3996 matches found
KLA11409 Multiple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. Multiple memory corruption vulnerabilities in SQLite can be exploited remotely to...
KLA11494 DOS vulnerability in Apache Tomcat
Incorrect requests handling int Apache HTTP/2. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.x Security Vulnerabilities Related products Apache-Tomcat CVE list CVE-2019-0199 warning Solution Update to the latest version Download...
KLA11495 DOS vulnerability in Apache Tomcat
Incorrect requests handling int Apache HTTP/2. Malicious users can exploit this vulnerability to cause denial of service. Original advisories - Related products Apache-Tomcat CVE list CVE-2019-0199 warning Solution Update to the latest version Download Tomcat 9 Impacts DoS Denial of service...
KLA11423 ACE vulnerability in Google Chrome
Inappropriate implementation vulnerability was found in V8 component of Google Chrome. Malicious users can exploit these vulnerability to execute arbitrary code. Original advisories Stable Channel Update for Desktop Exploitation Public exploits exist for this vulnerability. Related products...
KLA11412 Elevation of Privilege Vulnerability in Microsoft Exchange Server
Unspecified vulnerability was found in Microsoft Exchange server. Malicious users can exploit this vulnerability via specially designed request to gain privileges. Original advisories ADV190007 Related products Microsoft-Exchange-Server CVE list KB list 4471391 4471392 4487052 4345836 Solution...
KLA11427 Multiple ACE vulnerabilities in WinRAR
Multiple vulnerabilities were found in WinRAR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A logical issue can be exploited locally via specially crafted filename of the ACE archive to...
KLA11407 ACE vulnerability in LibreOffice
A directory traversal vulnerability were found in LibreOffice. Malicious users can exploit this vulnerability remotely via specially crafted document to execute arbitrary code. Original advisories CVE-2018-16858 Directory traversal flaw in script execution Exploitation Public exploits exist for...
KLA11410 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1...
KLA11411 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: Use-after-free vulnerability can be exploited remotely via specially designed HTML5...
KLA11413 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Inappropriate implementation vulnerability in QUIC Networking component can be exploited...
KLA11408 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability i...
KLA11404 Multiple vulnerabilities in Microsoft Development Tools
Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, perform cross-site scripting attacks. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability in Team Foundation...
KLA11403 Multiple vulnerabilities in Oracle Java SE
Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A divide by zero vulnerability in libjpeg ImageIO component can be exploited remotely ...
KLA11405 Multiple vulnerabilities in Oracle Virtual Box
Multiple vulnerabilities were found in Oracle Virtual Box. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Core component of...
KLA11402 Spoofing vulnerability in Microsoft Office
Spoofing vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability remotely via specially crafted request to spoof user interface. Original advisories CVE-2019-0624 Related products Microsoft-Lync Microsoft-Office CVE list CVE-2019-0624 warning KB list 3061064...
KLA11398 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
Multiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Out-of-bounds Write/Read vulnerability can be exploited remotely to...
KLA11449 SB vulnerability in WinSCP
Buffer overflow vulnerability was found in WinSCP. Malicious users can exploit this vulnerability remotely to bypass security restrictions. Original advisories Bug 1675 – Prevent SCP server sending files that were not requested Related products WinSCP CVE list CVE-2018-20684 high Solution Update ...
KLA12056 XSS vulnerability in Cisco Jabber
A cross-site scripting XSS vulnerability was found in Cisco Jabber. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability Related products Cisco-Jabber CVE list...
KLA11396 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
KLA11401 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in 6LoWPAN dissector can be exploited remotely via malformed packet to cause denial ...
KLA11880 Microsoft Advisory for Adobe Flash
This update does not address any multiple security vulnerabilities. For more information, please see APSB19-01. Original advisories ADV190001 APSB19-01 Related products Adobe-Flash CVE list KB list 4480979 Solution Install necessary updates from the KB section, that are listed in your Windows...
KLA11395 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Exchange can be...
KLA11881 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in J...
KLA11394 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Data...
KLA11397 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially...
KLA11399 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsof...
KLA11393 Multiple vulnerabilities in Adobe Acrobat and Acrobat Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability can be exploited remotely to execute...
KLA11406 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Buffer overflow and out-of-bounds read vulnerability...
KLA11882 ACE vulnerability in Microsoft Products (ESU)
A memory corruption vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2018-8653 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit...
KLA11392 ACE vulnerability in Microsoft Internet Explorer
A memory corruption vulnerability was found in Microsoft Internet Explorer. Malicious users can exploit this vulnerability remotely via specially crafted website to execute arbitrary code. Original advisories CVE-2018-8653 Exploitation Malware exists for this vulnerability. Usually such malware i...
KLA11384 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities can be exploited remotely to spoof user interface; 2. Multiple memory...
KLA11391 Use after free vulnerability in Google Chrome
Use afrer free vulnerability was found in Google Chrome’s. This vulnerability related to PDFium component. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE li...
KLA11734 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use after free...
KLA11388 Multiple vulnerabilities in Microsoft Browsers
Multiple serious vulnerabilities were found in Microsoft Browsers Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially craft...
KLA11883 ACE vulnerability in Microsoft Azure
A cross-site-scripting XSS vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2018-8652 Related products Microsoft-Windows Microsoft-Azure CVE list CVE-2018-8652 warning KB list 4480788 Solution Install...
KLA11386 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11897 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Diagnostics Hub...
KLA11387 Tampering Vulnerability in Microsoft Exchange Server
A tampering vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability via specially designed request to spoof user interface. Original advisories CVE-2018-8604 Related products Microsoft-Exchange-Server CVE list CVE-2018-8604 warning KB list 4468741...
KLA11382 SUI vulnerability in Microsoft Dynamics
Cross-site-scripting XSS vulnerability was found in Microsoft Dynamics NAV. Malicious users can exploit this vulnerability remotely via specially crafted web page to spoof user interface. Original advisories CVE-2018-8651 Related products Microsoft-Dynamics-365 CVE list CVE-2018-8651 warning KB...
KLA11389 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1...
KLA11390 Multiple vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple buffer errors vulnerabilities in Adobe...
KLA11385 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11884 Multiple vulnerability in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11380 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability can be exploited remotely via specially crafted file to...
KLA11381 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11380. Original advisories ADV180031 Related products Adobe-Flash CVE list KB list 4471331 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update...
KLA11598 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An out-of-bounds read in V8 can be exploited remotely to...
KLA11379 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An out-of-bounds read in V8 can be exploited remotely t...
KLA11377 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A heap buffer over-read vulnerability in the Wireshark dissection engine can be...
KLA11376 Spoofing vulnerability in Microsoft Windows
A vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Technical details The certificates were inadvertently disclosed by the Sennheiser HeadSetup and HeadSetup Pro software. Original advisories ADV180029 Related products...
KLA11370 ACE vulnerability in VMware Workstation and Fusion
Integer overflow vulnerability was found in VMware Workstation and Fusion. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories VMSA-2018-0030 Related products VMware-Workstation VMware-Fusion CVE list CVE-2018-6983 high Solution Update to the latest versi...