3996 matches found
KLA11097 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability in PDFium ca...
KLA11095 Denial of service vulnerability in Wireshark
A buffer overflow vulnerability was found in the Profinet I/O dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a...
KLA11094 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. Buffer overflow vulnerability in the IrCOMM dissector can be exploited remotely via a specially designed...
KLA11096 Denial of service vulnerability in Wireshark
An unspecified vulnerability was found in Modbus dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to read a...
KLA11090 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Thunderbird. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions execute arbitrary code, obtain sensitive information and spoof user interface. Below is a complete list of vulnerabilities:...
KLA11093 Arbitrary code execution vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user-supplied data in the saveAs Java script function can b...
KLA11123 PE vulnerability in Xamarin.iOS
A serious vulnerability in the Xamarin.iOS can be exploited locally to gain privileges. Technical details To exploit this vulnerability, an attacker would have to log on to an affected system and create a folder at a particular location. which could be used by another process running with elevate...
KLA11092 Denial of service vulnerability in PostgreSQL
A missing permssion check in the loput function was found in PostgreSQL. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely by overwriting contents of the entire large object. Original advisories PostgreSQL Security Update...
KLA11091 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of empty passwords in libpq can be exploited...
KLA11848 RCE vulnerability in Microsoft Browser
Remote code execution vulnerability was found in Microsoft ChakraCore. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-8658 Related products ChakraCore CVE list CVE-2017-8658 unknown KB list Solution Install necessary updates from the KB...
KLA11089 XSS vulnerability in Microsoft Sharepoint Server
An XSS cross-site scripting vulnerability related to an improper sanitizing of web requests was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can spoof user interaface. This vulnerability can be exploited remotely via a specially designed web request...
KLA11087 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
KLA11086 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability related to reading a JPE...
KLA11847 Microsoft Advisory for Adobe Flash
Original advisories ADV170010 APSB17-23 Related products Adobe-Flash CVE list KB list 4034662 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update usually can be accessed from the Control Panel Affected Products - Adobe Flash Player earlier...
KLA11085 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player versions earlier than 26.0.0.151. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability...
KLA11083 Information Disclosure vulnerability in Microsoft SQL Server
An incorrect enforcement of permissions was found in Microsoft SQL Server Analysis Services. By exploiting this vulnerability malicious users can obtain sensitive information. Technical details This vulnerability can be exploited in case an affected SQL server database can be accessed using the...
KLA11846 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of...
KLA11084 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code and obtain sensitive information. Below is a complete list of...
KLA11088 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11085. Original advisories ADV170010 Related products Microsoft-Windows CVE list KB list 4034662 Solution Install necessary updates from the KB section, that are listed in your Windo...
KLA11082 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, privilege escalation, spoof user interface, bypass security restrictions, obtain sensitive information and execute arbitrary code. Below is...
KLA11081 Arbitrary code execution vulnerability in Microsoft Edge
An improper access to objects in memory was found in Microsoft Edge. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website. NB: Not every vulnerability already has CVSS rating so cumulative CVSS...
KLA11080 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of input in...
KLA11129 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service, bypass security restrictions, spoof user interface, execute arbitrary code, escalate privileges, obtain sensitive information and perform cross-site...
KLA11079 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface and obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use-after-free in IndexedDB can be exploited...
KLA11076 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to gain privileges, read and write accessible data and cause a denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the 2D subcompone...
KLA11075 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An access issue can be exploited remotely to execute arbitrary code with...
KLA11073 Denial of service vulnerability in Wireshark
A large loop vulnerability was found in the GPRS LLC dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to re...
KLA11072 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. Multiple unspecified vulnerabilities in the AMQP and MQ dissectors can be exploited remotely via a special...
KLA11074 Multiple vulnerabilities in Oracle VM VirtualBox
Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to to cause a denial of service, read and write accesible data and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple...
KLA11154 Multiple vulnerabilities in Microsoft Windows, Forefront Endpoint Protection and Exchange Server
Multiple vulnerabilities were found in Microsoft Systems. alicious users can exploit these vulnerabilities to execute arbitrary code. An error of scanning specially crafted file can be exploited remotely to execute arbitrary code. Technical details Vulnerabilities is affected Windows Defender for...
KLA11066 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player versions earlier than 26.0.0.137. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability ...
KLA11070 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Edge and Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper...
KLA11067 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An informati...
KLA11900 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of...
KLA11071 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11066. Original advisories ADV170009 Related products Microsoft-Windows CVE list KB list 4025376 Solution Install necessary updates from the KB section, that are listed in your Windo...
KLA11068 Denial of Service Vulnerability in Microsoft .NET Framework
An improper handling of web requests has been found in Microsoft Common Object Runtime Library. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited by issuing specially designed requests to the .NET web application. Original advisori...
KLA11845 Multiple vulnerabilities in Microsoft Exchange Server
Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in Microsoft Exchange can be exploited remotely via specially...
KLA11069 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges and spoof user interface. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to improper handling of...
KLA11062 Arbitrary code execution vulnerability in Notepad++
An unspecified vulnerability was found in Notepad++ 7.3.3 with Hex Editor Plugin v0.9.5. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file or an untrusted specially designed file from a remote...
KLA11065 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability in the...
KLA11901 OSI vulnerability in Microsoft Products (ESU)
An information disclosure vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2017-8554 Related products Microsoft-Windows Microsoft-Windows-Server...
KLA11844 OSI vulnerability in Microsoft Windows
An information disclosure vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2017-8554 Related products Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7...
KLA11375 ACE vulnerability in Microsoft Skype
Stack buffer overflow vulnerability was found in Microsoft. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Microsoft Skype v7.3.6 – Stack Overflow Vulnerability Related products Skype-for-Windows CVE list CVE-2017-9948 high Solution Update to the...
KLA11057 Arbitrary code execution vulnerability in Microsoft Malware Protection Engine
An improper scanning of specially designed files was found in Microsoft Malware Protection Engine in Microsoft Windows. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely by putting a specially designed file to a directory...
KLA11843 ACE vulnerability in Microsoft System Center
A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-8558 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...
KLA11841 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in DirectX can be exploited remotely via specially...
KLA11054 Multiple vulnerabities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome versions earlier than 59.0.3071.104. Malicious users can exploit these vulnerabilities to spoof domain and possibly to cause a denial of service, bypass security restrictions or obtain sensitive information. Below is a complete lis...
KLA11056 Multiple arbitrary code execution vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows XP and Microsoft Windows Server 2003. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user input in Windows OLE can be...
KLA11063 Denial of service vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark version 2.2.7. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. A stack exhaustion vulnerability in the DAAP dissector can be exploited remotely via a...
KLA11050 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Thunderbird. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, bypass security protections and run arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability...