3996 matches found
KLA10935 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities: 1. A type confusion vulnerability in the XSLT engine relate...
KLA20157 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Offi...
KLA10491 Multiple vulnerabilities in WordPress plugins
Multiple serious vulnerabilities have been found in WordPress plugins and themes. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code, bypass security and read local files. Below is a complete list of vulnerabilities 1. Multiple XSS vulnerabilities were found in...
KLA10572 Multiple vulnerabilities in Lenovo System Update
Multiple serious vulnerabilities have been found in Lenovo System Update. Malicious users can exploit these vulnerabilities to bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. Lack of command piping restrictions can be exploited locally via named pip...
KLA11099 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...
KLA10669 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory corruptions at CoreText, WebKit and ICU...
KLA19264 Multiple vulnerabilities in Microsoft Server Software
Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Exchange Server can be exploited...
KLA11053 XSS vulnerabilities in Microsoft Sharepoint
Multiple serious vulnerabilities have been found in Microsoft Sharepoint. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper sanitizing of user web requests can be exploited remotely vi...
KLA10817 Privilege escalation in cURL
An improper DLL loading was found in cURL. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited via a DLL hijack. Technical details This vulnertability related to load of security.dll, secur32.dll and ws232.dll Original advisories Original...
KLA10747 Obsolete PHP version in XAMPP & WAMP
Obsolete version of PHP was found in XAMPP & WAMP. Details about PHP vulnerabilities you can get at KLA10746. Original advisories - Related products PHP CVE list CVE-2016-1904 critical CVE-2016-1903 high CVE-2015-8617 critical CVE-2015-8616 critical CVE-2015-6836 critical CVE-2015-6833 warning...
KLA11976 Multiple vulnerabilites in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...
KLA20123 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Windows Sysmon can be exploited...
KLA10066 Multiple vulnerabilities in Apache httpd
Multiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, inject code or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple integer overflow...
KLA20181 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in GuestView can be exploited to cause...
KLA11296 DoS vulnerability in VMware products
Multiple vulnerabilities were found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A NULL pointer dereference vulnerability was found in VMware Workstation and Fusion. By exploiting...
KLA11207 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An informati...
KLA71484 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions, spoof user interface. Below is a complete list of...
KLA11173 OSI vulnerability in VMware Products
A bounds check bypass and branch target injection vulnerability was found in VMware ESXi, VMWare Workstation and VMware Fusion. By exploiting this vulnerability malicious users can obtain sensitive information. Original advisories VMSA-2018-0004 VMSA-2018-0002 Exploitation Public exploits exist f...
KLA11111 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...
KLA11293 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in BGP dissector can be exploited remotely via malformed packet to cause denial of...
KLA10999 Arbitrary code execution vulnerability in Microsoft IIS
CVSS: 10.0 Detect date: 03/22/2017 Severity: Critical Description: A buffer overflow vulnerability was found in in the WebDAV service in IIS Internet Information Services 6.0 in Microsoft Windows Server 2003 R2. By exploiting this vulnerability malicious users can execute arbitary code or cause a...
KLA12602 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of...
KLA11253 Microsoft Advisory for Microsoft Windows
On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On May 21st, a new subclass ...
KLA10623 Multiple vulnerabilities in Adobe products
Multiple critical vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...
KLA20117 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation...
KLA19245 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...
KLA10159 ACE vulnerbility in FireBird
A buffer overflow was found in FireBird. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed packet. Original advisories - Related products Firebird CVE list CVE-2013-2492 high Solution Update to latest...
KLA11004 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass...
KLA12396 RCE vulnerability in Microsoft Developer Tools
Remote code execution vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...
KLA12213 RCE vulnerability in Microsoft Windows
A remote code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-34527 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware...
KLA10359 Vulnerability in Tableau
An obsolete version of OpenSSL was found in Tableau. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely. Original advisories Tableau changelog Exploitation Public exploits exi...
KLA10784 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation...
KLA60561 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Visual Studio can be...
KLA20009 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability can be exploited to cause denial of...
KLA11038 Adobe Reader and Adobe Acrobat 9.x end of life
Adobe announced the end of support of Adobe Acrobat and Adobe Reader 9.x. Users should immediately update to the latest versions of Adobe Acrobat and Adobe Reader. Original advisories Download Adobe Acrobat DC and Adobe Acrobat Reader DC Related products Adobe-Reader Adobe-Acrobat CVE list KB lis...
KLA11605 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in Microsoft Edge can be exploited remotely...
KLA10445 ACE vulnerability in Mozilla
Improper DOM objects interaction was found in Mozilla products. By exploiting this vulnerability malicious users can execute arbitrary code. This culnerability can be exploited remotely via unspecified vectors. Original advisories MFSA Related products Mozilla-Firefox Mozilla-SeaMonkey CVE list...
KLA12202 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An informati...
KLA11477 OSI vulnerability in Microsoft SQL Server
An information disclosure vulnerability in Microsoft SQL Server Analysis Services can be exploited remotely via specially crafted query to obtain sensitive information. Original advisories CVE-2019-0819 Related products Microsoft-SQL-Server CVE list CVE-2019-0819 warning KB list 4494351 4494352...
KLA10640 Multiple vulnerabilities in Apache HTTP Server
Multiple serious vulnerabilities have been found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities 1. Stack recursion crash in the modlua module in the luarequest.c file in luawebsocketread function c...
KLA10925 Information Disclosure vulnerability in Microsoft .NET Framework 4.6.2
Mishandling of a developer-supplied key was found in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. By exploiting this vulnerability malicious users can obtain sensitive cleartext information. This vulnerability can be exploited remotely via leveraging key guessability. Original...
KLA11003 Spoofing user interface vulnerability in Opera products
CVSS: 5.8 Detect date: 04/23/2016 Severity: High Description: An address bar spoofing vulnerability was found in Opera Stable 36 and Opera Mini 13. By exploiting this vulnerability malicious users can spoof user interface the displayed URL. This vulnerability can be exploited remotely via a...
KLA12457 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11807 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An informati...
KLA11100 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper...
KLA10352 Multiple vulnerabilities in Symantec Backup Exec
Multiple serious vulnerabilities have been found in Symantec Backup Exec. Malicious users can exploit these vulnerabilities to bypass auth, read / delete files, cause denial of service and possibly execute arbitrary code. Below is a complete list of vulnerabilities 1. Vectors related to the...
KLA20013 Multiple vulnerabilities in Oracle Java SE and GraalVM
Multiple vulnerabilities were found in Oracle Java SE and GraalVM. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Networking can be...
KLA20151 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Null Pointer...
KLA11366 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11365. Original advisories ADV180030 Related products Microsoft-Windows CVE list KB list 4477029 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11005 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities have been found in Oracle Java SE components. Malicious users can exploit these vulnerabilities to cause a denial of service, read and write local files and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified...