3996 matches found
KLA10825 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA10827 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited...
KLA10824 Denial of service and arbitrary code execution vulnerabilities in VideoLAN VLC media player
An unknown vulnerability was found in VLC media player. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted QuickTime IMA file. Technical details This vulnerability related to...
KLA10822 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, elevate privileges, cause denial of service, conduct XSS or obtain sensitive information. Below is a complete list of...
KLA10821 Arbitrary code execution vulnerability in Lenovo Accelerator Application
Improper implementation of update mechanism was found in Lenovo Accelerator Application. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via spoofing an update response by man-in-the-middle attack. Technical details To...
KLA10819 IBM Security AppScan vulnerability
An unspecified vulnerability were found in IBM Security AppScan. By exploiting these vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited by remote authenticated user via a specially crafted XML document. Technical details To exploit this vulnerabili...
KLA10820 Privilege escalation vulnerability in Docker
An improper treating of a numeric UID was found in Docker. By exploiting this vulnerability malicious users can escalate privileges. This vulnerability can be exploited locally via a numeric username in the password file. Technical details This vulnerability is related to libcontainer/user/user.g...
KLA10823 Denial of service and arbitrary code execution vulnerabilities in 7-Zip
Improper processing of UDF files was found in 7zip. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted UDF file. Technical details This vulnerability related to...
KLA10818 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown vulnerabilities can be...
KLA10817 Privilege escalation in cURL
An improper DLL loading was found in cURL. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited via a DLL hijack. Technical details This vulnertability related to load of security.dll, secur32.dll and ws232.dll Original advisories Original...
KLA10816 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information or conduct another unknown impact. Below is a complete list of vulnerabilities: 1. Multiple...
KLA10813 Privilege escalation vulnerability in Apple iTunes
An unspecified vulnerability was found in Apple iTunes setup. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a DLL hijack. Original advisories Apple advisory Related products Apple-iTunes CVE list CVE-2016-1742 high Solution...
KLA10814 Privilege escalation vulnerability in VMware Player and Workstation
An improper file access was found in VMware products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally. Original advisories VMware advisory Related products VMware-Workstation VMware-Player CVE list CVE-2016-2077 critical Solution...
KLA10815 Security bypass vulnerability in cURL
An improper TLS connections handling was found in cURL. By exploiting this vulnerability malicious users can bypass sec. This vulnerability can be exploited remotely via TLS certificate manipulations. Technical details Libcurl affected only if mbedTLS or PolarSSL as TLS backend. Original advisori...
KLA10810 Code execution vulnerabilities in Adobe Flash Player
Type confusion, use-after-free, buffer overflow, memory corruption and unsafe search path vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely. Technical details To update...
KLA10809 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or cause denial of service. Below is a complete list of vulnerabilities 1. An characters handling can be exploited...
KLA10801 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...
KLA10811 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10810. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA11914 Multiple vulnerability in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA10804 Code execution vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited remotely via a specially designed content; 2. An...
KLA10802 OSI vulnerability in Microsoft Developer Tools
An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-0149 Related products Microsoft-.NET-Framework CVE list CVE-2016-0149 warning KB list 3156421 3156387 314202...
KLA10807 Multiple vulnerabilities in Adobe Acrobat
Multiple serious vulnerabilities have been found in Adobe Acrobat. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple...
KLA10805 Multiple vulnerabilities in the JScript and VBScript
Multiple serious vulnerabilities have been found in Microsoft JScript and VBScript. Malicious users can exploit these vulnerabilities to execute arbitrary code. Technical details Improper objects handling in memory in Internet Explorer can be exploited remotely via a specially designed web conten...
KLA10806 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory...
KLA10808 Multiple vulnerabilities in Apache Subversion
Multiple serious vulnerabilities have been found in Apache Subversion. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Null pointer dereference can be exploited by authenticated attacker t...
KLA10799 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown...
KLA10795 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, inject arbitrary code, elevate privileges, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA10796 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet. Technical details These vulnerabilities can be exploited remotely via a vectors related...
KLA11003 Spoofing user interface vulnerability in Opera products
CVSS: 5.8 Detect date: 04/23/2016 Severity: High Description: An address bar spoofing vulnerability was found in Opera Stable 36 and Opera Mini 13. By exploiting this vulnerability malicious users can spoof user interface the displayed URL. This vulnerability can be exploited remotely via a...
KLA10797 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability in ConvertToPDF plugin can be exploited...
KLA10793 Multiple vulnerabilities in Oracle Java SE
An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive vulnerability. These vulnerabilities can be exploited remotely via a multiple vectors related to 2D, Hotspot,...
KLA10798 Multiple vulnerabilities at Oracle VM VirtualBox
An unspecified vulnerabilities were found in Oracle VM VirtualBox. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive information. Original advisories Oracle Bulletin Exploitation Public exploits exist for this vulnerability...
KLA10794 Multiple vulnerabilities in Oracle MySQL
An unspecified vulnerabilities were found in Oracle MySQL Server. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive information. These vulnerabilities can be exploited remotely via a vectors related to Packaging, Pluggable...
KLA10791 Buffer overflow vulnerability in VLC media player
Buffer overflow vulnerability was found in VLC media player. By exploiting this vulnerability malicious users can cause a denial of service crash. This vulnerability can be exploited remotely via a crafted wav file. Technical details This vulnerability is in the AStreamPeekStream function in...
KLA10783 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, inject arbitrary code, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA10784 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation...
KLA10788 Multiple vulnerabilities in Microsoft Graphics Component
Multiple serious vulnerabilities have been found in Microsoft Graphics Component as used in multiple Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. An improper memory objects handli...
KLA10782 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer and Microsoft Edge. For details look at KLA10780. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player,...
KLA11916 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An implementation vulnerability in Securi...
KLA10890 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer & Edge. For details look at KLA10810. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: don’t click a link in an email message or...
KLA10787 Code execution vulnerability in Micrsoft XML Core Services
An improper user input processing was found in Microsoft XML Core Services. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content. Original advisories CVE-2016-0147 Related products...
KLA10785 Code execution vulnerability in Microsoft Office
Multiple unspecified vulnerabilities was found in Microsoft Office. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content. Technical details You can mitigate this vulnerability via using Microsoft...
KLA10789 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Browser can be...
KLA10786 Code execution vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in .NET Framework can be exploited remotely to execute arbitrary cod...
KLA10790 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited via ...
KLA10781 Code execution vulnerability in pidgin-otr plugin.
Use-after-free vulnerability was found in Off-the-Record Messaging OTR pidgin-otr plugin. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via vectors related to the “Authenticate buddy” menu item. Technical details This...
KLA10780 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. An unknown vulnerability at JIT can be exploited to bypass layout...
KLA11442 ACE vulnerability in PuTTY
Stack-based buffer overflow vulnerability was found in PuTTY. Malicious users can exploit this vulnerability remotely cause denial of service and execute arbitrary code. Original advisories PuTTY vulnerability vuln-pscp-sink-sscanf Related products PuTTY CVE list CVE-2016-2563 critical Solution...
KLA10779 Privilege escalation vulnerability at Cogent DataHub
An unspecified vulnerability was found in Cogent DataHub. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via files manipulations. Original advisories ICS-CERT advisory Exploitation Public exploits exist for this vulnerability...
KLA10778 arbitrary code execution vulnerability in Autodesk Backburner
An unspecified vulnerability was found in Autodesk Backburner. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed command. Original advisories CERT vulnerability Related...