploited remotely to spoo...
KLA11879 Multiple vulnerabiltiies in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11881 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in J...
KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KLA11778 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. An information...
KLA11141 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA11137. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...
KLA11072 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. Multiple unspecified vulnerabilities in the AMQP and MQ dissectors can be exploited remotely via a special...
KLA11062 Arbitrary code execution vulnerability in Notepad++
An unspecified vulnerability was found in Notepad++ 7.3.3 with Hex Editor Plugin v0.9.5. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file or an untrusted specially designed file from a remote...
KLA11041 Arbitrary code execution vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. 1. A use-after-free vulnerability related to manipulating the ActionScript 2 XML class can be exploited remotely to execute arbitrary code; 2. A...
KLA11836 ACE vulnerability in Microsoft System Center
A remote code exectution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-0290 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...
KLA10758 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA10740 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling at VBScript engine can be...
KLA10711 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remote...
KLA10665 Obtain sensitive information vulnerability in VMware vCenter Server
Improper certificate validation was found in VMware vCenter Server. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a traffic interception. Technical details This vulnerability can be exploited when vCenter Server...
KLA10803 VMware Workstation 10.x end of life
VMware announced the end of support for VMware Workstation 10.x. Users should immediately make transition to VMware Workstation 11.x or later Original advisories https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/product-lifecycle-matrix.pdf Related products...
KLA10495 Multiple vulnerabilities in Asus RT-G32 router
Multiple serious vulnerabilities have been found in Asus RT-G32. Malicious users can exploit these vulnerabilities to inject arbitrary code or hijack administrator authentication. Multiple XSS and CSRF vulnerabilities can be exploited remotely via vectors related to startapply.htm Original...
KLA10120 Multiple vulnerabilities in Mozilla
Multiple critical vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1...
KLA10082 LPE vulnerabilities in AutoCAD
An unspecified vulnerability was found in Autodesk products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DWG file. Original advisories - Related products AutoCAD CVE list CVE-2014-0819 warning...
KLA10299 LPE vulnerability in Prof-UIS
An untrusted path vulnerability was found in Prof-UIS. By exploiting this vulnerability malicious users can gain priveleges. This vulnerability can be exploited locally via a DLL hijack. Original advisories Changelog Related products Prof-UIS CVE list CVE-2010-5264 high Solution Update to latest...
KLA10300 ACE vulnerability in GE IP products
A buffer overflow was found in GE IP products. By exploiting this vulnerability malicious users can execute arbitrary code and commands. This vulnerability can be exploited remotely via a specially designed input. Original advisories GE IP bulletin Exploitation Malware exists for this...
KLA10383 ACE vulnerability in VMware
Multiple critical vulnerabilities have been found in VMware. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper RPC handling can be exploited by guest OS users via specially designed...
KLA10381 Multiple vulnerabilities in VMware
Multiple critical vulnerabilities have been found in VMware. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. Improper library access can be exploited remotely at a point related to network share; 2...
KLA10346 ACE vulnerability in Java System Web Proxy Server
A buffer overflow was found in the Java System Web Proxy Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely a via specially designed GET request. Original advisories - Related products Sun-Java-System-Web-Proxy-Server...
KLA10079 ACE vulnerability in Aurigma Image Uploader
A buffer overflow vulnerability was found in the Aurigma Image Uploader ActiveX control. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to unknown applications via specially designed properties...
KLA10425 ACE vulnerability in yEnc32
A buffer overflow was found in yEnc32. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed NTX file. Original advisories - Related products yEnc32 CVE list CVE-2007-2646 high Solution Update to latest...
KLA81545 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...
KLA78028 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code...
KLA62374 Multiple vulnerabilities in LibreOffice
Multiple vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Improper input validation vulnerability can be exploited remotely to execute arbitrary code. 2. Remote code execution...
KLA61997 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge Chromium-based can be...
KLA60568 Multiple vulnerabilities in Microsoft Server Software
Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft...
KLA60560 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Input can...
KLA48689 Multiple vulnerabilities in OpenOffice
Multiple vulnerabilities were found in OpenOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Remote code execution vulnerability can be exploited remotely to execute arbitrary code. 2. Use...
KLA20109 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Type confusion...