Lucene search
K
KasperskyRecent

3996 matches found

Kaspersky
Kaspersky
added 2017/02/21 12:0 a.m.23 views

KLA10964 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA10960. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...

7.3AI score
Exploits0References4
Kaspersky
Kaspersky
added 2017/02/17 12:0 a.m.45 views

KLA10962 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface and cause a denial of service,bypass security restrictions. Below is a complete list of vulnerabilities: 1. Inability to prevent alerts from being displayed...

5.5CVSS6.6AI score0.01425EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/02/17 12:0 a.m.121 views

KLA10961 Denial of service vulnerability in Wireshark

An infinite loop and memory exhaustion vulnerability was found in Wireshark versions 2.2.4 and earlier. By exploiting this vulnerability malicious users can possibly cause a denial of service. This vulnerability can be exploited remotely via a specially designed or malformed STANAG 4607 capture...

7.8CVSS7.5AI score0.02942EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/02/14 12:0 a.m.99 views

KLA10960 Code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A type confusion vulnerability related to the MessageChannel class can be exploited remotely to...

9.3CVSS10AI score0.32676EPSS
Exploits10References6
Kaspersky
Kaspersky
added 2017/01/27 12:0 a.m.87 views

KLA10957 Multiple vulnerabilities in Oracle Java SE

Multiple serious vulnerabilities have been found in Oracle Java SE components. By exploiting these vulnerabilities malicious users can gain privileges and obtain sensitive information. These vulnerabilities can be exploited remotely by unauthenticater attacker having network access via multiple...

7.5CVSS8.4AI score0.03167EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2017/01/27 12:0 a.m.72 views

KLA10963 Multiple vulnerabilities in Oracle VM VirtualBox

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause a denial of service, gain priveleges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Unspecified vulnerabilities in subcomponents:...

8.4CVSS8.7AI score0.06961EPSS
Exploits4References3
Kaspersky
Kaspersky
added 2017/01/27 12:0 a.m.79 views

KLA10959 An unspecified vulnerability in Oracle Java SE

An unspecified vulnerability was found in Oracle Java SE components. By exploiting this vulnerability malicious users can gain privileges and obtain sensitive information. This vulnerability can be exploited remotely by an unauthenticater attacker having network access via multiple protocols...

6.5CVSS8.6AI score0.02972EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2017/01/27 12:0 a.m.90 views

KLA10958 Multiple vulnerabilities in Oracle Java SE

Multiple serious vulnerabilities have been found in Oracle Java SE components. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service or obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in Libraries...

6.5CVSS8.4AI score0.03533EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2017/01/26 12:0 a.m.57 views

KLA10956 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, run arbitrary code, cause a denial of service, spoof user interface and gain privilege escalation. Below is a complete list of vulnerabilitie...

9.8CVSS10AI score0.33199EPSS
Exploits15References3
Kaspersky
Kaspersky
added 2017/01/25 12:0 a.m.34 views

KLA10955 Denial of service vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.9 and 2.2.0 to 2.2.3. Malicious users can exploit these vulnerabilities to possibly cause a denial of service. Below is a complete list of vulnerabilities: 1. The DHCPv6 dissector large loop vulnerability can be exploited...

7.5CVSS8.2AI score0.029EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/01/24 12:0 a.m.163 views

KLA10953 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to obtain sensitive information, make code injection, run arbitrary code, bypass security restrictions, cause a denial of service. Below is a complete lis...

9.8CVSS9.7AI score0.33199EPSS
Exploits24References5
Kaspersky
Kaspersky
added 2017/01/23 12:0 a.m.77 views

KLA11362 ACE vulnerability in KeePass

Unspecified vulnerability was found in KeePass . Malicious users can exploit this vulnerability remotely via spoofing the version check response and supplying a crafted update to execute arbitrary code. Original advisories - Related products KeePass-Password-Safe CVE list CVE-2016-5119 high...

7.5CVSS7.9AI score0.02347EPSS
Exploits1References2
Kaspersky
Kaspersky
added 2017/01/23 12:0 a.m.53 views

KLA11374 Multiple ACE vulnerabilities in Microsoft Skype

Multiple untrusted search path vulnerabilities was found in Microsoft Skype. Malicious users can exploit this vulnerability to execute arbitrary code. Technical details This vulnerability is related to Microsoft Skype installer. This vulnerability had been reported to Microsoft but they decided n...

10CVSS8.2AI score0.46342EPSS
Exploits2References4
Kaspersky
Kaspersky
added 2017/01/23 12:0 a.m.38 views

KLA10948 Denial of service and code execution vulnerability in Foxit Reader and Foxit PhantomPDF

Out-of bounds read vulnerability was found in the ConvertToPDF plugin in Foxit Reader and PhantomPDF. By exploiting this vulnerability malicious users can cause a denial of service, possibly obtain sensitive information or execute arbitrary code in the context of the current process. This...

8.1CVSS8.8AI score0.0377EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/01/19 12:0 a.m.54 views

KLA10951 ACE vulnerability in Google Chrome

Incorrect optimisation assumptions in V8 engine were found in Google Chrome. By exploiting this vulnerability malicious users can perform arbitrary read/write operations and execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTML page. Original advisorie...

8.8CVSS9.1AI score0.34703EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/01/19 12:0 a.m.40 views

KLA10949 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome prior to 55.0.2883.75. Malicious users can exploit these vulnerabilities to bypass security restrictions, make code injections and possibly cause denial of service, obtain sensitive information. Below is a complete list of...

8.8CVSS8.2AI score0.01148EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/01/19 12:0 a.m.43 views

KLA10950 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome earlier than 54.0.2840.99. Malicious users can exploit these vulnerabilities to make privilege escalation, possibly cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities 1. Heap corrupti...

8.8CVSS9AI score0.01561EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/01/11 12:0 a.m.118 views

KLA10943 Denial of service vulnerability in PHP

An infinite loop vulnerability was found in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed object in serialized data. Technical details...

9.8CVSS8.1AI score0.42401EPSS
Exploits2References3
Kaspersky
Kaspersky
added 2017/01/11 12:0 a.m.55 views

KLA10944 Denial of service and arbitrary code execution vulnerabilities in PHP

An improper implementation of the SplObjectStorage unserialize in ext/spl/splobserver.c was found in PHP before 7.0.12. By exploiting this vulnerability malicious users can execute arbitrary code or cause a denial of service. This vulnerability can be exploited remotely via a specially designed...

9.8CVSS8.5AI score0.41558EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.28 views

KLA11903 DoS vulnerability in Microsoft Products (ESU)

A denial of service vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2017-0004 Related products Microsoft-Windows-Vista-4 Microsoft-Windows-7 Microsoft-Windows-Server-2008 CVE...

7.8CVSS7.6AI score0.89569EPSS
Exploits0References8
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.54 views

KLA10939 Arbitrary code execution vulnerability in Microsoft Office Word 2016 and Microsoft SharePoint Enterprise Server 2016

Memory corruption vulnerability was found in Microsoft Word 2016 and Microsoft SharePoint Enterprise Server 2016. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document. Original advisories MS17-0...

9.3CVSS8.2AI score0.24693EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.23 views

KLA10937 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA10936. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...

7.3AI score
Exploits0References5
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.64 views

KLA10941 Denial of service vulnerability in Microsoft Windows

An improper handling of authentication requests in the Local Security Authority Subsystem Service LSASS was found in Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1 and Windows 7 Service Pack 1. By exploiting this vulnerability malicious use...

7.8CVSS7.7AI score0.89569EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.26 views

KLA10938 Information disclosure and bypass security restrictions vulnerability in Foxit Reader

A large out-of-bounds read vulnerability was found in Foxit PDF Reader 8.0.2.805. By exploiting this vulnerability malicious users can possibly obtain sensitive information. In combination with another vulnerability, this one can be used to leak heap memory and in bypassing ASLR. This vulnerabili...

6.8CVSS5.3AI score0.1856EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.85 views

KLA10940 Privilege escalation vulnerability in Microsoft Edge

An elevation of privilege vulnerability was found in Microsoft Edge. By exploiting this vulnerability malicious users can bypass the Same Origin Policy and gain privileges. This vulnerability can be exploited remotely via vectors involving data: URLs and about:blank URL. Original advisories...

8.8CVSS8.9AI score0.1489EPSS
Exploits1References7
Kaspersky
Kaspersky
added 2017/01/10 12:0 a.m.39 views

KLA10936 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Vulnerability related to handling TCP...

9.3CVSS9.4AI score0.2991EPSS
Exploits22References7
Kaspersky
Kaspersky
added 2017/01/09 12:0 a.m.317 views

KLA11171 OSI vulnerability in Adobe Flash Player

Out-of-bounds read vulnerability in Adobe Flash Player can be exploited locally to obtain sensitive information. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original advisories APSB18-01 Exploitati...

7.5CVSS7.5AI score0.05509EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2017/01/06 12:0 a.m.34 views

KLA10946 Denial of service vulnerability in Kaspersky products

Vulnerability was found in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver in Kaspersky products. By exploiting this vulnerability malicious users can cause an access violation and a denial of service as a result. This vulnerability can be exploited locally via a specia...

5.5CVSS5.6AI score0.00505EPSS
Exploits2References4
Kaspersky
Kaspersky
added 2017/01/06 12:0 a.m.49 views

KLA10947 Denial of service vulnerability in Kaspersky products

Vulnerability was found in window broadcast message handling functionality of Kaspersky products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally via a specially designed unhandled window messages, which cause termination...

5.5CVSS5.6AI score0.00575EPSS
Exploits2References4
Kaspersky
Kaspersky
added 2017/01/06 12:0 a.m.93 views

KLA10945 Information leak and denial of service vulnerabilities in Kaspersky products

Multiple serious vulnerabilities have been found in Kaspersky products. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple information leaks in different IOCTL handlers of Kaspersky...

5.5CVSS6.3AI score0.0067EPSS
Exploits6References4
Kaspersky
Kaspersky
added 2017/01/05 12:0 a.m.36 views

KLA10926 Cross-site scripting vulnerability in Tenable Nessus

Cross-site scripting vulnerability was found in Tenable Nessus. By exploiting this vulnerability malicious users can inject HTML code or arbitrary web script. This vulnerability can be exploited remotely via unspecified vectors. Original advisories Nessus 6.9.3 Release Notes Related products Ness...

5.4CVSS5.6AI score0.01252EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/01/05 12:0 a.m.204 views

KLA10935 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities: 1. A type confusion vulnerability in the XSLT engine relate...

9.3CVSS8.8AI score0.24158EPSS
Exploits1References9
Kaspersky
Kaspersky
added 2017/01/04 12:0 a.m.55 views

KLA10931 Denial of service vulnerability in PHP

An unspecified vulnerability was found in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14. By exploiting this vulnerability malicious users can cause a denial of service. Other unspecified impacts are also possible. This vulnerability can be exploited remotely via a...

9.8CVSS7.6AI score0.04948EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/01/04 12:0 a.m.84 views

KLA10927 Denial of service vulnerabilities in PHP

Multiple serious vulnerabilities have been found in PHP before 5.6.28 and PHP 7.x before 7.0.13. Malicious users can exploit these vulnerabilities to cause a denial of service. Other unspecified impacts are also possible. Below is a complete list of vulnerabilities: 1. NULL pointer dereference in...

9.8CVSS8.8AI score0.06927EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2017/01/04 12:0 a.m.56 views

KLA10928 Denial of service vulnerabilities in PHP

Multiple serious vulnerabilities have been found in PHP through 5.6.27 and 7.x through 7.0.12. Malicious users can exploit these vulnerabilities to cause a denial of service. Other unspecified impacts are also possible. Below is a complete list of vulnerabilities: 1. Mishandling of property...

9.8CVSS8.4AI score0.05363EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2017/01/04 12:0 a.m.94 views

KLA10929 Denial of service vulnerability in PHP

An improper unserialize implementation in ext/standard/var.c was found in PHP 7.x before 7.0.14. By exploiting this vulnerability malicious users can cause a denial of service. Other unspecified impacts are also possible. This vulnerability can be exploited remotely via specially designed...

9.8CVSS8.2AI score0.46801EPSS
Exploits6References3
Kaspersky
Kaspersky
added 2017/01/04 12:0 a.m.49 views

KLA10930 Denial of service vulnerability in PHP

An unspecified vulnerability was found in PHP before 5.6.29 and 7.x before 7.0.14. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via an empty boolean element in a wddxPacket XML document. Technical details This...

9.8CVSS7.9AI score0.07031EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2016/12/29 12:0 a.m.58 views

KLA10934 Arbitrary code execution and denial of service vulnerability in VMware products

An unspecified vulnerability was found in VMware Workstation Pro 12.x before 12.5.2, VMware Workstation Player 12.x before 12.5.2 and VMware Fusion, Fusion Pro 8.x before 8.5.2. By exploiting this vulnerability malicious users can execute arbitrary code on the host OS or cause a denial of service...

8.8CVSS9.2AI score0.00542EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2016/12/29 12:0 a.m.54 views

KLA10933 Multiple vulnerabilities in VMware Workstation Pro and VMware Workstation Player

Multiple serious vulnerabilities have been found in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0. Malicious users can exploit these vulnerabilities to gain priveleges, execute arbitrary code or cause a denial of service. Below is a complete list of...

7.8CVSS8.7AI score0.01522EPSS
Exploits2References4
Kaspersky
Kaspersky
added 2016/12/28 12:0 a.m.51 views

KLA10952 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause a denial of service, obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities 1. Errors in...

9.8CVSS10AI score0.21401EPSS
Exploits11References3
Kaspersky
Kaspersky
added 2016/12/20 12:0 a.m.45 views

KLA10923 Privilege escalation vulnerability in Microsoft Windows

Improper objects handling in memory was found in the Secure Kernel Mode implementation in Microsoft Windows. By exploiting this vulnerability malicious users can gain priveleges and violate virtual trust levels VTL. This vulnerability can be exploited locally via a specially designed application...

7.8CVSS7.9AI score0.01365EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2016/12/17 12:0 a.m.50 views

KLA10914 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome prior to 54.0.2840.59. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, inject code or possibly cause denial of service. Below is a complete list of vulnerabilities: 1. Missed...

8.8CVSS9AI score0.01978EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2016/12/16 12:0 a.m.3987 views

KLA10915 Arbitrary code execution vulnerability in 7-Zip

A heap-based-overflow was found in 7-Zip before 16.00. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HFS+ image. Technical details Vulnerability occurs in method...

9.3CVSS8.6AI score0.14742EPSS
Exploits3References2
Kaspersky
Kaspersky
added 2016/12/14 12:0 a.m.60 views

KLA10911 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerabilities can be exploited remotely to execute...

9.3CVSS10AI score0.18786EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2016/12/13 12:0 a.m.173 views

KLA10925 Information Disclosure vulnerability in Microsoft .NET Framework 4.6.2

Mishandling of a developer-supplied key was found in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. By exploiting this vulnerability malicious users can obtain sensitive cleartext information. This vulnerability can be exploited remotely via leveraging key guessability. Original...

7.5CVSS7.9AI score0.20008EPSS
Exploits0References8
Kaspersky
Kaspersky
added 2016/12/13 12:0 a.m.49 views

KLA11904 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

9.3CVSS8.9AI score0.42488EPSS
Exploits5References37
Kaspersky
Kaspersky
added 2016/12/13 12:0 a.m.88 views

KLA10921 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain priveleges. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilit...

9.6CVSS9.3AI score0.58204EPSS
Exploits7References51
Kaspersky
Kaspersky
added 2016/12/13 12:0 a.m.73 views

KLA10922 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Windows Graphics Component can be exploited...

9.3CVSS8.9AI score0.39261EPSS
Exploits0References20
Kaspersky
Kaspersky
added 2016/12/13 12:0 a.m.58 views

KLA10919 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA10911. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...

7.3AI score
Exploits0References7
Kaspersky
Kaspersky
added 2016/12/13 12:0 a.m.94 views

KLA10924 Privilege escalation and information disclosure vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information or gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory while running a Windows Crypto...

9.3CVSS8AI score0.42488EPSS
Exploits5References43
Total number of security vulnerabilities3996