3965 matches found
KLA11247 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra Scripting...
KLA11248 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure IoT SDK can be...
KLA11894 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11597 DoS vulnerability in Apache Tomcat
Unspecified vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability via improper handing of overflow in the UTF-8 decoder to cause denial of service. Original advisories Apache Tomcat 9.x Security Vulnerabilities Related products Apache-Tomcat CVE list CVE-2018-13...
KLA11240 Critical vulnerability in 7-Zip
A critical vulnerability was found in 7-Zip. By exploiting this vulnerability malicious users can cause denial or service or execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted RAR archive. NB: This vulnerability does not have any public CVSS rating, so...
KLA11239 ACE vulnerability in Windows Host Compute Service Shim
An remote code execution vulnerability was found in Windows Host Compute Service Shim. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted image container. Original advisories CVE-2018-8115 Exploitation...
KLA11238 Critical vulnerability in Google Chrome
An use-after-free vulnerability related to Media Cache was found in Google Chrome. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time. N...
KLA11360 ACE vulnerability in UltraISO
A buffer overflow vulnerability was found in UltraISO. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories UltraISO Revision History Related products UltraISO CVE list CVE-2017-2840 high Solution Update to the latest version Download UltraISO Impacts ACE...
KLA11237 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An unsafe DLL loading...
KLA11235 SB vulnerability in Microsoft Windows
A security feature bypass vulnerability was found in Microsoft products. This vulnerability can be exploited locally via a specially designed application to bypass security restrictions. Original advisories CVE-2018-1035 Related products Microsoft-Windows-Server Microsoft-Windows-10 CVE list...
KLA11596 SB vulnerability in LibreOffice
Use after free vulnerability was found in Structured Storage parser. Malicious users can exploit this vulnerability via writing to recently freed data to bypass security restrictions. Original advisories CVE-2018-10119 Use After Free in Structured Storage parser Related products LibreOffice CVE...
KLA11232 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface, gain privileges, execute arbitrary code and perform unspecified attack...
KLA11234 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service and perform unspecified attacks. Below is a complete list of...
KLA11236 Multiple vulnerabilities in Oracle VM VirtualBox
Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, read and write local files. Below is a complete list of vulnerabilities: 1. Multiple unspecified...
KLA11254 DoS vulnerability in LibreOffice
A heap buffer overflow vulnerability was found in LibreOffice. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially crafted file. Original advisories LibreOffice Security Advisory Related products LibreOffice CV...
KLA11223 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. 1. Use-After-Free vulnerability can be exploited remotely to execute arbitrary code; 2. Out-of-bounds reading...
KLA11225 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper font handling in the Office graphics...
KLA11227 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11223 Original advisories ADV180007 Related products Microsoft-Windows CVE list KB list 4093110 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Updat...
KLA11226 OSI vulnerability in Microsoft Developer Tools
An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2018-1037 Related products Microsoft-Visual-Studio CVE list CVE-2018-1037 warning KB list 4089501 4087371 4091346...
KLA11222 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via...
KLA11221 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows . Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service and possibly to bypass security restrictions. Below is a complete list of...
KLA11895 SB vulnerability in Microsoft Device
A security feature bypass vulnerability was found in Microsoft Device. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2018-8117 Related products Microsoft-Windows CVE list CVE-2018-8117 high KB list Solution Install necessary updates from t...
KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KLA11224 ACE vulnerability in Microsoft Internet Explorer
An unspecified vulnerability was found in Microsoft Internet Explorer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted website. Original advisories CVE-2018-8118 Related products...
KLA11218 ACE vulnerability in Microsoft System Center products
A memory corruption vulnerability was found in Microsoft Forefront Endpoint Protection 2010 and Microsoft Security Essentials. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted file. Original advisorie...
KLA11216 ACE vulnerability in Microsoft Exchange Server
A remote code execution vulnerability was found in Microsoft Exchange Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted file. Original advisories CVE-2018-0986 Exploitation Public exploits exis...
KLA11217 ACE vulnerability in Windows Defender
An ACE vulnerability was found in Windows Defender. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file or possible via a specially designed website. Original advisories CVE-2018-0986 CVE-2018-0986...
KLA11220 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. A vulnenerability related to MP4 dissector can be exploited remotely via specially designed packet or packet...
KLA11219 PE vulnerability in Microsoft Products (ESU)
PE vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2018-1038 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
KLA11281 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A buffer overflow vulnerability can be exploited...
KLA11231 Multiple vulnerabilities in Node.js
Multiple serious vulnerabilities have been found in Node.js. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the HTTP parser can be exploited remotely via Content-Length parameter to...
KLA11228 A use-after-free vulnerability in Mozilla Firefox and Firefox ESR
A use-after-free vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service. Original advisories Mozilla Foundation Security Advisory 2018-10 Related products Mozilla-Firefox Mozilla-Firefox-ESR CVE list CVE-2018-5148 critical Solution...
KLA11229 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A buffer overflow vulnerability can be exploited remotely...
KLA12361 Multiple vulnerabilities in Apache HTTP Server
Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in modcachesocache...
KLA11214 Unspecified vulnerability in Google Chrome
An unspecified vulnerability was found in Google Chrome. More information will be published soon. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list Solution Update to the latest version. File with name oldchrome can be still detected after update. It...
KLA11595 SB vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities: 1. Out of bounds memory write vulnerability in libvorbis can be exploited to bypass security restrictions; 2...
KLA11594 SB vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities: 1. Out of bounds memory write vulnerability in libvorbis can be exploited to bypass security restrictions; 2. Out...
KLA11215 DoS vulnerability in VMware Products
An unspecified vulnerability was found in VMware Workstation, Player and Fusion. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a opening a large number of VNC sessions. Original advisories VMSA-2018-0008 Related...
KLA11206 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilitieswere found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, perform cross-site scripting attack, spoof user interface, cause denial of service...
KLA11209 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple vulnerabilities were found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Chakra...
KLA11210 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET Core can be exploited remotely via specially...
KLA11212 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in way that Microsoft...
KLA11211 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11208. Original advisories ADV180006 Related products Microsoft-Windows CVE list KB list 4088785 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11213 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper handling of...
KLA11207 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An informati...
KLA11778 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. An information...
KLA11208 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability can be exploited remotely to execute arbitrary code; 2. A...
KLA11204 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities possibly to cause denial of service or spoof user interface. Below is a complete list of vulnerabilities: 1. Incorrect processing of AppMenifests can be exploited remotely to perfo...
KLA11233 Oracle Java SE 9 end of life
Oracle announced the end of support of Java SE 9. Users should immediately make transition to Java SE 10 18.3. Original advisories Oracle Java SE Support Roadmap Related products Oracle-Java-JRE-1.9.x CVE list Solution Update to Java SE 10 18.3 Download Java Affected Products - Oracle Java SE 9...
KLA11201 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An improper operand validation offsets in the SIGCOMP protocol dissector can be exploited remotely via...