3965 matches found
KLA12054 Multiple vulnerabilities in Cisco Jabber
Multiple vulnerabilities were found in Cisco Jabber. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A cross-site scripting vulnerability in Cisco Jabber Client Framework JCF can be...
KLA11230 ACE vulnerability in Microsoft System Center product
An unspecified vulnerability was found in Microsoft Identity Manager 2016 Service Pack 1. By exploiting this vulnerability malicious users can perform cross-site scripting attacks and execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted attribute value...
KLA11194 Unspecified vulnerability in Google Chrome
An unspecified vulnerability was found in the component V8 in Google Chrome. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2018-605...
KLA11203 Multiple vulnerabilities in Apache Tomcat
Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities: 1. A vulnerability related to security constraints defined by annotations of Servlets can be exploited...
KLA11200 Multiple vulnerabilties in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11193 Multiple vulnerabilities in Adobe Arcobat&Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code and gain priveleges. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerabilities can be exploited to execute arbitrary...
KLA11197 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain priveleges and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Remote code execution vulnerability in Microsoft Office...
KLA11195 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation...
KLA11199 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge c...
KLA11198 RLF vulnerability in LibreOffice
A vulnerability was found in LibreOffice. By exploiting this vulnerability malicious users can read local files. This vulnerability can be exploited via WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. Original advisories LibreOffice Security Advisory Exploitation...
KLA11196 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory disclosure vulnerability in table partitioning can be...
KLA11192 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11191. Original advisories ADV180004 Related products Microsoft-Windows CVE list KB list 4074595 Solution Install necessary updates from the KB section, that are listed in your Windo...
KLA11191 Multiple use-after-free vulnerabilities in Adobe Flash Player
Multiple use-after-free vulnerabilitires was found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially crafted Office documents with embedded malicious Flash content. Technical detai...
KLA11188 Unspecified vulnerability in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and perform unspecified attacks. Below is a complete list of vulnerabilities: 1. A data validation vulnerability in the...
KLA11189 DoS vulnerability in Apache Tomcat
An incorrectly documented CGI search algorithm was found in Apache Tomcat. By exploiting this vulnerability malicious users can cause denial of service. Technical details Note that the behaviour of the CGI servlet has remained unchanged in this regard. It is only the documentation of the behaviou...
KLA11190 Multiple vulnerabilities in 7-Zip
Multiple serious vulnerabilities have been found in 7-Zip. Malicious users can exploit these vulnerabilities to cause denial of service and possibly to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilities in RAR3 handler can be exploited remote...
KLA11187 ACE vulnerability in Mozilla Firefox
An unspecified vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a unsanitized output in the browser UI. Original advisories Mozilla Foundation Security Advisory 2018-05 Related...
KLA11186 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface and execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple use-after-free vulnerabilities can be...
KLA11185 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information and perform cross-site scripting attack. Below ...
KLA11280 Multiple vulnerabilities in Apple iTunes
Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted webpage. Original advisories About the security content of iTunes 12.7.3 for...
KLA11184 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass...
KLA11183 Memory corruption vulnerabilities in Microsoft Office
Memory corruption vulnerabilities was found in Microsoft Office software. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited via specially crafted file to execute arbitrary code. Original advisories CVE-2018-0849 CVE-2018-0862...
KLA11181 Vulnerability in Microsoft Windows
Microsoft released update to address vulnerabilities in Windows Update. For details look at KLA11165 Original advisories - Related products Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7 Microsoft-Windows-Server-2008 Microsoft-Windows-10 CVE list KB list 4073291 Solution...
KLA11179 Multiple vulnerabilities in Oracle VM VirtualBox
Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple unspecified vulnerabilities in Core subcomponent of Oracle...
KLA11182 Multiple vulnerabilities in Micrsoft Development Tools
Microsoft released update to address vulnerabilities in Microsoft Update KB4055002. For details look at KLA11172 Original advisories - Related products Microsoft-.NET-Framework Microsoft-Windows-7 Microsoft-Windows-Server-2008 CVE list KB list 4074880 Solution Install necessary updates from the K...
KLA11178 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability ...
KLA11176 Multiple DoS vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. A recursion depth error in epan/tvbparse.c can be exploited remotely via a malformed packet to cause denial ...
KLA11177 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware Workstation and VMware Fusion. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled can...
KLA11180 Multiple vulnerabilities in Microsoft Office Online
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Remote code execution vulnerability in Microsoft Office software can be exploited via specially crafte...
KLA11170 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Elevation of privilege vulnerabilities in...
KLA11173 OSI vulnerability in VMware Products
A bounds check bypass and branch target injection vulnerability was found in VMware ESXi, VMWare Workstation and VMware Fusion. By exploiting this vulnerability malicious users can obtain sensitive information. Original advisories VMSA-2018-0004 VMSA-2018-0002 Exploitation Public exploits exist f...
KLA11174 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11171. Original advisories ADV180001 Related products Microsoft-Windows CVE list KB list 4056887 Solution Install necessary updates from the KB section, that are listed in your Windo...
KLA11172 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft .NET Core, ASP.NET Core, Microsoft Excel and Microsoft Office Compatibility Pack. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions and gain privileges...
KLA11175 DoS and ACE vulnerabilities in VMware Products
Multiple serious vulnerabilities have been found in VMware Products. Malicious users can exploit these vulnerabilities to cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in TPView.dll can be exploited remotely...
KLA11169 Speculative execution side-channel attack in Mozilla Firefox and Firefox ESR
An information disclosure vulnerability was found in modern CPUs. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via malicious web page through a timing side-channel attack using JavaScript. Technical details Vendor...
KLA11168 Multiple vulnerabilities in Microsoft SQL Server
Multiple information disclosure vulnerabilities have been found in Microsoft SQL Server. Malicious user can exploit these vulnerabilities to obtain sensitive information. These vulnerabilities can be exploited remotelly via speculative execution side-channel attack to obtain sensetive information...
KLA11167 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
KLA11165 Microsoft vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Subsystem for...
KLA11166 Multiple vunlerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in...
KLA11202 PE vulnerabilities in PostgreSQL
A vulnerabilyty was found in PostgreSQL. This vulnerability allow a user to modify the behavior of a query for other users and can be exploited to execute code with the permissions of superuser in the database. Original advisories Security Update Release Related products PostgreSQL CVE list...
KLA11163 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, inject arbitrary code or spoof user interface. 1. A buffer overflow vulnerability in Direct ...
KLA11164 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause privelege escalation, cross site scripting and arbitrary code execution. 1. A vulnerability, related with using VNC can be exploited remotely via sending specipic VNC...
KLA11161 UXSS vulnerability in Google Chrome
An unspecified vulnerability was found in Google Chrome. By exploiting this vulnerability malicious users can perform cross-site scripting. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2017-15429 warning Solution Update to the latest version...
KLA11160 Obsolete Adobe Flash Player for Windows
A remote code execution vulnerability was found in Adobe Flash Player. This vulnerability can be exploited via a specially designed webpage to execute arbitrary code. Original advisories ADV170022 Related products Microsoft-Windows CVE list KB list 4053577 Solution Install necessary updates from...
KLA11156 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious user can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect validating of untrusted fi...
KLA11159 SUI vulnerability in Microsoft Exchange Server
Improper web requests handling was found in Microsoft Exchange Server at Outlook Web Access. By exploiting this vulnerability malicious users can spoof user interface. This vulnerability can be exploited remotely via a specially designed email with malicious link. Original advisories ADV170023...
KLA11158 Multiple vunlerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via...
KLA11157 A regression in Adobe Flash Player
A regression in Adobe Flash Player can lead to the unintended reset of the global settings preference file when a user clears browser data. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original...
KLA11155 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft...
KLA10918 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extedned Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Windows RRAS Servi...