Lucene search
K
KasperskyRecent

3996 matches found

Kaspersky
Kaspersky
added 2017/04/14 12:0 a.m.46 views

KLA10997 Vulnerability in LibreOffice

Heap-based buffer overflow vulnerability was found in LibreOffice. By exploiting this vulnerability malicious users can obtain a sensitive information or cause a denial of service. Original advisories LibreOffice Security Advisory Related products LibreOffice CVE list CVE-2017-7870 critical...

9.8CVSS9.9AI score0.03864EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/04/14 12:0 a.m.57 views

KLA11149 Multiple vulnerabilities in QuickTime for Windows

Multiple vulnerabilities was found in QuickTime. These vulnerabilities can be exploited remotely to execute arbitrary code. Vendor is recommended don’t use QuickTime 7 for Windows anymore and uninstall this software. QuickTime 7 for Windows is no longer supported by vendor. Original advisories...

7.8CVSS8.3AI score0.00733EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/04/12 12:0 a.m.45 views

KLA11020 Multiple vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the IMAP Internet Message Access Protocol dissector can be exploited...

7.8CVSS7.8AI score0.03284EPSS
Exploits0References12
Kaspersky
Kaspersky
added 2017/04/12 12:0 a.m.86 views

KLA11915 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An implementation vulnerability in Securit...

9.3CVSS8.8AI score0.43272EPSS
Exploits5References32
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.497 views

KLA11024 Defense-in-Depth Update for Microsoft Office

An unspecified vulnerability was found in the EPS Encapsulated PostScript filter in Microsoft Office. By exploiting this vulnerability malicious users can possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website or file. NB: This vulnerability...

9.3CVSS8AI score0.99933EPSS
Exploits31References18
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.140 views

KLA11078 ACE vulnerability in Microsoft .NET Framework

An improper input validation on library load was found in Microsoft .NET. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited locally via a specially designed application. Technical details To exploit this vulnerability, a malicious use...

7.8CVSS8.1AI score0.17848EPSS
Exploits2References17
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.40 views

KLA11021 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA10993. Original advisories ADV170004 Related products Microsoft-Windows CVE list KB list 4018483 Solution Install necessary updates from the KB section, that are listed in your Windo...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.59 views

KLA11058 Multiple vulnerabilities in Microsoft Edge and Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to to gain privileges, execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete list of...

8.8CVSS8.1AI score0.45648EPSS
Exploits2References27
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.73 views

KLA11055 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. An incorrect handling of...

9.3CVSS7.3AI score0.28355EPSS
Exploits0References30
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.49 views

KLA11060 Multiple vulnerabilities in Microsoft Windows Hyper-V

Multiple serious vulnerabilities have been found in Microsoft Windows Hyper-V. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code and cause a denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related ...

7.6CVSS8.2AI score0.05673EPSS
Exploits0References44
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.55 views

KLA11061 Information disclosure vulnerability in Microsoft Windows

An incorrect handling of objects in memory has been found in libjpeg image-processing library functionality used in Microsoft Windows. Malicious users can exploit this vulnerability to obtain sensitive information. This vulnerability can be exploited remotely by convincing a user to run a special...

5CVSS7.4AI score0.10117EPSS
Exploits0References18
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.507 views

KLA11059 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote cod...

9.3CVSS9.8AI score0.99933EPSS
Exploits36References57
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.82 views

KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corrupti...

9.3CVSS9.9AI score0.99933EPSS
Exploits33References50
Kaspersky
Kaspersky
added 2017/04/11 12:0 a.m.45 views

KLA10993 Arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitary code. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerabilities in the sound class, in the internal script object and in the...

10CVSS9.9AI score0.24728EPSS
Exploits2References6
Kaspersky
Kaspersky
added 2017/04/06 12:0 a.m.243 views

KLA10992 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitary code and possibly cause a denial of service. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerabilities in the XML Forms...

10CVSS9.1AI score0.20377EPSS
Exploits2References9
Kaspersky
Kaspersky
added 2017/04/05 12:0 a.m.70 views

KLA10994 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, run arbitrary code, cause a denial of service and spoofing user interface. Below is a complete list of vulnerabilities 1. Memory corruption...

10CVSS10AI score0.17484EPSS
Exploits17References4
Kaspersky
Kaspersky
added 2017/04/04 12:0 a.m.110 views

KLA10996 ACE Vulnerability in Foxit Reader

Heap-based buffer overflow vulnerability was found in Foxit Reader. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a a large SamplesPerPixel value in a crafted TIFF image. Original advisories Foxit bulletin Related...

7.8CVSS8.1AI score0.15808EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/03/22 12:0 a.m.190 views

KLA10999 Arbitrary code execution vulnerability in Microsoft IIS

CVSS: 10.0 Detect date: 03/22/2017 Severity: Critical Description: A buffer overflow vulnerability was found in in the WebDAV service in IIS Internet Information Services 6.0 in Microsoft Windows Server 2003 R2. By exploiting this vulnerability malicious users can execute arbitary code or cause a...

10CVSS9.3AI score0.99823EPSS
Exploits39
Kaspersky
Kaspersky
added 2017/03/17 12:0 a.m.52 views

KLA10971 Vulnerability in Mozilla Firefox and Mozilla Firefox ESR

Integer overflow vulnerability was found in Mozilla Firefox and Mozilla Firefox ESR. By exploiting this vulnerability malicious users possibly can obtain sensitive information and cause a denial of service. This vulnerability can be exploited remotely via experimental extensions. NB: This...

9.8CVSS9.7AI score0.03158EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.53 views

KLA10986 Information disclosure vulnerability in Microsoft Active Directory Federation Services

An improper honoring of XML External Entities was found in Microsoft Active Directory Federation Services ADFS. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories...

5.3CVSS6.2AI score0.02059EPSS
Exploits0References14
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.60 views

KLA10985 Privilege escalation vulnerabilities in Windows kernel-mode drivers

Multiple cases of improper handling of objects in memory have been found in the Windows kernel-mode Win32k driver. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed application by an attacker who has already...

7.8CVSS8.4AI score0.02388EPSS
Exploits0References28
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.32 views

KLA10974 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA10973. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.255 views

KLA10981 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to cause a denial of service, gain privileges, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper sanitizing of a...

9.3CVSS9.1AI score0.5047EPSS
Exploits2References61
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.44 views

KLA11037 Arbitrary code execution vulnerability in VMware products

An out-of-bounds memory access vulnerability in the DnD drag-and-drop function was found in VMware Workstation Pro and VMware Workstation Player. By exploiting this vulnerability malicious users can execute arbitrary code on the operating system running VMware Workstation Pro or VMware Workstatio...

9.9CVSS10AI score0.1994EPSS
Exploits5References5
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.80 views

KLA11833 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Windows Graphics Component can be...

9.3CVSS7.8AI score0.5047EPSS
Exploits2References17
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.49 views

KLA10998 Information disclosure vulnerability in Microsoft Windows Media Player

An improper handling of objects in memory was found in Microsoft Windows Media Player. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website. Original advisories Microsoft Security Update...

3.1CVSS5.9AI score0.29524EPSS
Exploits1References17
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.57 views

KLA10976 Microsoft Windows PDF Library vulnerability

An unspecified vulnerability was found in the Microsoft Windows PDF Library. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed PDF file. Original advisories MS17-009 CVE-2017-0023 Related products...

7.6CVSS8.1AI score0.34017EPSS
Exploits0References15
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.56 views

KLA10987 Information disclosure in Windows DVD Maker

An improper parsing of .msdvd files was found in Windows DVD maker. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed .msdvd file. Original advisories MS17-020 CVE-2017-0045 Exploitation Public...

5.5CVSS5.9AI score0.06581EPSS
Exploits5References9
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.88 views

KLA10973 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities: 1. A buffer overflow/underflow vulnerability in the Primetime TVSDK can...

9.3CVSS9AI score0.0836EPSS
Exploits1References6
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.99 views

KLA10984 Privilege escalation vulnerabilities in Windows kernel

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An improper check of a buffer length prior to copying memory to the buffer can be exploited remotely ...

7.8CVSS8.2AI score0.57482EPSS
Exploits4References24
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.81 views

KLA10978 Multiple vulnerabilities in Windows Uniscribe

Multiple serious vulnerabilities have been found in Windows Uniscribe. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploted remotely vi...

9.3CVSS7.3AI score0.57338EPSS
Exploits13References49
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.1098 views

KLA10980 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Windows GDI can be exploited remotely via...

9.3CVSS7.9AI score0.5047EPSS
Exploits2References33
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.229 views

KLA10968 Multiple vulnerabilities in Microsoft Edge

Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An incorrect handling of...

8.1CVSS9.1AI score0.80386EPSS
Exploits18References38
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.103 views

KLA10988 Information disclosure vulnerability in Windows DirectShow

An improper objects handling in memory was found in Windows DirectShow. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website. Original advisories MS17-021 CVE-2017-0042 Related products...

3.1CVSS5.9AI score0.29524EPSS
Exploits1References20
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.38 views

KLA10991 Privilege escalation vulnerability in Adobe Shockwave Player

An unspecified vulnerability was found in the Adobe Shockwave Player. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a DLL hijacking. Original advisories Adobe Security Bulletin Related products Adobe-Shockwave-Player CVE lis...

7.8CVSS8.1AI score0.03028EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.54 views

KLA10982 PE vulnerability in Microsoft Server Software

An improper handling of web requests was found in Microsoft Outlook Web Access. By exploiting this vulnerability malicious users can gain privileges. A successful exploit allows attackers to perform content/script injection attacks, make user disclose sensitive information. This vulnerability can...

6.1CVSS6.6AI score0.07023EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.48 views

KLA10989 Information disclosure vulnerability in Microsoft XML Core Services

An improper object handling in memory was found in Microsoft XML CoreServices MSXML. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website. Original advisories MS17-022 CVE-2017-0022 Related...

6.5CVSS6.5AI score0.18069EPSS
Exploits1References19
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.106 views

KLA10975 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Hyper-V can be exploit...

9CVSS8.3AI score0.1267EPSS
Exploits0References28
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.105 views

KLA10967 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure...

8.8CVSS8.9AI score0.80386EPSS
Exploits22References60
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.160 views

KLA10983 Privilege escalation vulnerability in Windows IIS

An improper sanitizing of a specially designed request was found in Microsoft IIS Server. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed URL. Original advisories MS17-016 CVE-2017-0055 Exploitation Public...

6.1CVSS7.5AI score0.16369EPSS
Exploits2References19
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.664 views

KLA10977 Multiple vulnerabilities in Microsoft Server Message Block (SMB)

Multiple serious vulnerabilities have been found in Microsoft Server Message Block 1.0SMBv1. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of certain requests can be...

9.3CVSS9.2AI score0.99693EPSS
Exploits94References32
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.124 views

KLA11902 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code...

9.3CVSS10AI score0.99693EPSS
Exploits139References110
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.564 views

KLA10979 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service. Below is a complete list of vulnerabilitie...

9.3CVSS9.2AI score0.99693EPSS
Exploits133References114
Kaspersky
Kaspersky
added 2017/03/09 12:0 a.m.35 views

KLA11036 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware Workstation Pro and VMware Workstation Player. Malicious users can exploit these vulnerabilities to gain privileges or cause a denial of service. Below is a complete list of vulnerabilities: 1. A DLL loading vulnerability can be exploited...

8.8CVSS6.7AI score0.00393EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/03/09 12:0 a.m.27 views

KLA11359 ACE vulnerability in Pidgin

Out of bound write vulnerability was found in Pidgin. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Pidgin Security Advisory Related products Pidgin CVE list CVE-2017-2640 critical Solution Update to the latest version Download Pidgin Impacts ACE...

9.8CVSS8.3AI score0.06258EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/03/08 12:0 a.m.61 views

KLA10972 CIA hacking issue in Notepad++

An issue of a hijacked DLL was found in Notepad++. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a sciexer.dll, which is replaced by version of sciexer.dll built by CIA. Technical details This vulnerability has...

6.9AI score
Exploits0References2
Kaspersky
Kaspersky
added 2017/03/07 12:0 a.m.41 views

KLA10970 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, run arbitrary code and cause a denial of service. Below is a complete list of vulnerabilities 1. Memory curruption vulnerability in asm.js ca...

10CVSS9.6AI score0.17484EPSS
Exploits8References4
Kaspersky
Kaspersky
added 2017/03/07 12:0 a.m.82 views

KLA10969 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to obtain sensitive information, run arbitrary code, cause a denial of service and gain privileges. Below is a complete list of vulnerabilities 1. Memory...

10CVSS10AI score0.17484EPSS
Exploits21References6
Kaspersky
Kaspersky
added 2017/03/04 12:0 a.m.32 views

KLA10966 Multiple vulnerabilities in qBittorrent

CVSS: 4.3 Detect date: 03/04/2017 Severity: Warning Description: Multiple serious vulnerabilities have been found in qBittorrent before 3.3.11. Malicious users can exploit these vulnerabilities to cause XSS. Affected products: qBittorrent before 3.3.11 Solution: Update to the latest version...

4.3CVSS6.7AI score0.00857EPSS
Exploits0
Kaspersky
Kaspersky
added 2017/03/03 12:0 a.m.45 views

KLA10965 Denial of service vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.10 and 2.2.0 to 2.2.4. Malicious users can exploit these vulnerabilities possibly to cause a denial of service. Below is a complete list of vulnerabilities: 1. An LDSS dissector crash can be exploited remotely via packet...

7.8CVSS8.3AI score0.02949EPSS
Exploits0References10
Total number of security vulnerabilities3996