3996 matches found
KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
KLA11042 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11041. Original advisories ADV170007 Related products Adobe-Flash CVE list KB list 4022730 Solution Install necessary updates from the KB section, that are listed in your Windows...
KLA11049 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper validating of input before loading...
KLA11048 Multiple vulnerabilities in Windows Kernel
Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploited locally v...
KLA11046 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerabili...
KLA11051 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause a denial of service, obtain sensitive information and possibly to write local files. Below is a complete list of...
KLA11041 Arbitrary code execution vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. 1. A use-after-free vulnerability related to manipulating the ActionScript 2 XML class can be exploited remotely to execute arbitrary code; 2. A...
KLA11045 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an...
KLA11053 XSS vulnerabilities in Microsoft Sharepoint
Multiple serious vulnerabilities have been found in Microsoft Sharepoint. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper sanitizing of user web requests can be exploited remotely vi...
KLA11043 Arbitrary code execution vulnerability in Adobe Shockwave Player
A memory corruption vulnerability was found in Adobe Shockwave Player versions earlier than 12.2.9.199. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Adobe Security Bulletin Related products Adobe-Shockwave-Player CVE list CVE-2017-3086 critical...
KLA11052 Multiple vulnerabilities in Windows Uniscribe
Multiple serious vulnerabilities have been found in Microsoft Windows Uniscribe. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploited...
KLA11047 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Original advisories - Exploitation Public exploits exist for this vulnerability. Malware exists for this...
KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service, read and write local files, spoof user interface and bypass security restrictions. Below is a complete list of...
KLA11035 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome versions earlier than 59.0.3071.86. Malicious users can exploit these vulnerabilities possibly to cause a denial of service, execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete...
KLA11040 Elevation of privilege vulnerability in Microsoft Windows
An improper handling of objects in memory in Windows kernel-mode driver was found in Microsoft Windows. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed application by a malicious user who has logged on to...
KLA11034 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities possibly to cause a denial of service. Below is a complete list of vulnerabilities: 1. An improper handling of dividing by zero in the L2CAP dissector can be exploited remotely via a...
KLA11032 Denial of service vulnerabilities in VideoLAN VLC media player
Multiple serious vulnerabilities have been found in VideoLAN VLC media player. Malicious users can exploit these vulnerabilities to cause a denial of service or possibly have another unspecified impact. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in...
KLA11033 Denial of service vulnerability in RealPlayer
A divide-by-zero vulnerability was found in the RealPlayer. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed MP4 file. Original advisories Divided RealPlayer 16.0.2.32 RealPlayer Homepage Related...
KLA11840 Multiple vulnerabilities in Microsoft System Center
Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Malware Protection Engine can be...
KLA11839 Multiple vulnerabilities in Microsoft Exchange Server
Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Malware Protection Engine can ...
KLA11023 Multiple vulnerabilities in VideoLAN VLC Media Player
Multiple serious vulnerabilities have been found in VideoLAN VLC Media Player. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap out-of-bound read in CreateHtmlSubtitle and in ParseJSS can...
KLA11369 Information disclosure Vulnerability in Evernote
Untrusted search path vulnerability was found in Evernote. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-4900 Related products EverNote CVE list CVE-2016-4900 high Solution Update to the latest version Evernote Impacts ACE Arbitrary...
KLA11838 ACE vulnerability in Microsoft Browser
A memory corruption vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-0223 Related products Microsoft-Edge CVE list CVE-2017-0223 critical KB list 4016871 Solution Install necessary updates from the...
KLA11019 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware Workstation Pro and VMware Workstation Player. Malicious users can exploit these vulnerabilities to gain privileges and cause a denial of service. Below is a complete list of vulnerabilities: 1. An insecure library loading vulnerability c...
KLA11018 Multuple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to execute arbitrary code and cause a denial of service. Below is a complete list of vulnerabilities: 1. A heap-buffer overflow vulnerability can be exploited remotely to execute...
KLA11013 Buffer overflow vulnerability in Apple iTunes
A buffer overflow vulnerability was found in WebKit component of Apple iTunes versions earlier than 12.6.1. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Original advisories Apple...
KLA11014 Mupltiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An incorrect check of user privileges in some selectivity estimation...
KLA11008 Arbitrary code execution vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability related to masking display objects can be exploited remotely to execu...
KLA11011 Security Bypass vulnerability in Microsoft .NET Framework
An incomplete validation of certificates was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via a specially designed certificate, which is marked invalid for a specific use, but sti...
KLA11010 Remote code execution and elevation of privilege vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory in Microsoft Office can be exploited...
KLA11002 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scriptin...
KLA11022 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11008. Original advisories ADV170006 Related products Microsoft-Windows CVE list KB list 4020821 Solution Install necessary updates from the KB section, that are listed in your Windo...
KLA11012 Remote code execution vulnerability in the Microsoft Malware Protection Engine
An improper way of scanning files was found in the Microsoft Malware Protection. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Technical details To exploit this vulnerability, a malformed fi...
KLA11077 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of...
KLA11029 Multiple vulnerabilities in the Microsoft Malware Protection Engine
Multiple serious vulnerabilities have been found in Microsoft Malware Protection Engine. Malicious users can exploit these vulnerabilities to cause a denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper...
KLA11009 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
KLA11836 ACE vulnerability in Microsoft System Center
A remote code exectution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-0290 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...
KLA11001 Use-after-free vulnerability in Mozilla Firefox and Mozilla Firefox ESR
Use-after-free vulnerability was found in Mozilla Firefox and Mozilla Firefox ESR. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a Buffer11 API calls within the ANGLE graphics library, used for WebGL content...
KLA11031 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit Phantom PDF. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper parsi...
KLA11015 Race condition vulnerability in Google Chrome
A race condition vulnerability was found in the WebRTC component of Google Chrome earlier than 58.0.3029.96. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely. Technical details Vulnerability was found in framebuffer2.cc NB:...
KLA11017 A buffer overflow vulnerability in LibreOffice
An out-of-bounds write vulnerability was found in LibreOffice. By exploiting this vulnerability malicious users can possibly cause a denial of service or obtain sensitive information. This vulnerability can be exploited remotely. Technical details This vulnerability is related to the ReadJPEG...
KLA11016 Denial of service vulnerability in IrfanView
An improper processing of .FPX FlashPix files was found in IrfanView 4.44 32-bit with FPX Plugin before 4.45. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed .FPX file. Original advisories...
KLA11007 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, read and write local files. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerabilit...
KLA11028 A read/write local files vulnerability in Oracle VM Virtual Box
An unspecified vulnerability was found in Oracle VM VirtualBox. By exploiting this vulnerability low priveleged malicious users with logon to the infrastructure, where OracleVM VirtualBox is executed, can write to some of Oracle VM VirtualBox accessible data and read a subset of Oracle VM...
KLA11027 Multiple vulnerabilities in Oracle VM VirtualBox
Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause a denial of service, read and write accesible data and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple unspecifie...
KLA11006 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities have been found in Oracle Java SE components. Malicious users can exploit these vulnerabilities possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in subcomponent JCE Java Cryptography Extension c...
KLA11005 Multiple vulnerabilities in Oracle Java SE
Multiple serious vulnerabilities have been found in Oracle Java SE components. Malicious users can exploit these vulnerabilities to cause a denial of service, read and write local files and possibly to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified...
KLA11000 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome earlier than 58.0.3029.81. Malicious users can exploit these vulnerabilities to execute arbitrary code and spoof user interface. Below is a complete list of vulnerabilities: 1. Type confusion in the PDFium component can be exploite...
KLA11004 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, bypass...
KLA11128 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect assumption about block structure in Blink can be exploited remote...