3965 matches found
KLA11111 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...
KLA11116 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting and execute arbitrary code. Below is a complete list of vulnerabilities: 1. A...
KLA11109 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, obtain sensitive information and perform cross-site scripting. Below is complete list of...
KLA11127 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes for Windows. These vulnerabilities have been found in WebKit component and can be exploited remotely to execute arbitrary code, perform cross-site scripting, bypass security restrictions and obtain sensitive information. NB: Not eve...
KLA11115 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities was found in Foxit Reader 8.3.2.25013. This vulnerability can be exploited locally via a specially designed .pdf file to cause denial of service, execute arbitrary code or obtain sensetive informatoin. 1. Type confusion vulnerabilities can be exploited remotely file...
KLA11118 ACE vulnerability in Apache Tomcat
An remote code-execution vulnerability was found in Apache Tomcat. These vulnerability can be exploited remotely via a specially designed HTTP request. By exploiting these vulnerability malicious users can remotely execute arbitrary code in the context of the affected application. Technical detai...
KLA11107 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. 1. Out-of-bounds read vulnerability in V8 can be exploited remotely to cause denial of service; 2. Out-of-bounds read...
KLA11106 Multiple vulnerabilities in Apache Tomcat
Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A vulnerability related to VirtualDirConte...
KLA11105 A vulnerability in CCleaner and CCleaner Cloud
A vulnerability was found in CCleaner and CCleaner Cloud. This vulnerability can be exploited remotely to obtain sensitive information or execute arbitrary code. Technical details An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of...
KLA11849 ACE vulnerability in Microsoft Developer Tools
A memory corruption vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11767 Related products ChakraCore CVE list CVE-2017-11767 critical KB list Solution Install necessary updates from the K...
KLA11110 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, privelege escalation, cross site scripting and arbitary code execution. Below is a complete list of vulnerabilities : 1. Out-of-bounds write...
KLA11099 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...
KLA11100 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper...
KLA11101 Arbitrary code execution vulnerability in Microsoft .NET Framework
An improper validation of untrusted input was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document or application. Technical details NB: This vulnerability doe...
KLA11103 Multiple arbitrary code execution vulnerabilities in Adobe Flash Player
Multiple serious memory corruption vulnerabilities have been found in Adobe Flash Player versions earlier than 27.0.0.130. Malicious users can exploit these vulnerabilities to execute arbitrary code. NB: These vulnerabilities does not have any public CVSS ratings, so overall rating can be changed...
KLA11098 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Edge and Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of...
KLA11102 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An incorrect parsing of Calendar-related messages can be exploited ...
KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information...
KLA11104 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11103. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe Flash...
KLA11097 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability in PDFium ca...
KLA11094 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. Buffer overflow vulnerability in the IrCOMM dissector can be exploited remotely via a specially designed...
KLA11095 Denial of service vulnerability in Wireshark
A buffer overflow vulnerability was found in the Profinet I/O dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a...
KLA11096 Denial of service vulnerability in Wireshark
An unspecified vulnerability was found in Modbus dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to read a...
KLA11090 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Thunderbird. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions execute arbitrary code, obtain sensitive information and spoof user interface. Below is a complete list of vulnerabilities:...
KLA11093 Arbitrary code execution vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user-supplied data in the saveAs Java script function can b...
KLA11123 PE vulnerability in Xamarin.iOS
A serious vulnerability in the Xamarin.iOS can be exploited locally to gain privileges. Technical details To exploit this vulnerability, an attacker would have to log on to an affected system and create a folder at a particular location. which could be used by another process running with elevate...
KLA11848 RCE vulnerability in Microsoft Browser
Remote code execution vulnerability was found in Microsoft ChakraCore. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-8658 Related products ChakraCore CVE list CVE-2017-8658 unknown KB list Solution Install necessary updates from the KB...
KLA11092 Denial of service vulnerability in PostgreSQL
A missing permssion check in the loput function was found in PostgreSQL. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely by overwriting contents of the entire large object. Original advisories PostgreSQL Security Update...
KLA11091 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of empty passwords in libpq can be exploited...
KLA11084 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code and obtain sensitive information. Below is a complete list of...
KLA11087 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11088 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11085. Original advisories ADV170010 Related products Microsoft-Windows CVE list KB list 4034662 Solution Install necessary updates from the KB section, that are listed in your Windo...
KLA11847 Microsoft Advisory for Adobe Flash
Original advisories ADV170010 APSB17-23 Related products Adobe-Flash CVE list KB list 4034662 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update usually can be accessed from the Control Panel Affected Products - Adobe Flash Player earlier...
KLA11085 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player versions earlier than 26.0.0.151. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability...
KLA11846 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of...
KLA11089 XSS vulnerability in Microsoft Sharepoint Server
An XSS cross-site scripting vulnerability related to an improper sanitizing of web requests was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can spoof user interaface. This vulnerability can be exploited remotely via a specially designed web request...
KLA11083 Information Disclosure vulnerability in Microsoft SQL Server
An incorrect enforcement of permissions was found in Microsoft SQL Server Analysis Services. By exploiting this vulnerability malicious users can obtain sensitive information. Technical details This vulnerability can be exploited in case an affected SQL server database can be accessed using the...
KLA11082 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, privilege escalation, spoof user interface, bypass security restrictions, obtain sensitive information and execute arbitrary code. Below is...
KLA11086 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability related to reading a JPE...
KLA11081 Arbitrary code execution vulnerability in Microsoft Edge
An improper access to objects in memory was found in Microsoft Edge. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website. NB: Not every vulnerability already has CVSS rating so cumulative CVSS...
KLA11080 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of input in...
KLA11079 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use-after-free in IndexedDB can be exploited...
KLA11129 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions, spoof user interface, execute arbitrary code, escalate privileges, obtain sensitive information and perform cross-site...
KLA11076 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to gain privileges, read and write accessible data and cause a denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the 2D subcompone...
KLA11075 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An access issue can be exploited remotely to execute arbitrary code with...
KLA11073 Denial of service vulnerability in Wireshark
A large loop vulnerability was found in the GPRS LLC dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to re...
KLA11072 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. Multiple unspecified vulnerabilities in the AMQP and MQ dissectors can be exploited remotely via a special...
KLA11074 Multiple vulnerabilities in Oracle VM VirtualBox
Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to to cause a denial of service, read and write accesible data and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple...
KLA11154 Multiple vulnerabilities in Microsoft Windows, Forefront Endpoint Protection and Exchange Server
Multiple vulnerabilities were found in Microsoft Systems. alicious users can exploit these vulnerabilities to execute arbitrary code. An error of scanning specially crafted file can be exploited remotely to execute arbitrary code. Technical details Vulnerabilities is affected Windows Defender for...
KLA11069 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges and spoof user interface. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to improper handling of...