3996 matches found
KLA15734 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Pointer Lock can be exploited to cause denial of service...
KLA12573 PE vulnerability in Microsoft Browser
An elevation of privilege vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2022-33639 Related products Microsoft-Edge CVE list CVE-2022-33639 critical KB list Solution Install necessary updates from the Settin...
KLA12515 Multiple vulnerabilities in Oracle VirtualBox
Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security vulnerability can be...
KLA12450 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Web Search can be exploited...
KLA12357 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A code execution vulnerability in ImageIO can be exploited via special crafted image to...
KLA12304 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An use after free vulnerability in MessageTask can be exploited to cause denial of...
KLA12321 DoS vulnerability in Apache Tomcat
A memory leak vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2021-42340 critical Solution...
KLA12218 SB vulnerability in Apache Tomcat
A security bypass vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat...
KLA12170 RCE vulnerability in Microsoft Open Source Software
A remote code execution vulnerability was found in Microsoft Open Source Software. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-31200 Related products Yammer-Desktop-App CVE list CVE-2021-31200 high KB list Solution Install necessary updat...
KLA12325 SB vulnerability in Apache Tomcat
A security bypass vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Apache Tomcat 7.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2021-30640 unknown Solution Update to the latest version...
KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface. Below is a...
KLA12001 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of...
KLA11938 Security vulnerability in PostgreSQL
Security vulnerability was found in PostgreSQL. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions. Original advisories PostgreSQL News Related products PostgreSQL CVE list CVE-2020-14349 high Solution Update to the latest version Download...
KLA11672 Security vulnerabilities for Adobe
This security update addresses the multiple vulnerability, which is described in Adobe Security Bulletin APSB20-06. Original advisories ADV200003 APSB20-06 Related products Adobe-Flash CVE list ADV200003 unknown KB list 4537759 Solution Install necessary updates from the KB section, that are list...
KLA11561 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. Unspecified...
KLA11519 Multiple vulnerabilities in LibreOffice
Multiple vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An improper script handling issue can be exploited remotely via a specially crafted file t...
KLA11500 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft...
KLA11487 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A type confusion...
KLA11404 Multiple vulnerabilities in Microsoft Development Tools
Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, perform cross-site scripting attacks. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability in Team Foundation...
KLA12056 XSS vulnerability in Cisco Jabber
A cross-site scripting XSS vulnerability was found in Cisco Jabber. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability Related products Cisco-Jabber CVE list...
KLA11733 Memory vulnerability in Opera
Memory vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Changelog for Opera 57 Stable Channel Update for Desktop Related products Opera CVE list CVE-2018-17478 high Solution Update to the latest version Download Opera...
KLA11292 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unknown...
KLA11731 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. PE vulnerability in extensions components can be exploited to gain privileges. 2. Type confusio...
KLA11223 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. 1. Use-After-Free vulnerability can be exploited remotely to execute arbitrary code; 2. Out-of-bounds reading...
KLA11129 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions, spoof user interface, execute arbitrary code, escalate privileges, obtain sensitive information and perform cross-site...
KLA10991 Privilege escalation vulnerability in Adobe Shockwave Player
An unspecified vulnerability was found in the Adobe Shockwave Player. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a DLL hijacking. Original advisories Adobe Security Bulletin Related products Adobe-Shockwave-Player CVE lis...
KLA10948 Denial of service and code execution vulnerability in Foxit Reader and Foxit PhantomPDF
Out-of bounds read vulnerability was found in the ConvertToPDF plugin in Foxit Reader and PhantomPDF. By exploiting this vulnerability malicious users can cause a denial of service, possibly obtain sensitive information or execute arbitrary code in the context of the current process. This...
KLA10936 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Vulnerability related to handling TCP...
KLA10895 Denial of service vulnerability in RealNetworks RealPlayer
An improper data handling was found in RealNetworks RealPlayer. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed .QCP file. NB: This vulnerability have no public CVSS rating so rating can be changed...
KLA10860 Code execution vulnerability in GIMP
Use-after-free vulnerability was found in GIMP. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XCF file. Technical details This vulnerability related to xcfloadimage...
KLA10812 Privilege escalation vulnerabilities in Lenovo Solution Center
Multiple serious vulnerabilities have been found in Lenovo Solution Center. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability at SystemService can be exploited locally to terminate arbitrary process via...
KLA10797 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability in ConvertToPDF plugin can be exploited...
KLA10750 Data manipulations vulnerability in cURL
Lack of data sanitization was found in cURL command line tool for Windows. By exploiting this vulnerability malicious users can write arbitrary local file. This vulnerability can be exploited remotely via a specially designed file name. Technical details cURL does not sanitize colons in a remote...
KLA10730 Denial of service vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Improper data validation and lack of restrictions can be exploited remotely via a specially designed packet o...
KLA10658 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper web request handling at Outlook Web Access can be...
KLA10569 Vulnerability in OpenOffice
Vulnerability in OpenOffice’s HWP filter was found in Apache OpenOffice 4.1.1 and older. By exploiting this vulnerability malicious users can cause denial of service crash or possibly execute arbitrary code. This vulnerability can be exploited via a crafted HWP document. Original advisories...
KLA10555 Denial of service vulnerability in Hyper-V
An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed application. Original advisories MS advisory CVE-2015-1647 Related products...
KLA10446 CI vulnerability in Mozilla products
Improper interpretation of HTTP headers was found in Mozilla products. By exploiting this vulnerability malicious users can inject cookie. This vulnerability can be exploited via specially designed HTTP headers. Original advisories MFSA Related products Mozilla-Firefox Mozilla-Thunderbird...
KLA10269 OSI vulnerability in Nessus
An unspecified vulnerability was found in Nessus. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely at a point related to Web UI. Original advisories - Related products Nessus CVE list CVE-2014-4980 warning Solution...
KLA10301 DoS vulnerability in Python
An incorrect hash realization was found in Python. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed input. Original advisories - Related products Python CVE list CVE-2013-7040 warning Solution Updat...
KLA10121 SUI vulnerability in Mozilla Firefox
Unspecified vulnerability was found in the Mozilla Firefox. By exploiting this vulnerability malicious users can spoof the address bar. This vulnerability can be exploited remotely at a point related to DOM events via a specially designed JS. Original advisories MFSA Related products...
KLA10396 SB vulnerability in WinSCP
A lack of hostname verifications was found in the WinSCP. By exploiting this vulnerability malicious users can spoof the SSL server. This vulnerability can be exploited remotely via a man-in-the-middle attack. Original advisories - Related products WinSCP CVE list CVE-2014-2735 high Solution Upda...
KLA10261 RLF vulnerability in McAfee ePolicy Orchestrator
An unspecified vulnerability was found in McAfee ePolicy Orchestrator. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed XML file. Original advisories - Related products McAfee-ePolicy-Orchestrator CVE...
KLA10123 SB vulnerability in Comodo Internet Security
Race conditions were found in Comodo Internet Security. By exploiting this vulnerability malicious users can bypass Defence+. This vulnerability can be exploited from the network at a point related to unknown. Original advisories Comodo release notes Related products Comodo-Internet-Security CVE...
KLA10038 Multiple ACE vulnerabilities in Adobe Illustrator
Multiple serious vulnerabilities have been found in Adobe Illustrator. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service at a point related to unspecified vectors. Original advisories Adobe bulletin Related products Adobe-Illustrator CVE list...
KLA10177 ACE vulnerability in Google Earth
An untrusted path vulnerability was found in Google Earth. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited locally via specially designed files. Original advisories - Exploitation Public exploits exist for this vulnerability. Relate...
KLA10203 ACE vulnerability in IBM Lotus Sametime
An unspecified vulnerability was found in IBM Lotus Sametime. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed URL. Original advisories - Related products IBM-Lotus-Sametime CVE list CVE-2008-2499 hi...
KLA10253 ACE vulnerability in MPlayer
An array index error was found in MPlayer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed MOV file. Original advisories - Related products MPlayer CVE list CVE-2008-0485 critical Solution Update to...
KLA10060 ACE vulnerability in Kazaa & Grokster
A buffer overflow vulnerability was found in Kazaa & Grokster. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to Altnet Download Manager via a specially designed installation method call. Origina...
KLA10171 Multiple vulnerabilities in Gadu-Gadu
Multiple serious vulnerabilities have been found in Gadu-Gadu. Malicious can use these vulnerabilities to obtain sensitive information or cause denial of service Below is a complete list of vulnerabilities 1. Vectors related to Easycall can be exploited remotely via outgoing calls; 2. A buffer...