3965 matches found
KLA11289 Information disclosure vulnerability in Microsoft Downloads
An unspecified vulnerability was found in Mail, Calendar, and People in Windows 8.1 App Store. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed e-mail message. Original advisories CVE-2018-8305...
KLA11287 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering vulnerability in Microsoft Office...
KLA12551 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code. Below is a...
KLA11286 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11284. Original advisories ADV180017 Related products Microsoft-Windows CVE list KB list 4338832 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA12552 RCE vulnerability in Microsoft Device
Remove code execution vulnerability was found in Microsoft Wireless Display Adapter. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2018-8306 CVE list CVE-2018-8306 high Solution Install necessary updates from the KB section, that are listed in...
KLA11288 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A tampering...
KLA11283 Multiple vulnerabilities in Adobe Acrobat&Reader
Multiple vulnerabilities was found in Adobe Acrobat&Reader. Original advisories Prenotification Security Advisory for Adobe Acrobat and Reader | APSB18-21 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. Related products...
KLA12553 Security advisory for Adobe Flash Player
Microsoft released update to address vulnerabilities in Adobe Flash Player. For details look at KLA11284. Original advisories ADV180017 Related products Microsoft-Windows CVE list KB list 4338832 Solution Install necessary updates from the KB section, that are listed in your Windows Update Window...
KLA11284 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities were found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A out-of-bounds read vulnerability can be exploited remotely via specially...
KLA11292 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unknown...
KLA11278 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities: 1. Buffer overflow vulnerability occurs during rendering of canvas...
KLA11277 Multiple vulnerabilities in VMware products
Multiple out-of-bounds read vulnerabilities have been found in VMware Workstation and Fusion. Malicious users can exploit these vulnerabilities to obtain sensitive information or gain privileges. Original advisories VMSA-2018-0016 Related products VMware-Workstation VMware-Fusion CVE list...
KLA11271 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service and obtain sensitive information. Below is a complete list of...
KLA11269 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive data. These vulnerabilities are related to Oracle Outside In libraries elements and can be exploited by unauthenticated...
KLA11732 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, perform cross-site scripting attack, spoof user interface, execute arbitrary code. Below is a complete list of...
KLA11291 Microsoft Guidance for Lazy Floating Point State Restore
Speculative store bypass vulnerability in Microsoft Windows systems can be exploited to bypass security restrictions. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown involving...
KLA11891 Microsoft Advisory for Microsoft Products (ESU)
Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown. An additional vulnerability involving side channel speculative execution has been announced and assigned CVE-2018-3665. An attacker locally could caus...
KLA11267 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect handling of requests in Microsoft...
KLA11264 Multiple vulnerabilities in Microsoft ChakraCore
Multiple serious vulnerabilities have been found in Microsoft ChakraCore. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect handling of objects in memory of Chakra scripting engine can be exploited locally via...
KLA11892 Multiple vulnerabilties in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KLA11265 Multiple vulnerabilities in Microsoft Internet Explorer & Edge
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting...
KLA11266 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...
KLA11259 DoS vulnerability in Mozilla Firefox and Firefox ESR
A heap buffer overflow vulnerability was found in the Skia library. By exploiting this vulnerability malicious users can cause denial of service via specially crafted SVG file with anti-aliasing turned off. Original advisories Mozilla Foundation Security Advisory 2018-14 Exploitation Public...
KLA11671 Security vulnerabilities for Adobe
This security update addresses the multiple vulnerabilities, which are described in Adobe Security Bulletin APSB18-19. Original advisories ADV180014 APSB18-19 Related products Adobe-Flash-Player-ActiveX Adobe-Flash-Player-NPAPI Adobe-Flash-Player-PPAPI CVE list ADV180014 unknown KB list 4287903...
KLA11262 Obsolete Adobe Flash player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11261 Original advisories - Related products Microsoft-Windows CVE list KB list Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update usually can be...
KLA11261 Multiple vulnerabilities in Adobe Flash player
Multiple serious vulnerabilities have been found in Adobe Flash player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Type Confusion vulnerability in Adobe Flash player can be exploited...
KLA11260 SB vulnerability in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Vulnerability related to Content Security Policy can be exploited via a crafted HTML pag...
KLA11282 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in CoreGraphics...
KLA11257 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities possibly to execute arbitrary code, cause denial of service, perform cross-site scripting attacks, obtain sensitive information, spoof user interface, bypass security restrictions...
KLA11355 Use after free vulnerability in VLC media player
An use after free vulnerability was found in VLC media player. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Security Advisory 1801 Related products VLC-media-player CVE list CVE-2018-11516 high Solution Update to the latest version Download VLC...
KLA11600 OSI vulnerability in LibreOffice
Unspecified vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2018-10583 Exploitation Public exploits exist for this vulnerability. Related products LibreOffice CVE list CVE-2018-10583 warning Solution...
KLA11255 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in LDSS dissector can be exploited remotely via malformed packet trace file to...
KLA11258 Multiple vulnerabilities in VMware Workstation and Fusion
Multiple serious vulnerabilities have been found in VMware Workstation and Fusion. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges and cause denial of service. Below is a complete list of vulnerabilities: 1. A speculative store bypass vulnerabili...
KLA11253 Microsoft Advisory for Microsoft Windows
On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On May 21st, a new subclass ...
KLA11030 Speculative Store Bypass and Rogue System Register Read vulnerabilities in Microsoft Surface Products
On January 3, 2018, Microsoft released advisories and security updates related to a recently discovered class of hardware vulnerabilities known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs. On May 21, 2018, Intel announced the Rogue System Registry Read vulnerability. Also a new...
KLA11640 Multiple vulnerabilities in Microsoft Devices
Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities. Malicious can exploit these vulnerabilities to obtain sensitive information and bypass security restrictions. Original advisories ADV180012 ADV180013 Related products Windows-RT CV...
KLA11893 Microsoft Advisory for Microsoft Products (ESU)
Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown. Also, a new subclass of speculative execution side channel vulnerabilities known as Speculative Store Bypass SSB has been announced and assigned...
KLA11251 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. Multiple memo...
KLA11731 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. PE vulnerability in extensions components can be exploited to gain privileges. 2. Type confusio...
KLA11250 ACE vulnerability in Microsoft PowerPoint
A remote code execution vulnerability was found in Microsoft PowerPoint. Malicious users can exploit this vulnerability via specially crafted file to execute arbitrary code. Original advisories CVE-2018-8176 Related products Microsoft-Office-PowerPoint CVE list CVE-2018-8176 critical KB list...
KLA11256 SB vulnerability in Apache Tomcat
Unspecified vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories Apache Tomcat 8.x Security Vulnerabilities Apache Tomcat 9.x Security Vulnerabilities Apache Tomcat 7.x Security Vulnerabilities Related produc...
KLA11252 Multiple vulnerabilities in Adobe Acrobat and Acrobat Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: 1. A double free...
KLA11263 DoS vulnerability in PostgreSQL
A security bypass vulnerability was found in PostgreSQL. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a built-in module “adminpack”. Original advisories PostgreSQL 10.4, 9.6.9, 9.5.13, 9.4.18, and 9.3.23 released!...
KLA11249 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service and gain privileges. Below is a complete list of vulnerabilities: 1. A chain leading to sandbox escape can be exploited remotely ...
KLA11246 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges, execute arbitrary code, perform XSS attacks and bypass security restrictions. Below is a complete list ...
KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11248 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure IoT SDK can be...
KLA11244 ACE vulnerability in Adobe Flash Player
A type confusion vulnerability was found in Adobe Flash Player. This vulnerability can be exploited remotely. By exploiting this vulnerability malicious users can execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install...
KLA11241 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerabili...
KLA11247 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting...