3996 matches found
KLA12032 ACE vulnerability in LibreOffice
A code execution vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories LibreOffice 7.x vulnerabilities Related products LibreOffice CVE list CVE-2021-25631 critical Solution Upgrade to LibreOffice = 7.0.5 or = 7.1.2...
KLA12178 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC can be...
KLA12053 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in ImageIO can be exploited via special crafted imae to...
KLA11948 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in media component c...
KLA11946 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in eval function...
KLA11826 ACE vulnerabilities in Microsoft Windows
ACE vulnerabilities were found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2020-1457 CVE-2020-1425 Related products Microsoft-Windows Microsoft-Windows-10 CVE list CVE-2020-1457 high CVE-2020-1425 high KB list Solution...
KLA12098 Multiple vulnerabilities in VMware Workstation and Player
Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A out-of-bound read vulnerability in Shader...
KLA11737 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. DoS vulnerability in V8 component can be exploited remotely via special crafted webpage. 2. OSI...
KLA11736 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Policy enforcement in Extensions component...
KLA11509 Multiple vulnerabilities in VLC media player
Multiple vulnerabilities were found in VLC media player. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in VLC media player can be exploited to cause...
KLA11478 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory...
KLA11571 DoS vulnerability in Apache Tomcat
Thread exhaustion vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 9.x Security Vulnerabilities Apache Tomcat 8.x Security Vulnerabilities Related products Apache-Tomcat CVE list CVE-2019-10072...
KLA11463 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Infinite loop vulnerability in GSUP dissector can be exploited remotely via specially designed packet to cause denial of...
KLA11424 PE vulnerability in Microsoft Dynamics 365
An elevation of privilege vulnerability was found in Microsoft Dynamics 365 Server. Malicious users can exploit this vulnerability remotely via specially crafted request to gain privileges. Original advisories CVE-2018-8654 Related products Microsoft-Dynamics-365 CVE list CVE-2018-8654 warning KB...
KLA11030 Speculative Store Bypass and Rogue System Register Read vulnerabilities in Microsoft Surface Products
On January 3, 2018, Microsoft released advisories and security updates related to a recently discovered class of hardware vulnerabilities known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs. On May 21, 2018, Intel announced the Rogue System Registry Read vulnerability. Also a new...
KLA11216 ACE vulnerability in Microsoft Exchange Server
A remote code execution vulnerability was found in Microsoft Exchange Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted file. Original advisories CVE-2018-0986 Exploitation Public exploits exis...
KLA11202 PE vulnerabilities in PostgreSQL
A vulnerabilyty was found in PostgreSQL. This vulnerability allow a user to modify the behavior of a query for other users and can be exploited to execute code with the permissions of superuser in the database. Original advisories Security Update Release Related products PostgreSQL CVE list...
KLA11114 Multiple vulnerabilities in Wireshark 2.4.x
Multiple serious vulnerabilities have been found in Wireshark 2.4.x. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An infinite loop in the DOCSIS dissector can be exploited remotely via a malformed packet to cause a...
KLA11031 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit Phantom PDF. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper parsi...
KLA10950 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome earlier than 54.0.2840.99. Malicious users can exploit these vulnerabilities to make privilege escalation, possibly cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities 1. Heap corrupti...
KLA10898 Code execution vulnerabilities in Adobe Flash Player
Multiple type confusion and use-after-free vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely. Technical details To update Adobe Flash Player ActiveX detected as Flash.oc...
KLA10868 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. An integer overflow, memory corruption and use-after-free...
KLA10855 Memory corruption vulnerability in Apache OpenOffice
An unspecified vulnerability was found in Apache OpenOffice Impress. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed .ODP and .OTP files. Technical details An exploitable...
KLA10842 Multiple code execution vulnerabilities in Microsoft Office
An improper memory objects handling and XLA files handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed files. Technical details To mitigate some of these...
KLA10721 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory corruption issues could be exploit...
KLA10717 Multiple vulnerabilities in Microsoft Silverlight
Multiple serious vulnerabilities have been found in Microsoft Silverlight. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper requests handling can be exploited remotely via a special...
KLA10690 Multiple vulnerabilities in Adobe products
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Type confusion vulnerability can be exploited to execute arbitrary code; ...
KLA10700 Code execution vulnerability in LibreOffice
Lack of bookmarks restrictions was found in LibreOffice & OpenOffice. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DOC file. Technical details To exploit this...
KLA10501 Code execution Redaxscript vulnerability
SQL injection vulnerability was found in Redaxscript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a searchterms parameters. Original advisories - Exploitation Public exploits exist for this vulnerability. Related...
KLA10456 SB vulnerability in MS Office
An use-after-free vulnerability was found in Microsoft Office. By exploiting this vulnerability malicious users can bypass ASLR protection. This vulnerability can be exploited remotely via a specially designed document. Original advisories MS bulletin CVE-2014-6362 Related products Microsoft-Offi...
KLA10340 Multiple vulnerabilities in Splunk
Multiple serious vulnerabilities have been found in Splunk. Malicious users can exploit these vulnerabilities to inject arbitrary script or read local files. Below is a complete list of vulnerabilities 1. An XSS vulnerability can be exploited remotely via specially designed HTPP headers; 2. A...
KLA10077 WLF vulnerability in Apple iTunes
A permissions vulnerability was found in Apple iTunes. By exploiting this vulnerability malicious users can modify local files. This vulnerability can be exploited locally via standard file system operations. Original advisories Apple bulletin Related products Apple-iTunes CVE list CVE-2014-1347...
KLA10212 DoS vulnerability in IBM WebSphere MQ
An unspecified vulnerability was found in IBM WebSphere MQ. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products IBM-WebSphere-MQ CVE list CVE-2014-0911 warning...
KLA10229 ACE vulnerabilities in IrfanView
A buffer overflow was found in IrfanView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed GIF file or a specially designed thumbnail in the file. Original advisories IrfanView changelog Related...
KLA10587 Denial of service vulnerability in Wireshark
Lack of length validation was found in Wireshark. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed packet. Original advisories WNPA security advisory Related products Wireshark CVE list CVE-2013-408...
KLA10099 LPE vulnerability in Camtasia Studio
An untrusted path vulnerability was found in Camtasia Studio. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via DLL hijacking. Original advisories - Related products Camtasia-Studio CVE list CVE-2010-5234 high Solution Update to...
KLA10292 Multiple vulnerabilities in PcVue
Multiple critical vulnerabilities have been found in PcVue. Malicious users can exploit these vulnerabilities to execute arbitrary code, modify local files or cause denial of service. Below is a complete list of vulnerabilities 1. Unspecified vectors can be exploited remotely; 2. A buffer overflo...
KLA10317 ACE vulnerability in SafeNet SoftRemote
A buffer overflow was found in SoftRemote. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request. Original advisories - Related products SafeNet-SoftRemote CVE list CVE-2009-1943 critical Solution...
KLA10412 ACE vulnerability in ZoneAlarm
A lack of argument validation was found in ZoneAlarm. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited locally via specially designed arguments. Original advisories - Related products ZoneAlarm-Pro...
KLA10239 Multiple vulnerabilities in KIWI CatTools
A buffer overflow was found in Kingsoft Writer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed WPS file. Below is a complete list of vulnerabilities 1. A directory traversal vulnerability can be...
KLA10252 ACE vulnerability in multiple software
A buffer overflow was found in multiple products, exploiting NCTAudioFile2.AudioFile. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed call. Original advisories - Related products...
KLA10134 DoS vulnerability in IBM DB2
An unspecified vulnerability was found in the IBM DB2 Universal Database. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to INSO services or db2fmp processes. Original advisories - Related...
KLA10264 LPE vulnerability in PsTools
An improper disconnection was found in PsTools. By exploiting this vulnerability malicious users can gain privileged access to shares. This vulnerability can be exploited locally. Original advisories - Related products Microsoft-PsSuspend Microsoft-PsExec Microsoft-PsInfo Microsoft-PsGetSid...
KLA71827 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Inappropriate...
KLA71478 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visua...
KLA67434 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of...
KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Out of...
KLA63323 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Integer underflow vulnerability in WebUI...
KLA62822 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in NET, .NET...
KLA63964 ACE vulnerability in Microsoft Apps
A remote code execution vulnerability was found in Microsoft 3D Viewer. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2024-20677 Related products 3D-Viewer CVE list CVE-2024-20677 critical KB list Solution Install necessary updates from the KB...