Lucene search
K
KasperskyRecent

3996 matches found

Kaspersky
Kaspersky
added 2018/01/23 12:0 a.m.46 views

KLA11280 Multiple vulnerabilities in Apple iTunes

Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted webpage. Original advisories About the security content of iTunes 12.7.3 for...

8.8CVSS9.3AI score0.01827EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2018/01/23 12:0 a.m.611 views

KLA11184 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass...

10CVSS10AI score0.20024EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2018/01/19 12:0 a.m.110 views

KLA11183 Memory corruption vulnerabilities in Microsoft Office

Memory corruption vulnerabilities was found in Microsoft Office software. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited via specially crafted file to execute arbitrary code. Original advisories CVE-2018-0849 CVE-2018-0862...

9.3CVSS8.8AI score0.20489EPSS
Exploits0References15
Kaspersky
Kaspersky
added 2018/01/18 12:0 a.m.58 views

KLA11181 Vulnerability in Microsoft Windows

Microsoft released update to address vulnerabilities in Windows Update. For details look at KLA11165 Original advisories - Related products Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7 Microsoft-Windows-Server-2008 Microsoft-Windows-10 CVE list KB list 4073291 Solution...

7.3AI score
Exploits0References8
Kaspersky
Kaspersky
added 2018/01/18 12:0 a.m.56 views

KLA11182 Multiple vulnerabilities in Micrsoft Development Tools

Microsoft released update to address vulnerabilities in Microsoft Update KB4055002. For details look at KLA11172 Original advisories - Related products Microsoft-.NET-Framework Microsoft-Windows-7 Microsoft-Windows-Server-2008 CVE list KB list 4074880 Solution Install necessary updates from the K...

7.2AI score
Exploits0References6
Kaspersky
Kaspersky
added 2018/01/18 12:0 a.m.128 views

KLA11179 Multiple vulnerabilities in Oracle VM VirtualBox

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple unspecified vulnerabilities in Core subcomponent of Oracle...

8.8CVSS8.6AI score0.74041EPSS
Exploits15References4
Kaspersky
Kaspersky
added 2018/01/16 12:0 a.m.2767 views

KLA11178 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability ...

8.3CVSS7.6AI score0.07525EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2018/01/11 12:0 a.m.240 views

KLA11176 Multiple DoS vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. A recursion depth error in epan/tvbparse.c can be exploited remotely via a malformed packet to cause denial ...

7.5CVSS7.7AI score0.02692EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2018/01/10 12:0 a.m.292 views

KLA11177 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware Workstation and VMware Fusion. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled can...

7CVSS7.8AI score0.00381EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2018/01/09 12:0 a.m.487 views

KLA11170 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Elevation of privilege vulnerabilities in...

9.3CVSS9.8AI score0.95121EPSS
Exploits7References61
Kaspersky
Kaspersky
added 2018/01/09 12:0 a.m.95 views

KLA11172 Multiple vulnerabilities in Microsoft Development Tools

Multiple serious vulnerabilities have been found in Microsoft .NET Core, ASP.NET Core, Microsoft Excel and Microsoft Office Compatibility Pack. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions and gain privileges...

8.8CVSS9.1AI score0.08885EPSS
Exploits0References35
Kaspersky
Kaspersky
added 2018/01/09 12:0 a.m.67 views

KLA11180 Multiple vulnerabilities in Microsoft Office Online

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Remote code execution vulnerability in Microsoft Office software can be exploited via specially crafte...

9.3CVSS9.3AI score0.28338EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2018/01/09 12:0 a.m.41 views

KLA11174 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11171. Original advisories ADV180001 Related products Microsoft-Windows CVE list KB list 4056887 Solution Install necessary updates from the KB section, that are listed in your Windo...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2018/01/09 12:0 a.m.192 views

KLA11173 OSI vulnerability in VMware Products

A bounds check bypass and branch target injection vulnerability was found in VMware ESXi, VMWare Workstation and VMware Fusion. By exploiting this vulnerability malicious users can obtain sensitive information. Original advisories VMSA-2018-0004 VMSA-2018-0002 Exploitation Public exploits exist f...

5.6CVSS8.5AI score0.93838EPSS
Exploits12References6
Kaspersky
Kaspersky
added 2018/01/04 12:0 a.m.89 views

KLA11175 DoS and ACE vulnerabilities in VMware Products

Multiple serious vulnerabilities have been found in VMware Products. Malicious users can exploit these vulnerabilities to cause denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in TPView.dll can be exploited remotely...

7.8CVSS7.7AI score0.00498EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2018/01/04 12:0 a.m.451 views

KLA11169 Speculative execution side-channel attack in Mozilla Firefox and Firefox ESR

An information disclosure vulnerability was found in modern CPUs. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via malicious web page through a timing side-channel attack using JavaScript. Technical details Vendor...

6.5AI score
Exploits0References4
Kaspersky
Kaspersky
added 2018/01/03 12:0 a.m.638 views

KLA11166 Multiple vunlerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in...

8.5CVSS8.4AI score0.80799EPSS
Exploits31References44
Kaspersky
Kaspersky
added 2018/01/03 12:0 a.m.528 views

KLA11165 Microsoft vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Subsystem for...

7.8CVSS7.8AI score0.15023EPSS
Exploits13References47
Kaspersky
Kaspersky
added 2018/01/03 12:0 a.m.141 views

KLA11167 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

7.8CVSS8.5AI score0.11932EPSS
Exploits4References34
Kaspersky
Kaspersky
added 2018/01/03 12:0 a.m.43 views

KLA11202 PE vulnerabilities in PostgreSQL

A vulnerabilyty was found in PostgreSQL. This vulnerability allow a user to modify the behavior of a query for other users and can be exploited to execute code with the permissions of superuser in the database. Original advisories Security Update Release Related products PostgreSQL CVE list...

8.8CVSS8.2AI score0.14142EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2018/01/03 12:0 a.m.250 views

KLA11168 Multiple vulnerabilities in Microsoft SQL Server

Multiple information disclosure vulnerabilities have been found in Microsoft SQL Server. Malicious user can exploit these vulnerabilities to obtain sensitive information. These vulnerabilities can be exploited remotelly via speculative execution side-channel attack to obtain sensetive information...

7.9AI score
Exploits0References17
Kaspersky
Kaspersky
added 2017/12/22 12:0 a.m.102 views

KLA11163 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, inject arbitrary code or spoof user interface. 1. A buffer overflow vulnerability in Direct ...

9.3CVSS9.2AI score0.03215EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2017/12/19 12:0 a.m.70 views

KLA11164 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause privelege escalation, cross site scripting and arbitrary code execution. 1. A vulnerability, related with using VNC can be exploited remotely via sending specipic VNC...

8.8CVSS7.9AI score0.03571EPSS
Exploits2References5
Kaspersky
Kaspersky
added 2017/12/14 12:0 a.m.1039 views

KLA11161 UXSS vulnerability in Google Chrome

An unspecified vulnerability was found in Google Chrome. By exploiting this vulnerability malicious users can perform cross-site scripting. Original advisories Stable Channel Update for Desktop Related products Google-Chrome CVE list CVE-2017-15429 warning Solution Update to the latest version...

6.1CVSS6.4AI score0.01142EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.69 views

KLA10918 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extedned Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Windows RRAS Servi...

8.5CVSS8.7AI score0.64164EPSS
Exploits22References31
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.76 views

KLA11160 Obsolete Adobe Flash Player for Windows

A remote code execution vulnerability was found in Adobe Flash Player. This vulnerability can be exploited via a specially designed webpage to execute arbitrary code. Original advisories ADV170022 Related products Microsoft-Windows CVE list KB list 4053577 Solution Install necessary updates from...

8.6AI score
Exploits0References4
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.67 views

KLA11155 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft...

9.3CVSS7.8AI score0.18881EPSS
Exploits0References26
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.58 views

KLA11157 A regression in Adobe Flash Player

A regression in Adobe Flash Player can lead to the unintended reset of the global settings preference file when a user clears browser data. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original...

6.5CVSS6AI score0.03642EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.125 views

KLA11156 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious user can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect validating of untrusted fi...

9.8CVSS8.5AI score0.45521EPSS
Exploits6References28
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.62 views

KLA11159 SUI vulnerability in Microsoft Exchange Server

Improper web requests handling was found in Microsoft Exchange Server at Outlook Web Access. By exploiting this vulnerability malicious users can spoof user interface. This vulnerability can be exploited remotely via a specially designed email with malicious link. Original advisories ADV170023...

8.1CVSS8AI score0.05884EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.220 views

KLA11158 Multiple vunlerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via...

7.6CVSS8.3AI score0.68491EPSS
Exploits32References38
Kaspersky
Kaspersky
added 2017/12/07 12:0 a.m.78 views

KLA11364 OSI vulnerability in KeePass

Unspecified vulnerability was found in KeePass. Malicious users can exploit this vulnerability remotely via inadvertently decrypting certain database entries into memory to obtain sensetive information. Original advisories - Related products KeePass-Password-Safe CVE list CVE-2017-1000066 warning...

7.5CVSS7.7AI score0.01404EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2017/12/07 12:0 a.m.230 views

KLA11153 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service and obtain sensitive information. 1. A buffer overflow vulnerability in Direct 3D 9 component can be exploited remotely to cause denial of service; 2. ...

9.3CVSS8.9AI score0.03215EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2017/12/07 12:0 a.m.37 views

KLA11856 ACE vulnerability in Microsoft Exchange Server

A remote code execution vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11940 Related products Microsoft-Exchange-Server CVE list CVE-2017-11940 critical KB list Solution Install necessary...

9.3CVSS8.2AI score0.19759EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/12/07 12:0 a.m.45 views

KLA11857 ACE vulnerability in Microsoft System Center

A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11940 Related products Microsoft-System-Center-Virtual-Machine-Manager Microsoft-Forefront-Protection...

9.3CVSS8.1AI score0.19759EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/12/07 12:0 a.m.138 views

KLA11152 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, spoof user interface, bypass security restrictions and possibly to execute arbitrary code. Below is a complete list of...

8.8CVSS10AI score0.02963EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/12/06 12:0 a.m.86 views

KLA11279 Multiple vulnerabilities in Apple iTunes

Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in APNs Server can be exploited remotely to...

9.3CVSS9.3AI score0.02689EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/12/06 12:0 a.m.32 views

KLA11854 ACE vulnerability in Microsoft System Center

A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11937 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details...

9.3CVSS8.2AI score0.28441EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/12/06 12:0 a.m.42 views

KLA11853 ACE vulnerability in Microsoft Exchange Server

A remote code execution vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11937 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More detail...

9.3CVSS8.2AI score0.28441EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/11/30 12:0 a.m.49 views

KLA11151 Denial of service vulnerabilities in Wireshark

Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via injecting a malformed packet. Technical details This vulnerabilities related to next services: 1. NetBIOS dissector; 2. IWARPMPA dissector; 3. CIP...

7.5CVSS8AI score0.16786EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2017/11/29 12:0 a.m.395 views

KLA11150 Multiple vulnerabilities in Mozilla Firefox

Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information. 1. A vulnerability in IndexedDB component can be exploited remotelly to obtain sensitive information; 2. A rendering of external SVG images and anchor...

7.5CVSS7.7AI score0.02989EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/11/23 12:0 a.m.51 views

KLA11145 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or bypass security restrictions. 1. A use-after-free vulnerability can be exploited remotely to cause denial of service; 2....

10CVSS10AI score0.07439EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/11/20 12:0 a.m.41 views

KLA11148 Multiple vulnerabilities in Apache OpenOffice

Multiple serious vulnerabilities have been found in Apache OpenOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensetive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in embedded object rendering process ca...

7.8CVSS7.4AI score0.03122EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/11/17 12:0 a.m.41 views

KLA11144 ACE vulnerability in Python

A heap-based buffer overflow vulnerability was found in Python 2.7. By exploiting this vulnerability malicious users possibly can execute arbitrary code. This vulnerability can be exploited remotely via an integer overflow in the PyStringDecodeEscape function in stringobject.c. Original advisorie...

9.8CVSS7.4AI score0.07944EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/11/16 12:0 a.m.51 views

KLA11143 Multiple vulnerabilities in VMware Workstation, Fusion and Horizon View Client

Multiple serious vulnerabilities have been found in VMware Workstation, Fusion and Horizon View Client. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities: 1. A heap...

8.8CVSS8.5AI score0.0134EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/11/16 12:0 a.m.64 views

KLA11133 Multiple vulnerabilities in Microsoft Development Tools

Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in ASP.NET Core can be...

8.8CVSS8.7AI score0.10485EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.53 views

KLA10916 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in ASP.NET Core ca...

8.8CVSS8.8AI score0.10485EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.40 views

KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information...

9.3CVSS9.2AI score0.47913EPSS
Exploits7References40
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.150 views

KLA11136 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...

9.3CVSS7.3AI score0.10975EPSS
Exploits11References30
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.362 views

KLA11139 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and privilege escalations. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an incorre...

9.3CVSS9AI score0.99945EPSS
Exploits33References40
Total number of security vulnerabilities3996