Lucene search
K
KasperskyRecent

3996 matches found

Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.88 views

KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

10CVSS9AI score0.90026EPSS
Exploits93References88
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.64 views

KLA11042 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11041. Original advisories ADV170007 Related products Adobe-Flash CVE list KB list 4022730 Solution Install necessary updates from the KB section, that are listed in your Windows...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.116 views

KLA11049 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper validating of input before loading...

9.3CVSS9.3AI score0.39019EPSS
Exploits21References98
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.247 views

KLA11048 Multiple vulnerabilities in Windows Kernel

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploited locally v...

7.8CVSS6.9AI score0.0511EPSS
Exploits41References64
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.121 views

KLA11046 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerabili...

10CVSS8.9AI score0.90026EPSS
Exploits50References72
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.62 views

KLA11051 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause a denial of service, obtain sensitive information and possibly to write local files. Below is a complete list of...

7.3CVSS7.1AI score0.03251EPSS
Exploits1References25
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.47 views

KLA11041 Arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. 1. A use-after-free vulnerability related to manipulating the ActionScript 2 XML class can be exploited remotely to execute arbitrary code; 2. A...

10CVSS10AI score0.30886EPSS
Exploits3References6
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.262 views

KLA11045 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an...

7.6CVSS8.4AI score0.67587EPSS
Exploits9References55
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.198 views

KLA11053 XSS vulnerabilities in Microsoft Sharepoint

Multiple serious vulnerabilities have been found in Microsoft Sharepoint. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper sanitizing of user web requests can be exploited remotely vi...

6.1CVSS7.2AI score0.03263EPSS
Exploits1References7
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.70 views

KLA11043 Arbitrary code execution vulnerability in Adobe Shockwave Player

A memory corruption vulnerability was found in Adobe Shockwave Player versions earlier than 12.2.9.199. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Adobe Security Bulletin Related products Adobe-Shockwave-Player CVE list CVE-2017-3086 critical...

10CVSS10AI score0.06875EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.62 views

KLA11052 Multiple vulnerabilities in Windows Uniscribe

Multiple serious vulnerabilities have been found in Microsoft Windows Uniscribe. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploited...

9.3CVSS8.4AI score0.19889EPSS
Exploits0References13
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.2392 views

KLA11047 Multiple vulnerabilities in Microsoft Development Tools

Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Original advisories - Exploitation Public exploits exist for this vulnerability. Malware exists for this...

9.3CVSS9.7AI score0.39019EPSS
Exploits2References11
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.661 views

KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service, read and write local files, spoof user interface and bypass security restrictions. Below is a complete list of...

9.8CVSS10AI score0.05216EPSS
Exploits14References5
Kaspersky
Kaspersky
added 2017/06/05 12:0 a.m.104 views

KLA11035 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome versions earlier than 59.0.3071.86. Malicious users can exploit these vulnerabilities possibly to cause a denial of service, execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete...

8.8CVSS9.7AI score0.31212EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/06/05 12:0 a.m.130 views

KLA11040 Elevation of privilege vulnerability in Microsoft Windows

An improper handling of objects in memory in Windows kernel-mode driver was found in Microsoft Windows. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed application by a malicious user who has logged on to...

7.8CVSS7.9AI score0.01004EPSS
Exploits0References8
Kaspersky
Kaspersky
added 2017/06/02 12:0 a.m.51 views

KLA11034 Multiple vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities possibly to cause a denial of service. Below is a complete list of vulnerabilities: 1. An improper handling of dividing by zero in the L2CAP dissector can be exploited remotely via a...

7.8CVSS8.4AI score0.14207EPSS
Exploits4References14
Kaspersky
Kaspersky
added 2017/05/29 12:0 a.m.93 views

KLA11032 Denial of service vulnerabilities in VideoLAN VLC media player

Multiple serious vulnerabilities have been found in VideoLAN VLC media player. Malicious users can exploit these vulnerabilities to cause a denial of service or possibly have another unspecified impact. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in...

7.8CVSS8.3AI score0.03284EPSS
Exploits2References3
Kaspersky
Kaspersky
added 2017/05/29 12:0 a.m.88 views

KLA11033 Denial of service vulnerability in RealPlayer

A divide-by-zero vulnerability was found in the RealPlayer. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed MP4 file. Original advisories Divided RealPlayer 16.0.2.32 RealPlayer Homepage Related...

5.5CVSS5.7AI score0.01731EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/05/25 12:0 a.m.29 views

KLA11840 Multiple vulnerabilities in Microsoft System Center

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Malware Protection Engine can be...

9.3CVSS7.9AI score0.71961EPSS
Exploits4References11
Kaspersky
Kaspersky
added 2017/05/25 12:0 a.m.33 views

KLA11839 Multiple vulnerabilities in Microsoft Exchange Server

Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Malware Protection Engine can ...

9.3CVSS7.9AI score0.71961EPSS
Exploits4References11
Kaspersky
Kaspersky
added 2017/05/23 12:0 a.m.109 views

KLA11023 Multiple vulnerabilities in VideoLAN VLC Media Player

Multiple serious vulnerabilities have been found in VideoLAN VLC Media Player. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap out-of-bound read in CreateHtmlSubtitle and in ParseJSS can...

7.8CVSS7.9AI score0.08765EPSS
Exploits4References6
Kaspersky
Kaspersky
added 2017/05/22 12:0 a.m.85 views

KLA11369 Information disclosure Vulnerability in Evernote

Untrusted search path vulnerability was found in Evernote. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-4900 Related products EverNote CVE list CVE-2016-4900 high Solution Update to the latest version Evernote Impacts ACE Arbitrary...

7.8CVSS8AI score0.01534EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/05/19 12:0 a.m.26 views

KLA11838 ACE vulnerability in Microsoft Browser

A memory corruption vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-0223 Related products Microsoft-Edge CVE list CVE-2017-0223 critical KB list 4016871 Solution Install necessary updates from the...

9.8CVSS9.9AI score0.14682EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/05/18 12:0 a.m.77 views

KLA11019 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware Workstation Pro and VMware Workstation Player. Malicious users can exploit these vulnerabilities to gain privileges and cause a denial of service. Below is a complete list of vulnerabilities: 1. An insecure library loading vulnerability c...

7.8CVSS7.6AI score0.05413EPSS
Exploits13References4
Kaspersky
Kaspersky
added 2017/05/18 12:0 a.m.37 views

KLA11018 Multuple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to execute arbitrary code and cause a denial of service. Below is a complete list of vulnerabilities: 1. A heap-buffer overflow vulnerability can be exploited remotely to execute...

9.8CVSS8.8AI score0.03764EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/05/15 12:0 a.m.59 views

KLA11013 Buffer overflow vulnerability in Apple iTunes

A buffer overflow vulnerability was found in WebKit component of Apple iTunes versions earlier than 12.6.1. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Original advisories Apple...

8.8CVSS9.1AI score0.07655EPSS
Exploits2References3
Kaspersky
Kaspersky
added 2017/05/11 12:0 a.m.49 views

KLA11014 Mupltiple vulnerabilities in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An incorrect check of user privileges in some selectivity estimation...

7.5CVSS7.8AI score0.06331EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.60 views

KLA11008 Arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability related to masking display objects can be exploited remotely to execu...

9.3CVSS9.8AI score0.20353EPSS
Exploits2References6
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.121 views

KLA11011 Security Bypass vulnerability in Microsoft .NET Framework

An incomplete validation of certificates was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via a specially designed certificate, which is marked invalid for a specific use, but sti...

7.5CVSS7.7AI score0.0551EPSS
Exploits0References15
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.152 views

KLA11010 Remote code execution and elevation of privilege vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory in Microsoft Office can be exploited...

9.3CVSS8.5AI score0.80734EPSS
Exploits1References47
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.107 views

KLA11002 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scriptin...

8.8CVSS8.7AI score0.38115EPSS
Exploits2References35
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.56 views

KLA11022 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11008. Original advisories ADV170006 Related products Microsoft-Windows CVE list KB list 4020821 Solution Install necessary updates from the KB section, that are listed in your Windo...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.104 views

KLA11012 Remote code execution vulnerability in the Microsoft Malware Protection Engine

An improper way of scanning files was found in the Microsoft Malware Protection. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Technical details To exploit this vulnerability, a malformed fi...

9.3CVSS8.1AI score0.77207EPSS
Exploits5References7
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.79 views

KLA11077 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of...

9.3CVSS9.5AI score0.84138EPSS
Exploits22References54
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.68 views

KLA11029 Multiple vulnerabilities in the Microsoft Malware Protection Engine

Multiple serious vulnerabilities have been found in Microsoft Malware Protection Engine. Malicious users can exploit these vulnerabilities to cause a denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper...

9.3CVSS7.8AI score0.71961EPSS
Exploits4References23
Kaspersky
Kaspersky
added 2017/05/09 12:0 a.m.259 views

KLA11009 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

9.3CVSS9.2AI score0.84138EPSS
Exploits22References50
Kaspersky
Kaspersky
added 2017/05/08 12:0 a.m.47 views

KLA11836 ACE vulnerability in Microsoft System Center

A remote code exectution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-0290 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...

9.3CVSS8.2AI score0.77207EPSS
Exploits5References4
Kaspersky
Kaspersky
added 2017/05/05 12:0 a.m.60 views

KLA11001 Use-after-free vulnerability in Mozilla Firefox and Mozilla Firefox ESR

Use-after-free vulnerability was found in Mozilla Firefox and Mozilla Firefox ESR. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a Buffer11 API calls within the ANGLE graphics library, used for WebGL content...

8.8CVSS8.6AI score0.01353EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/05/05 12:0 a.m.43 views

KLA11031 Multiple vulnerabilities in Foxit Reader

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit Phantom PDF. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper parsi...

8.8CVSS9.4AI score0.04079EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/05/02 12:0 a.m.49 views

KLA11015 Race condition vulnerability in Google Chrome

A race condition vulnerability was found in the WebRTC component of Google Chrome earlier than 58.0.3029.96. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely. Technical details Vulnerability was found in framebuffer2.cc NB:...

7.5CVSS8.6AI score0.01019EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/04/30 12:0 a.m.51 views

KLA11017 A buffer overflow vulnerability in LibreOffice

An out-of-bounds write vulnerability was found in LibreOffice. By exploiting this vulnerability malicious users can possibly cause a denial of service or obtain sensitive information. This vulnerability can be exploited remotely. Technical details This vulnerability is related to the ReadJPEG...

9.8CVSS7.5AI score0.02093EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/04/30 12:0 a.m.36 views

KLA11016 Denial of service vulnerability in IrfanView

An improper processing of .FPX FlashPix files was found in IrfanView 4.44 32-bit with FPX Plugin before 4.45. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed .FPX file. Original advisories...

7.8CVSS7.6AI score0.01639EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/04/30 12:0 a.m.47 views

KLA11007 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, read and write local files. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerabilit...

9.8CVSS10AI score0.18756EPSS
Exploits24References4
Kaspersky
Kaspersky
added 2017/04/24 12:0 a.m.117 views

KLA11028 A read/write local files vulnerability in Oracle VM Virtual Box

An unspecified vulnerability was found in Oracle VM VirtualBox. By exploiting this vulnerability low priveleged malicious users with logon to the infrastructure, where OracleVM VirtualBox is executed, can write to some of Oracle VM VirtualBox accessible data and read a subset of Oracle VM...

7.5CVSS7.3AI score0.00353EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/04/24 12:0 a.m.80 views

KLA11027 Multiple vulnerabilities in Oracle VM VirtualBox

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause a denial of service, read and write accesible data and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple unspecifie...

8.8CVSS7.7AI score0.02912EPSS
Exploits10References3
Kaspersky
Kaspersky
added 2017/04/24 12:0 a.m.280 views

KLA11006 Multiple vulnerabilities in Oracle Java SE

Multiple serious vulnerabilities have been found in Oracle Java SE components. Malicious users can exploit these vulnerabilities possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in subcomponent JCE Java Cryptography Extension c...

8.3CVSS8.4AI score0.028EPSS
Exploits2References5
Kaspersky
Kaspersky
added 2017/04/24 12:0 a.m.168 views

KLA11005 Multiple vulnerabilities in Oracle Java SE

Multiple serious vulnerabilities have been found in Oracle Java SE components. Malicious users can exploit these vulnerabilities to cause a denial of service, read and write local files and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified...

8.3CVSS7.8AI score0.03311EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/04/19 12:0 a.m.45 views

KLA11000 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome earlier than 58.0.3029.81. Malicious users can exploit these vulnerabilities to execute arbitrary code and spoof user interface. Below is a complete list of vulnerabilities: 1. Type confusion in the PDFium component can be exploite...

8.8CVSS9.4AI score0.03362EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/04/19 12:0 a.m.182 views

KLA11004 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass...

9.8CVSS10AI score0.18756EPSS
Exploits29References7
Kaspersky
Kaspersky
added 2017/04/18 12:0 a.m.38 views

KLA11128 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect assumption about block structure in Blink can be exploited remote...

9.6CVSS10AI score0.02557EPSS
Exploits0References4
Total number of security vulnerabilities3996