3965 matches found
KLA11857 ACE vulnerability in Microsoft System Center
A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11940 Related products Microsoft-System-Center-Virtual-Machine-Manager Microsoft-Forefront-Protection...
KLA11153 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service and obtain sensitive information. 1. A buffer overflow vulnerability in Direct 3D 9 component can be exploited remotely to cause denial of service; 2. ...
KLA11856 ACE vulnerability in Microsoft Exchange Server
A remote code execution vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11940 Related products Microsoft-Exchange-Server CVE list CVE-2017-11940 critical KB list Solution Install necessary...
KLA11152 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, spoof user interface, bypass security restrictions and possibly to execute arbitrary code. Below is a complete list of...
KLA11364 OSI vulnerability in KeePass
Unspecified vulnerability was found in KeePass. Malicious users can exploit this vulnerability remotely via inadvertently decrypting certain database entries into memory to obtain sensetive information. Original advisories - Related products KeePass-Password-Safe CVE list CVE-2017-1000066 warning...
KLA11854 ACE vulnerability in Microsoft System Center
A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11937 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details...
KLA11853 ACE vulnerability in Microsoft Exchange Server
A remote code execution vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11937 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More detail...
KLA11279 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in APNs Server can be exploited remotely to...
KLA11151 Denial of service vulnerabilities in Wireshark
Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via injecting a malformed packet. Technical details This vulnerabilities related to next services: 1. NetBIOS dissector; 2. IWARPMPA dissector; 3. CIP...
KLA11150 Multiple vulnerabilities in Mozilla Firefox
Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information. 1. A vulnerability in IndexedDB component can be exploited remotelly to obtain sensitive information; 2. A rendering of external SVG images and anchor...
KLA11145 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or bypass security restrictions. 1. A use-after-free vulnerability can be exploited remotely to cause denial of service; 2....
KLA11148 Multiple vulnerabilities in Apache OpenOffice
Multiple serious vulnerabilities have been found in Apache OpenOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensetive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in embedded object rendering process ca...
KLA11144 ACE vulnerability in Python
A heap-based buffer overflow vulnerability was found in Python 2.7. By exploiting this vulnerability malicious users possibly can execute arbitrary code. This vulnerability can be exploited remotely via an integer overflow in the PyStringDecodeEscape function in stringobject.c. Original advisorie...
KLA11133 Multiple vulnerabilities in Microsoft Development Tools
Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in ASP.NET Core can be...
KLA11143 Multiple vulnerabilities in VMware Workstation, Fusion and Horizon View Client
Multiple serious vulnerabilities have been found in VMware Workstation, Fusion and Horizon View Client. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities: 1. A heap...
KLA11137 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel...
KLA11140 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Edge and Internet Explorer. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information. Original advisories CVE-2017-11791 CVE-2017-11803 CVE-2017-11827...
KLA11136 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...
KLA11138 Multiple vulnerabilities in Adobe Acrobat&Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service or bypass security restrictions. Original advisories Adobe Security Bulletin...
KLA10916 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in ASP.NET Core ca...
KLA11134 ACE vulnerability in Adobe Shockwave Player
A memory corruption vulnerability was found in Adobe Shockwave Player versions earlier than 12.3.1.201. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Security update available for Shockwave Player | APSB17-40 Related products Adobe-Shockwave-Play...
KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information...
KLA11139 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and privilege escalations. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an incorre...
KLA11135 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, perform cross-site scripting, gain privileges and execute arbitrary code. 1. A...
KLA11141 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA11137. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...
KLA11142 DoS and OSI vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware vCenter Server and vSphere Web Client. Malicious users can exploit these vulnerabilities to cause denial of service or disclose sensetive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in VMware...
KLA11147 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Vulnerabilities in core server and contrib module components can be exploit remotely to gain privileges. Original advisories Security Information Exploitation Public exploits exist for this vulnerability. Related products PostgreSQL...
KLA11132 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service and to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Stack buffer overflow in QUIC can be exploited remotely by an...
KLA11162 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in the tile index member of SOT marke...
KLA11146 Multiple vulnerabilities in Apple Safari
Multiple serious vulnerabilities have been found in Apple Safari. Vulnerabilities in the WebKit componenent can be exploited remotely via crafted web site to execute arbitrary code. Original advisories About the security content of Safari 11.0.1 Exploitation Public exploits exist for this...
KLA11276 Multiple vulnerabilities in Apple iTunes
Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting this vulnerability malicious users can execute arbitrary code and cause denial of service. This vulnerability can be exploited remotely via a specially crafted webpage. Original advisories About the security...
KLA11130 Denial of service vulnerability in Google Chrome
An unspecified vulnerability in the V8 component that allows the stack-based buffer to overflow stack buffer overflow. This vulnerability can be exploited remotely by an unauthenticated attacker to execute arbitrary code and to cause denial of service; Technical details NB: This vulnerability doe...
KLA11126 Multiple vulnerabilities in Apple Safari
Multiple serious vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to cause denial of service, perform cross-site scripting, bypass security restrictions, obtain sensitive information oe execute arbitrary code. Below is complete list of...
KLA11205 Multiple vulnerabilities in IrfanView
Multiple serious vulnerabilities have been found in IrfanView 4.50. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. A buffer overflow vulnerability can be exploited locally via a specially...
KLA11124 Multiple vulnerabilities in Oracle Virtual Box
Multiple serious vulnerabilities have been found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and obtain sensitive information. Original advisories Oracle Critical Patch Update Advisory Related products...
KLA11131 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Adobe Flash Player. For details look at KLA11121. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or instant message from...
KLA11122 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in subcomponent Smart Card IO can be...
KLA11121 ACE vulnerability in Adobe Flash Player
A remote code execution vulnerability was found in Adobe Flash Player. This vulnerability can be exploited via a specially designed MS Office document to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest...
KLA11117 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions, to spoof user interface, execute arbitrary code and perform cross-site scripting attack. Below is a complete list of...
KLA11852 Security UI vulnerability in Microsoft Products (ESU)
A spoofing vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2017-13080 Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-Server-2012 Microsoft-Windows-...
KLA11851 Security UI vulnerability in Microsoft Windows
A spoofing vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2017-13080 Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7...
KLA11274 Adobe Acrobat XI and Adobe Reader XI end of life
Adobe announced the end of support of Adobe Acrobat XI and Adobe Reader XI. Users should immediately make transition to Adobe Acrobat DC and Adobe Acrobat Reader DC. Original advisories Adobe Acrobat XI and Adobe Reader XI End of Support Related products Adobe-Reader-XI Adobe-Acrobat-XI CVE list...
KLA11064 Multiple vulnerabilities in IrfanView
Multiple serious vulnerabilities have been found in IrfanView 4.44. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An integer overflow vulnerability in the JPEG 2000 parser can be exploited...
KLA11113 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information perform cross-site scripting and privilege escalations Below is a complete list of vulnerabilities: 1. Multiple...
KLA11850 Microsoft Advisory for Microsoft Device
This advisory addresses CVE-2017-15361. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key strength. This is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. Original advisories ADV1700...
KLA11120 DoS vulnerability in Wireshark 2.0.x
A string validation error was found in DMP dissector in Wireshark 2.0.x. This vulnerability can be exploited remotely via a malformed packet to cause a denial of service. Original advisories CVE-2017-15191 Related products Wireshark CVE list CVE-2017-15191 warning Solution Update to the latest...
KLA11114 Multiple vulnerabilities in Wireshark 2.4.x
Multiple serious vulnerabilities have been found in Wireshark 2.4.x. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An infinite loop in the DOCSIS dissector can be exploited remotely via a malformed packet to cause a...
KLA11119 Multiple vulnerabilities in Wireshark 2.2.x
Multiple serious vulnerabilities have been found in Wireshark 2.2.x. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. A string validation error in DMP dissector can be exploited remotely via a malformed packet to cause...
KLA11108 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. Unspecified...
KLA11112 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via...