Lucene search
K
KasperskyRecent

3996 matches found

Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.78 views

KLA11140 Multiple vulnerabilities in Microsoft Edge and Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Edge and Internet Explorer. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information. Original advisories CVE-2017-11791 CVE-2017-11803 CVE-2017-11827...

9.3CVSS8.5AI score0.69802EPSS
Exploits24References42
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.32 views

KLA11134 ACE vulnerability in Adobe Shockwave Player

A memory corruption vulnerability was found in Adobe Shockwave Player versions earlier than 12.3.1.201. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Security update available for Shockwave Player | APSB17-40 Related products Adobe-Shockwave-Play...

10CVSS10AI score0.08841EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.47 views

KLA11141 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA11137. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.388 views

KLA11137 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel...

10CVSS10AI score0.06518EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.258 views

KLA11135 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, perform cross-site scripting, gain privileges and execute arbitrary code. 1. A...

10CVSS10AI score0.07439EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.1790 views

KLA11138 Multiple vulnerabilities in Adobe Acrobat&Reader

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service or bypass security restrictions. Original advisories Adobe Security Bulletin...

10CVSS9.7AI score0.1692EPSS
Exploits0References13
Kaspersky
Kaspersky
added 2017/11/09 12:0 a.m.52 views

KLA11142 DoS and OSI vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware vCenter Server and vSphere Web Client. Malicious users can exploit these vulnerabilities to cause denial of service or disclose sensetive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in VMware...

7.5CVSS8.2AI score0.02316EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/11/09 12:0 a.m.66 views

KLA11147 Multiple vulnerabilities in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Vulnerabilities in core server and contrib module components can be exploit remotely to gain privileges. Original advisories Security Information Exploitation Public exploits exist for this vulnerability. Related products PostgreSQL...

8.1CVSS8AI score0.06324EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/11/07 12:0 a.m.125 views

KLA11132 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service and to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Stack buffer overflow in QUIC can be exploited remotely by an...

9.8CVSS10AI score0.04889EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/11/01 12:0 a.m.71 views

KLA11162 Multiple vulnerabilities in Foxit Reader

Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in the tile index member of SOT marke...

8.8CVSS9.2AI score0.03014EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/10/31 12:0 a.m.95 views

KLA11146 Multiple vulnerabilities in Apple Safari

Multiple serious vulnerabilities have been found in Apple Safari. Vulnerabilities in the WebKit componenent can be exploited remotely via crafted web site to execute arbitrary code. Original advisories About the security content of Safari 11.0.1 Exploitation Public exploits exist for this...

8.8CVSS9.7AI score0.06712EPSS
Exploits44References4
Kaspersky
Kaspersky
added 2017/10/31 12:0 a.m.41 views

KLA11276 Multiple vulnerabilities in Apple iTunes

Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting this vulnerability malicious users can execute arbitrary code and cause denial of service. This vulnerability can be exploited remotely via a specially crafted webpage. Original advisories About the security...

8.8CVSS9.7AI score0.06712EPSS
Exploits40References4
Kaspersky
Kaspersky
added 2017/10/27 12:0 a.m.68 views

KLA11130 Denial of service vulnerability in Google Chrome

An unspecified vulnerability in the V8 component that allows the stack-based buffer to overflow stack buffer overflow. This vulnerability can be exploited remotely by an unauthenticated attacker to execute arbitrary code and to cause denial of service; Technical details NB: This vulnerability doe...

8.8CVSS8.5AI score0.02203EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/10/23 12:0 a.m.48 views

KLA11126 Multiple vulnerabilities in Apple Safari

Multiple serious vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to cause denial of service, perform cross-site scripting, bypass security restrictions, obtain sensitive information oe execute arbitrary code. Below is complete list of...

8.8CVSS9.3AI score0.10151EPSS
Exploits12References4
Kaspersky
Kaspersky
added 2017/10/22 12:0 a.m.36 views

KLA11205 Multiple vulnerabilities in IrfanView

Multiple serious vulnerabilities have been found in IrfanView 4.50. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. A buffer overflow vulnerability can be exploited locally via a specially...

7.8CVSS8.8AI score0.02457EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2017/10/19 12:0 a.m.102 views

KLA11124 Multiple vulnerabilities in Oracle Virtual Box

Multiple serious vulnerabilities have been found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and obtain sensitive information. Original advisories Oracle Critical Patch Update Advisory Related products...

7.3CVSS7.3AI score0.00358EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/10/17 12:0 a.m.216 views

KLA11121 ACE vulnerability in Adobe Flash Player

A remote code execution vulnerability was found in Adobe Flash Player. This vulnerability can be exploited via a specially designed MS Office document to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest...

8.8CVSS8.8AI score0.12104EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2017/10/17 12:0 a.m.653 views

KLA11117 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions, to spoof user interface, execute arbitrary code and perform cross-site scripting attack. Below is a complete list of...

8.8CVSS9.6AI score0.05245EPSS
Exploits6References4
Kaspersky
Kaspersky
added 2017/10/17 12:0 a.m.87 views

KLA11131 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Adobe Flash Player. For details look at KLA11121. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or instant message from...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/10/17 12:0 a.m.2227 views

KLA11122 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in subcomponent Smart Card IO can be...

9.6CVSS8.5AI score0.16181EPSS
Exploits8References7
Kaspersky
Kaspersky
added 2017/10/16 12:0 a.m.45 views

KLA11852 Security UI vulnerability in Microsoft Products (ESU)

A spoofing vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2017-13080 Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-Server-2012 Microsoft-Windows-...

5.3CVSS7.4AI score0.02285EPSS
Exploits0References13
Kaspersky
Kaspersky
added 2017/10/16 12:0 a.m.57 views

KLA11851 Security UI vulnerability in Microsoft Windows

A spoofing vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2017-13080 Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7...

5.3CVSS7.4AI score0.02285EPSS
Exploits0References18
Kaspersky
Kaspersky
added 2017/10/15 12:0 a.m.526 views

KLA11274 Adobe Acrobat XI and Adobe Reader XI end of life

Adobe announced the end of support of Adobe Acrobat XI and Adobe Reader XI. Users should immediately make transition to Adobe Acrobat DC and Adobe Acrobat Reader DC. Original advisories Adobe Acrobat XI and Adobe Reader XI End of Support Related products Adobe-Reader-XI Adobe-Acrobat-XI CVE list...

7.1AI score
Exploits0References4
Kaspersky
Kaspersky
added 2017/10/11 12:0 a.m.130 views

KLA11064 Multiple vulnerabilities in IrfanView

Multiple serious vulnerabilities have been found in IrfanView 4.44. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An integer overflow vulnerability in the JPEG 2000 parser can be exploited...

8.8CVSS9.2AI score0.02831EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.46 views

KLA11850 Microsoft Advisory for Microsoft Device

This advisory addresses CVE-2017-15361. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key strength. This is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. Original advisories ADV1700...

5.9CVSS5.9AI score0.09825EPSS
Exploits0References9
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.416 views

KLA11112 Multiple vulnerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via...

9.3CVSS8.2AI score0.69163EPSS
Exploits20References35
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.54 views

KLA11119 Multiple vulnerabilities in Wireshark 2.2.x

Multiple serious vulnerabilities have been found in Wireshark 2.2.x. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. A string validation error in DMP dissector can be exploited remotely via a malformed packet to cause...

7.8CVSS8.1AI score0.02697EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.51 views

KLA11120 DoS vulnerability in Wireshark 2.0.x

A string validation error was found in DMP dissector in Wireshark 2.0.x. This vulnerability can be exploited remotely via a malformed packet to cause a denial of service. Original advisories CVE-2017-15191 Related products Wireshark CVE list CVE-2017-15191 warning Solution Update to the latest...

7.5CVSS7.5AI score0.02697EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.81 views

KLA11108 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. Unspecified...

10CVSS9.5AI score0.64132EPSS
Exploits13References48
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.192 views

KLA11111 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

10CVSS9.4AI score0.64132EPSS
Exploits14References51
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.43 views

KLA11114 Multiple vulnerabilities in Wireshark 2.4.x

Multiple serious vulnerabilities have been found in Wireshark 2.4.x. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An infinite loop in the DOCSIS dissector can be exploited remotely via a malformed packet to cause a...

7.8CVSS8.3AI score0.02697EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.228 views

KLA11113 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information perform cross-site scripting and privilege escalations Below is a complete list of vulnerabilities: 1. Multiple...

9.3CVSS8.8AI score0.81627EPSS
Exploits5References54
Kaspersky
Kaspersky
added 2017/10/09 12:0 a.m.54 views

KLA11116 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting and execute arbitrary code. Below is a complete list of vulnerabilities: 1. A...

10CVSS10AI score0.03641EPSS
Exploits3References3
Kaspersky
Kaspersky
added 2017/09/28 12:0 a.m.90 views

KLA11109 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, obtain sensitive information and perform cross-site scripting. Below is complete list of...

10CVSS10AI score0.03641EPSS
Exploits13References5
Kaspersky
Kaspersky
added 2017/09/25 12:0 a.m.98 views

KLA11127 Multiple vulnerabilities in Apple iTunes

Multiple serious vulnerabilities have been found in Apple iTunes for Windows. These vulnerabilities have been found in WebKit component and can be exploited remotely to execute arbitrary code, perform cross-site scripting, bypass security restrictions and obtain sensitive information. NB: Not eve...

8.8CVSS8.7AI score0.10151EPSS
Exploits7References3
Kaspersky
Kaspersky
added 2017/09/22 12:0 a.m.46 views

KLA11115 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities was found in Foxit Reader 8.3.2.25013. This vulnerability can be exploited locally via a specially designed .pdf file to cause denial of service, execute arbitrary code or obtain sensetive informatoin. 1. Type confusion vulnerabilities can be exploited remotely file...

7.8CVSS8.8AI score0.07052EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/09/21 12:0 a.m.57 views

KLA11107 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. 1. Out-of-bounds read vulnerability in V8 can be exploited remotely to cause denial of service; 2. Out-of-bounds read...

8.8CVSS9.5AI score0.05288EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/09/21 12:0 a.m.116 views

KLA11118 ACE vulnerability in Apache Tomcat

An remote code-execution vulnerability was found in Apache Tomcat. These vulnerability can be exploited remotely via a specially designed HTTP request. By exploiting these vulnerability malicious users can remotely execute arbitrary code in the context of the affected application. Technical detai...

8.1CVSS8.1AI score0.99988EPSS
Exploits23References7
Kaspersky
Kaspersky
added 2017/09/19 12:0 a.m.92 views

KLA11106 Multiple vulnerabilities in Apache Tomcat

Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A vulnerability related to VirtualDirConte...

8.1CVSS8.5AI score0.99607EPSS
Exploits20References4
Kaspersky
Kaspersky
added 2017/09/18 12:0 a.m.64 views

KLA11105 A vulnerability in CCleaner and CCleaner Cloud

A vulnerability was found in CCleaner and CCleaner Cloud. This vulnerability can be exploited remotely to obtain sensitive information or execute arbitrary code. Technical details An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of...

7.6AI score
Exploits0References3
Kaspersky
Kaspersky
added 2017/09/14 12:0 a.m.33 views

KLA11849 ACE vulnerability in Microsoft Developer Tools

A memory corruption vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-11767 Related products ChakraCore CVE list CVE-2017-11767 critical KB list Solution Install necessary updates from the K...

10CVSS10AI score0.09513EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/09/14 12:0 a.m.42 views

KLA11110 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service, privelege escalation, cross site scripting and arbitary code execution. Below is a complete list of vulnerabilities : 1. Out-of-bounds write...

8.8CVSS7.3AI score0.00777EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.158 views

KLA11098 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Edge and Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of...

9.3CVSS8.4AI score0.72171EPSS
Exploits20References44
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.55 views

KLA11102 Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An incorrect parsing of Calendar-related messages can be exploited ...

6.1CVSS6.5AI score0.06559EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.68 views

KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information...

9.3CVSS8.7AI score0.49765EPSS
Exploits24References53
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.56 views

KLA11104 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11103. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe Flash...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.170 views

KLA11100 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper...

9.3CVSS8.4AI score0.49765EPSS
Exploits2References90
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.40 views

KLA11103 Multiple arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious memory corruption vulnerabilities have been found in Adobe Flash Player versions earlier than 27.0.0.130. Malicious users can exploit these vulnerabilities to execute arbitrary code. NB: These vulnerabilities does not have any public CVSS ratings, so overall rating can be changed...

9.8CVSS10AI score0.34848EPSS
Exploits8References6
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.691 views

KLA11101 Arbitrary code execution vulnerability in Microsoft .NET Framework

An improper validation of untrusted input was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document or application. Technical details NB: This vulnerability doe...

9.3CVSS8.5AI score0.88698EPSS
Exploits14References29
Kaspersky
Kaspersky
added 2017/09/12 12:0 a.m.201 views

KLA11099 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...

9.8CVSS9.7AI score0.49765EPSS
Exploits20References55
Total number of security vulnerabilities3996