3996 matches found
KLA11366 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11365. Original advisories ADV180030 Related products Microsoft-Windows CVE list KB list 4477029 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11365 ACE vulnerability in Adobe Flash Player
A type confusion vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability remotely to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, use the solution from KLA11366 Original advisori...
KLA11368 ACE vulnerability in Google Chrome
Use-after-free vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability remotely via specially crafted website to execute arbitrary code and to cause denial of service. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list...
KLA12401 DoS vulnerability in OpenOffice
Arithmetic overflow vulnerability was found in OpenOffice. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2018-11790 Related products OpenOffice.org CVE list CVE-2018-11790 critical Solution Update to the latest version Download OpenOffice Impac...
KLA11733 Memory vulnerability in Opera
Memory vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Changelog for Opera 57 Stable Channel Update for Desktop Related products Opera CVE list CVE-2018-17478 high Solution Update to the latest version Download Opera...
KLA11352 SUI vulnerability in Adobe Flash Player
Out-of-bounds read vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to spoof user interface. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original...
KLA11349 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A vulnerability in Microsoft Outloo...
KLA11887 XSS vulnerability in Microsoft Azure
A cross-site-scripting XSS vulnerability was found in in MIcrosoft Azure. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2018-8600 Related products Microsoft-Azure CVE list CVE-2018-8600 high KB list Solution Install necessary updates from the KB...
KLA11356 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11352. Original advisories ADV180025 Related products Microsoft-Windows CVE list KB list 4467694 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11886 Microsoft Advisory for Adobe Flash
Original advisories ADV180025 APSB18-39 Related products Adobe-Flash CVE list KB list 4467694 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update usually can be accessed from the Control Panel Affected Products - Adobe Flash...
KLA11898 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products ESU. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory...
KLA11354 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An information...
KLA11351 Multiple vulnerabilities in Microsoft Dynamics
Multiple serious vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple cross site scripting vulnerabilities in Microsoft Dynamics 365 on-premises...
KLA11358 Multiple vulnerabilities in Microsoft Development Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft PowerShell can be exploited...
KLA11353 Multiple vulnerabilities in Microsoft Browser
Multiple serious vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in...
KLA11357 Information disclosure Vulnerability in Adobe Acrobat and Reader
Vulnerability related to NTLM SSO hash theft was found in Adobe Acrobat and Reader. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories APSB18-40 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...
KLA11350 PE vulnerability in Microsoft Server Software
Incorrect requests handling vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2018-8581 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details...
KLA11348 Out of bounds memory access vulnerability in Google Chrome
Out of bounds memory access vulnerability in Google Chrome can be exploited remotely via specially designed website to bypass security restrictions. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2018-17478 high Solution Update to the latest...
KLA11346 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities were found in VWware Workstation and Fusion. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Uninitialized stack memory vulnerability can be exploited to...
KLA11347 SB vulnerability in PostgreSQL
SQL injection vulnerability in PostreSQL. Malicious users can exploit this vulnerability via running arbitrary SQL statements with superuser privileges when a superuser runs pgupgrade on the database or during a pgdump dump/restore cycle to bypass security restrictions. Original advisories...
KLA11345 Guidance for configuring BitLocker to enforce software encryption
Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting drives and recommends customers to use the software only encryption provided by BitLocker Drive Encryption. For the details, see ADV180028 Original advisories ADV180028 Related products...
KLA11342 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Vulnerability related to HTTP Live Stream can be exploited...
KLA11343 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service and perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. A memory...
KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, read local files, spoof user interface and execute arbitrary code. Below is a comple...
KLA11344 ACE vulnerability in Yammer Desktop App
A remote code execution vulnerability was found in Yammer Desktop Application. Malicious users can exploit this vulnerability remotely via specially crafted website to execute arbitrary code. Original advisories CVE-2018-8569 Related products Yammer-Desktop-App CVE list CVE-2018-8569 high KB list...
KLA11340 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unspecified...
KLA11338 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A sandbox escape vulnerability...
KLA11339 Multiple vulnerabilities in Oracle Virtual Box
Multiple serious vulnerabilities were found in Oracle VM Virtual Box. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Vulnerability in the Oracle VM VirtualBox component of Oracle...
KLA11337 Multiple DoS vulnerabilities in Wireshark
Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the MS-WSP dissector can be exploited remotely via malformed packet trace file to...
KLA11888 Multiple vulnerabilties in Microsoft SQL Server
An information disclosure vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2018-8527 CVE-2018-8532 CVE-2018-8533 Exploitation Public exploits exist for this vulnerability. Related products...
KLA11329 DoS vulnerability in VMware products
Infinite loop vulnerability was found in VMware Workstation and VMware Fusion. Malicious users can exploit this vulnerability to cause denial of service. Technical details This vulnerability can be exploited if 3D-acceleration feature is enabled. It’s enabled by default on Workstation and Fusion...
KLA11333 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerabili...
KLA11334 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft...
KLA11330 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Azure IoT Device Client SDK can be...
KLA11331 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited...
KLA11335 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities were found in Microsoft Exchange. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Exchange can be exploited remotely vi...
KLA11889 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation...
KLA11797 Security vulnerability in Zoom
Security vulnerability was found in Zoom. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions, spoof user interface. Original advisories Zoom Security CVE-2018-15715 CVE-2018-15715 Exploitation Malware exists for this vulnerability. Usually...
KLA11336 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple use-after-free vulnerabilities can be exploited...
KLA11327 SB vulnerability in Apache Tomcat
A vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability via specially crafted URI to bypass security restrictions. Original advisories Apache Tomcat 7.x vulnerabilities Apache Tomcat 8.x vulnerabilities Apache Tomcat 9.x vulnerabilities Related products...
KLA11325 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A vulnerability in register allocation in JavaScript c...
KLA11324 Multiple vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple out-of-bounds write vulnerabilities can ...
KLA11328 Apache Tomcat 8.0.x end of support
Apache announced the end of support of Apache Tomcat 8.0.x on September, 30. Users should plan to upgrade. Original advisories End of life for Apache Tomcat 8.0.x Related products Apache-Tomcat CVE list Solution Update to the latest version Affected Products - Apache Tomcat 8.0.x...
KLA11326 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple out-of-bounds Access/Write/Read vulnerabilities releted to parsing...
KLA11321 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Vulnerability related to TransportSecurityInfo can be...
KLA11322 Multiple vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability can be exploited remotely to...
KLA11323 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, perform cross-site scripting attack, read local files. Below is a complete list of...
KLA11317 OSI vulnerabilities in Adobe Flash player
A privilege escalation vulnerability was found in Adobe Flash Player. Malicious users can exploit this vulnerability to obtain sensitive information, gain privileges. Original advisories APSB18-31 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit...
KLA11320 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11317. Original advisories ADV180023 Related products Microsoft-Windows Microsoft-Windows-Server CVE list KB list 4457146 Solution Install necessary updates from the KB section, that are listed in your...
KLA11318 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. A memory...