3965 matches found
KLA10834 Arbitrary code execution vulnerability in Opera Mail
An unspecified vulnerability was found in Opera Mail. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed e-mail message. Original advisories Opera advisory Related products Opera-Mail CVE list...
KLA10837 Code execution vulnerabilities in LibreOffice
Lack of validation was found in LibreOffice. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed RTF file. Original advisories LibreOffice advisory Related products LibreOffice CVE list CVE-2016-4324 hi...
KLA10836 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
Multiple serious vulnerabilities have been found in multiple Foxit products. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Use-after-free vulnerability can be...
KLA10812 Privilege escalation vulnerabilities in Lenovo Solution Center
Multiple serious vulnerabilities have been found in Lenovo Solution Center. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability at SystemService can be exploited locally to terminate arbitrary process via...
KLA10932 Multiple vulnerabilities in Pidgin
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to overwrite arbitrary files, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A directory traversal vulnerability in the handling of...
KLA10942 Multiple vulnerabilities in Pidgin
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to cause a denial of sevice, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Null pointer derefence vulnerabilities and...
KLA10954 Remote Security Vulnerability in Oracle VM VirtualBox
A remote security vulnerability was found in Oracle Virtualization Oracle VM VirtualBox component. By exploiting this vulnerability malicious users can gain privileges and cause a partial denial of service. This vulnerability can be exploited remotely over the HTTP protocol. Technical details...
KLA10831 Code execution vulnerability in Adobe AIR
An improper updates resolve was found in Adobe AIR. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Adobe bulletin Related products Adobe-AIR CVE list CVE-2016-4126 critical Solution Update to the latest version Get AIR Impacts ACE Arbitrary code...
KLA10830 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Type confusion, use-after-free, heap...
KLA11830 DoS vulnerability in Microsoft Windows
Denial of service vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to cause denial of service, bypass security restrictions. Original advisories CVE-2016-3230 Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-Server-2012...
KLA10832 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10830. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA11910 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. DoS vulnerability in Search component can be exploited remotely to cause denial of...
KLA10833 Multiple unknown vulnerabilities in Google Chrome
Multiple unspecified vulnerability were found in Google Chrome. Original advisories Google Chrome releases blog entry Related products Google-Chrome CVE list CVE-2016-1704 high Solution Update to the latest version. File with name oldchrome can be still detected after update. It caused by Google...
KLA10826 OSI vulnerability in Microsoft Server Software
An information disclosure vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-0028 ADV160012 Related products Microsoft-Exchange-Server CVE list CVE-2016-0028 high KB list 3151086 315050...
KLA10827 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited...
KLA11837 Microsoft Advisory for Adobe Flash
Original advisories ADV160003 APSB16-18 Related products Adobe-Flash CVE list KB list 3167685 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update usually can be accessed from the Control Panel Affected Products - Adobe Flash Player earlier...
KLA10828 Code execution vulnerabilities in Microsoft JScript and VBScript
An improper memory objects handling was found in Microsoft VBScript and JScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content. Technical details To mitigate this vulnerability you can...
KLA10829 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to bypass security restrictions, perform privilege escalation, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper...
KLA10896 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA10830. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...
KLA11911 Multiple vulnerabilites in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. An...
KLA10825 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA10824 Denial of service and arbitrary code execution vulnerabilities in VideoLAN VLC media player
An unknown vulnerability was found in VLC media player. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted QuickTime IMA file. Technical details This vulnerability related to...
KLA10822 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, elevate privileges, cause denial of service, conduct XSS or obtain sensitive information. Below is a complete list of...
KLA10821 Arbitrary code execution vulnerability in Lenovo Accelerator Application
Improper implementation of update mechanism was found in Lenovo Accelerator Application. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via spoofing an update response by man-in-the-middle attack. Technical details To...
KLA10820 Privilege escalation vulnerability in Docker
An improper treating of a numeric UID was found in Docker. By exploiting this vulnerability malicious users can escalate privileges. This vulnerability can be exploited locally via a numeric username in the password file. Technical details This vulnerability is related to libcontainer/user/user.g...
KLA10818 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown vulnerabilities can be...
KLA10819 IBM Security AppScan vulnerability
An unspecified vulnerability were found in IBM Security AppScan. By exploiting these vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited by remote authenticated user via a specially crafted XML document. Technical details To exploit this vulnerabili...
KLA10823 Denial of service and arbitrary code execution vulnerabilities in 7-Zip
Improper processing of UDF files was found in 7zip. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted UDF file. Technical details This vulnerability related to...
KLA10817 Privilege escalation in cURL
An improper DLL loading was found in cURL. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited via a DLL hijack. Technical details This vulnertability related to load of security.dll, secur32.dll and ws232.dll Original advisories Original...
KLA10816 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information or conduct another unknown impact. Below is a complete list of vulnerabilities: 1. Multiple...
KLA10813 Privilege escalation vulnerability in Apple iTunes
An unspecified vulnerability was found in Apple iTunes setup. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a DLL hijack. Original advisories Apple advisory Related products Apple-iTunes CVE list CVE-2016-1742 high Solution...
KLA10814 Privilege escalation vulnerability in VMware Player and Workstation
An improper file access was found in VMware products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally. Original advisories VMware advisory Related products VMware-Workstation VMware-Player CVE list CVE-2016-2077 critical Solution...
KLA10815 Security bypass vulnerability in cURL
An improper TLS connections handling was found in cURL. By exploiting this vulnerability malicious users can bypass sec. This vulnerability can be exploited remotely via TLS certificate manipulations. Technical details Libcurl affected only if mbedTLS or PolarSSL as TLS backend. Original advisori...
KLA10810 Code execution vulnerabilities in Adobe Flash Player
Type confusion, use-after-free, buffer overflow, memory corruption and unsafe search path vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely. Technical details To update...
KLA10809 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or cause denial of service. Below is a complete list of vulnerabilities 1. An characters handling can be exploited...
KLA10806 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory...
KLA10807 Multiple vulnerabilities in Adobe Acrobat
Multiple serious vulnerabilities have been found in Adobe Acrobat. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple...
KLA11914 Multiple vulnerability in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA10804 Code execution vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited remotely via a specially designed content; 2. An...
KLA10811 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10810. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA10801 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...
KLA10802 OSI vulnerability in Microsoft Developer Tools
An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-0149 Related products Microsoft-.NET-Framework CVE list CVE-2016-0149 warning KB list 3156421 3156387 314202...
KLA10805 Multiple vulnerabilities in the JScript and VBScript
Multiple serious vulnerabilities have been found in Microsoft JScript and VBScript. Malicious users can exploit these vulnerabilities to execute arbitrary code. Technical details Improper objects handling in memory in Internet Explorer can be exploited remotely via a specially designed web conten...
KLA10808 Multiple vulnerabilities in Apache Subversion
Multiple serious vulnerabilities have been found in Apache Subversion. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Null pointer dereference can be exploited by authenticated attacker t...
KLA10799 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown...
KLA10795 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, inject arbitrary code, elevate privileges, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA10796 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet. Technical details These vulnerabilities can be exploited remotely via a vectors related...
KLA11003 Spoofing user interface vulnerability in Opera products
CVSS: 5.8 Detect date: 04/23/2016 Severity: High Description: An address bar spoofing vulnerability was found in Opera Stable 36 and Opera Mini 13. By exploiting this vulnerability malicious users can spoof user interface the displayed URL. This vulnerability can be exploited remotely via a...
KLA10797 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability in ConvertToPDF plugin can be exploited...
KLA10798 Multiple vulnerabilities at Oracle VM VirtualBox
An unspecified vulnerabilities were found in Oracle VM VirtualBox. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive information. Original advisories Oracle Bulletin Exploitation Public exploits exist for this vulnerability...