3996 matches found
KLA11110 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, privelege escalation, cross site scripting and arbitary code execution. Below is a complete list of vulnerabilities : 1. Out-of-bounds write...
KLA10908 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA10868. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...
KLA10834 Arbitrary code execution vulnerability in Opera Mail
An unspecified vulnerability was found in Opera Mail. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed e-mail message. Original advisories Opera advisory Related products Opera-Mail CVE list...
KLA10932 Multiple vulnerabilities in Pidgin
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to overwrite arbitrary files, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A directory traversal vulnerability in the handling of...
KLA10821 Arbitrary code execution vulnerability in Lenovo Accelerator Application
Improper implementation of update mechanism was found in Lenovo Accelerator Application. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via spoofing an update response by man-in-the-middle attack. Technical details To...
KLA10808 Multiple vulnerabilities in Apache Subversion
Multiple serious vulnerabilities have been found in Apache Subversion. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Null pointer dereference can be exploited by authenticated attacker t...
KLA10691 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability at PDF viewer can b...
KLA10538 Multiple vulnerabilities in McAfee ATD
Multiple serious vulnerabilities have been found in McAfee ATD. Malicious users can exploit these vulnerabilities to obtain sensitive information or bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper access restrictions and other unknown vulnerabilities can be...
KLA10528 Code injection vulnerability in pfsense
Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface. Original advisories pfSense advisory...
KLA10012 Vulnerability in Microsoft Word 2007 & Office Compatibility Pack
An unspecified vulnerability was found in the Word 2007 and Office Compatibility Pack. By exploiting this vulnerability malicious users can execute arbitrary code or cause a denial of service. This vulnerability can be exploited from the network at point related to an unknown application via a...
KLA10028 ACE vulnerability in Adobe Illustrator
An unspecified vulnerability was found in Adobe Illustrator CS6. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to an unspecified application. Original advisories Adobe bulletin Related products...
KLA10588 Multiple vulnerabilities in Wireshark
Buffer overflow vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed packet trace. Original advisories WNPA advisory Exploitation...
KLA10403 ACE vulnerability in XnView
A buffer overflow was found in XnView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed PCT file. Original advisories - Exploitation Public exploits exist for this vulnerability. Related products...
KLA10274 ACE vulnerability in Nitro PDF
Improper memory writing was found in Nitro PDF. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed PDF. Original advisories Microsoft research Related products Nitro-PDF-Reader Nitro-Pro CVE list...
KLA10167 DoS vulnerabilities in GIMP
Multiple serious vulnerabilities have been found in GIMP. Malicious can use these vulnerabilities to cause denial of service and possibly execute arbitrary code. Below is a complete list of vulnerabilities 1. An integer overflow can be exploited remotely via a specially designed GIF; 2. A buffer...
KLA10043 LPE vulnerability in 010 Editor
An untrusted path vulnerability was found at 010 Editor. Malicious users can exploit this vulnerability to gain privileges via a DLL hijack. Original advisories Vulnerability description Release note Related products 010-Editor CVE list CVE-2010-5229 high Solution Update to latest version Impacts...
KLA10191 Vulnerability in HP Software Update
An unspecified vulnerability was found in an HP Software Update. By exploiting this vulnerability malicious users can read and overwrite arbitrary files. This vulnerability can be exploited remotely at a point related to the Rules Engine. Original advisories - Exploitation Public exploits exist f...
KLA10411 LPE vulnerability in ZoneAlarm
An unspecified vulnerability was found in ZoneAlarm. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed IRP. Original advisories - Related products ZoneAlarm CVE list CVE-2007-4216 high Solution Update to late...
KLA10247 Vulnerability in MailMArshal SMTP
An unspecified vulnerability was found in MailMarshal SMTP. By exploiting this vulnerability malicious users can modify arbitrary account information. This vulnerability can be exploited remotely via a specially designed UserId variable. Original advisories - Related products M86-MailMarshal-SMTP...
KLA73908 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Office c...
KLA65127 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Office can be...
KLA64658 PE vulnerability in Microsoft Mariner
An elevation of privilege vulnerability was found in Microsoft Mariner. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2024-21626 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
KLA64091 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Content...
KLA62281 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Media Stream can be exploited t...
KLA61569 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerabilit...
KLA60820 DoS vulnerability in Mozilla Firefox
Heap buffer overflow vulnerability was found in Mozilla Firefox. Malicious users can exploit this vulnerability to cause denial of service. Original advisories MFSA2023-44 Exploitation Public exploits exist for this vulnerability. Related products Mozilla-Firefox CVE list CVE-2023-5217 critical...
KLA60726 DoS vulnerability in Mozilla Firefox ESR
Heap buffer overflow vulnerability was found in Mozilla Firefox ESR. Malicious users can exploit this vulnerability to cause denial of service. Original advisories MFSA2023-40 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
KLA52555 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds memory...
KLA52554 SB vulnerability in Apache Tomcat
Security vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Fixed in Apache Tomcat 8.5.93 Fixed in Apache Tomcat 9.0.80 Fixed in Apache Tomcat 8.5.93 Fixed in Apache Tomcat 10.1.13 Exploitation Malware exis...
KLA50776 Multiple vulnerabilities in Microsoft Apps
Remote code execution vulnerabilities were found in Microsoft Apps. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2023-32047 CVE-2023-35374 Related products Paint-3D CVE list CVE-2023-32047 critical CVE-2023-35374 critical KB list Solution Insta...
KLA50556 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Guest View can be exploited to cause denial of service or...
KLA20224 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in...
KLA20103 DoS vulnerability in Microsoft Browser
Heap buffer overflow vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2022-4135 Related products Microsoft-Edge CVE list CVE-2022-4135 critical KB list Solution Install necessary updates from the...
KLA20032 SB vulnerability in Apache Tomcat
Security vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Apache Tomcat 9.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2022-42252 critical Solution Update to the latest version Tomcat 9.0...
KLA15736 DoS vulnerability in Microsoft Browser
Data validation vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2022-3075 Related products Microsoft-Edge CVE list CVE-2022-3075 critical KB list Solution Install necessary updates from the Settings a...
KLA12519 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...
KLA12455 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft Power BI can be exploited remotely ...
KLA12435 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in Task Manager can be exploited to execute arbitrary code or caus...
KLA12430 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in web packaging can be exploited to cause denial of service...
KLA12417 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...
KLA12307 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An use after free in Garbage Collection can be exploited to cause denial of service or...
KLA12249 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect security UI vulnerability i...
KLA12211 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in WebAudio can be exploited to cause denial of service or...
KLA12155 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to obtain sensitive information, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in CoreText can be exploited to obta...
KLA12092 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory safety vulnerability can be exploited to execute arbitrary code. 2. A...
KLA12019 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof...
KLA11996 Use after free vulnerability in Mozilla Firefox ESR
User after free vulnerability was found in Mozilla Firefox ESR. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories MFSA2020-49 Related products Mozilla-Firefox-ESR CVE list CVE-2020-26950 critical Solution Update to the latest...
KLA11994 Use after free vulnerability in Mozilla Thunderbird
Use after free vulnerability was found in Mozilla Thunderbird. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories MFSA2020-49 Related products Mozilla-Thunderbird CVE list CVE-2020-26950 critical Solution Update to the latest...
KLA11922 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability can be exploited remotely to...
KLA11825 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability on JavaScript Objec...