3996 matches found
KLA11987 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC can be exploited t...
KLA11953 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 On-Premise can be...
KLA11947 Multiple vulnerabilties in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in eval function...
KLA11893 Microsoft Advisory for Microsoft Products (ESU)
Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown. Also, a new subclass of speculative execution side channel vulnerabilities known as Speculative Store Bypass SSB has been announced and assigned...
KLA11280 Multiple vulnerabilities in Apple iTunes
Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted webpage. Original advisories About the security content of iTunes 12.7.3 for...
KLA11141 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA11137. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...
KLA11850 Microsoft Advisory for Microsoft Device
This advisory addresses CVE-2017-15361. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key strength. This is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. Original advisories ADV1700...
KLA11115 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities was found in Foxit Reader 8.3.2.25013. This vulnerability can be exploited locally via a specially designed .pdf file to cause denial of service, execute arbitrary code or obtain sensetive informatoin. 1. Type confusion vulnerabilities can be exploited remotely file...
KLA10997 Vulnerability in LibreOffice
Heap-based buffer overflow vulnerability was found in LibreOffice. By exploiting this vulnerability malicious users can obtain a sensitive information or cause a denial of service. Original advisories LibreOffice Security Advisory Related products LibreOffice CVE list CVE-2017-7870 critical...
KLA10854 Privileges escalation vulnerabilities in VMware products
Untrusted search path vulnerability was found in VMware products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via DLL hijack. Technical details This vulnerability related to HGFS aka Shared Folders feature. Original advisories...
KLA10792 Denial of service vulnerability in Apache Subversion
An integer overflow was found in Apache Subversion. By exploiting this vulnerability malicious authenticated users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request. Technical details This vulnerability ca...
KLA10652 Code execution vulnerability in Internet Explorer
An improper memory objects handling was found in Internet Explorer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website. Original advisories CVE-2015-2502 Related products...
KLA10639 Multiple vulnerabilities in Oracle products
Multiple vulnerabilities were found in Oracle Supply Chain Products Suite, Oracle Database Server, Oracle Commerce Platform and Oracle Enterprise Manager. By exploiting this vulnerability malicious users can affect confidentiality, integrity and availability. This vulnerabilities can be exploited...
KLA11367 Information disclosure vulnerability in CCleaner
Vulnerability related to writing the filenames to disk was found in CCleaner. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2015-3999 Related products CCleaner CVE list CVE-2015-3999 warning Solution Update to the latest version CCleaner...
KLA10581 Privilege escalation vulnerability in Microsoft Silverlight
An unspecified vulnerability was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed Silverlight application. Original advisories Microsoft advisory CVE-2015-1715 Related produc...
KLA10502 Multiple vulnerabilities in BACnet OPC Server
Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database. Below is a complete list of vulnerabilities 1. An unknwon vulnerabilities can be exploited remotely via unknown vecto...
KLA10020 DoS vulnerability in Winamp
A stack-based buffer overflow was found in Winamp. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. This vulnerability can be exploited from the network at a point related to Skin packages via a specially designed package. Original...
KLA10000 Unspecified vulnerability in Oracle Java Runtime Environment
An unspecified vulnerability was found in the JRE component of Oracle Java SE in versions up to 7.21. By exploiting this vulnerability malicious users can affect integrity. This vulnerability can be exploited remotely at a point related to Deployment. Original advisories confirmation mitre Relate...
KLA10021 LPE vulnerability in DAEMON Tools
An unspecified vulnerability was found in the DAEMON Tools. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited from the network at a point related to path search. Via a Trojan horse. Original advisories NVD Exploitation Public exploits exist...
KLA10364 ACE vulnerability in UltraVNC & TightVNC
Integer signing errors were found in UltraVNC & TightVNC. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message. Original advisories - Related products UltraVNC...
KLA10425 ACE vulnerability in yEnc32
A buffer overflow was found in yEnc32. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed NTX file. Original advisories - Related products yEnc32 CVE list CVE-2007-2646 high Solution Update to latest...
KLA10320 Vulnerability in Van Dyke Technologies
An unspecified vulnerability was found in SecureCRT & SecureFX. By exploiting this vulnerability malicious users can cause unknown impact. This vulnerability can be exploited remotely via unknown vectors. Original advisories - Related products SecureCRT SecureFX CVE list CVE-2006-1038 critical...
KLA10161 ACE vulnerability in FlashFXP
A buffer overflow was found in FlashFXP. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed hostname or PASV reply. Original advisories Security issue Related products FlashFXP CVE list Solution Update...
KLA77109 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to...
KLA61997 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge Chromium-based can be...
KLA61361 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Blink History can be exploited to cause denial of service or...
KLA60560 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Input can...
KLA60570 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in 3D Builder can be exploited remotely to execute arbitrary code. 2. A remote...
KLA52285 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Fullscreen can be exploited to cause denial of service. 2...
KLA49157 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in SysInternals Sysmon for Windows can be...
KLA49112 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Validation of untrusted input vulnerability in Exte can be exploited to cause denial of...
KLA40220 DoS vulnerability in Apache Tomcat
Denial of service vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Fixed in Apache Tomcat 8.5.85 Exploitation Public exploits exist for this vulnerability. Related products Apache-Tomcat CVE list CVE-2023-2499...
KLA20163 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in File System API can be exploited to caus...
KLA20118 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code...
KLA20005 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Visual Studio Code...
KLA15720 SB vulnerability in VMware Workstation
Security bypass vulnerability was found in VMware Workstation. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories VMSA-2022-0023 Related products VMware-Workstation CVE list CVE-2022-22983 high Solution Update to the latest version Download VMware...
KLA12601 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Implementati...
KLA12472 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in...
KLA12453 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Visual Studio Code Remote Development...
KLA12271 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use aft...
KLA12091 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory safety vulnerability can be exploited to execute arbitrary code. 2. A...
KLA12042 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Word can be exploited...
KLA12012 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, obtain sensitive information, bypass security restrictions, spoof user interface. Below is a...
KLA11809 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Word for Android can be exploited remotely via special...
KLA11793 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in SharedWorkerService can b...
KLA12367 Multiple vulnerabilities in Apache HTTP Server
Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use of uninitialized resource vulnerability in modproxyftp can be exploited via special FT...
KLA11650 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Multiple memory corruption...
KLA11488 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A type confusion...
KLA11459 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS...
KLA11461 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Office Access Connectivit...