3996 matches found
KLA10776 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple unknown vulnerabilities at V8 can be exploited to cause denial of...
KLA10775 An unknown vulnerability in Oracle Java SE
An unspecified vulnerability was found in Oracle Java SE. By exploiting this vulnerability malicious users can cause denial of service, affect integrity or obtain sensitive information. This vulnerability can be exploited remotely via vectors related to subcomponent Hotspot Original advisories...
KLA10777 Code execution vulnerability in ABB Panel Builder 800
An unspecified vulnerability was found in ABB Panel Builder 800. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a DLL hijack. Technical details This vulnerability can be mitigated via disabling .pba files associations...
KLA10773 Code execution vulnerability in Apple Software Update
Weak networking protocol usage was found in Apple Software Update. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via man-in-the-middle attack. Technical details Instead of usage HTTPS for downloading updates unprotected...
KLA10774 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA10772 Multiple vulnerabilities in Adobe Flash Player & AIR
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Integer overflow vulnerability can be exploited to execute arbitrary code; 2. ...
KLA10765 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code, spoof user interface, gain privileges and write local files. Below...
KLA10768 Security bypass vulnerability in Microsoft .NET Framework
An improper XML validation was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via signed XML file manipulations. Original advisories CVE-2016-0132 Related products...
KLA10767 Multiple vulnerabilities in Adobe Acrobat & Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat & Reader. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple memory corruption vulnerabilities can be exploited to cause...
KLA10766 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or possibly execute arbitrary code. Below is a complete list of vulnerabilities 1. An improper user agent shadow DOM implementation at Blink can be...
KLA10771 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer & Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory objects access can be exploited...
KLA10769 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. An improper input validation can be exploited by logged in...
KLA10770 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited remotely via a...
KLA10764 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities 1. Lack of URL’s restrictions at Blink can be...
KLA10763 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges. Below is a complete list of vulnerabilities 1. Multiple vulnerabilities in LLRP, RSL, LBMC, HiQnet, HTTP/2, X.509AF, DNP3 and ASN.1 BER...
KLA10744 Multiple vulnerabilities in Oracle VM VirtualBox
An unspecified vulnerabilities were found in Oracle VirtualBox. By exploiting these vulnerabilities malicious users can affect availability, integrity and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to Core and Windows Installer. Original...
KLA10760 Security bypass vulnerabilities in Google Chrome
An unspecified vulnerability was found in Google Chrome. By exploiting this vulnerability malicious users can bypass same origin policy and sandbox mechanism protection. This vulnerability can be exploited remotely via an unknown vectors. Original advisories Google Chrome releases blog Related...
KLA10762 Denial of service vulnerabilities in LibreOffice
Buffer overflow vulnerabilities were found in LibreOffice. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed document. Technical details These vulnerabilities related to parsing the...
KLA10761 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via a specially designed regular...
KLA10759 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Lack of requests...
KLA10755 Multiple vulnerabilities in Microsoft Edge
Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code or bypass security features. Below is a complete list of vulnerabilities 1. An improper HTTP responses parsing can be exploited...
KLA10751 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability at...
KLA10753 Multiple vulnerabilities in Microsoft .NET Framework
Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper handling of XSLT can be exploited remotely via a...
KLA10754 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited remotely via a specially design...
KLA10866 Multiple vulnerabilities in Python
Multiple serious vulnerabilities have been found in CPython Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2. Malicious users can exploit these vulnerabilities to bypass the TLS protections, inject arbitrary HTTP headers or have unspecified impact. Below is a complete list of...
KLA10757 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Lack of URL schemes validation at Developer Tools can be exploited remote...
KLA10758 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10757. Technical details To mitigate this vulnerability you can implement some of workarounds listed in original Microsoft advisory: disable Adobe Flash Player, prevent Adobe FP from...
KLA10756 Arbitrary code execution in Adobe Flash Player & AIR
Multiple serious vulnerabilities have been found in Adobe Flash Player & AIR. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. Type confusion vulnerability can be exploited remotely to execute arbitrary code; 2...
KLA10871 VMware Workstation 11.x end of life
VMware announced the end of support for VMware Workstation 11.x. Users should immediately make transition to VMware Workstation 12.x or later Original advisories https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/product-lifecycle-matrix.pdf Related products...
KLA10750 Data manipulations vulnerability in cURL
Lack of data sanitization was found in cURL command line tool for Windows. By exploiting this vulnerability malicious users can write arbitrary local file. This vulnerability can be exploited remotely via a specially designed file name. Technical details cURL does not sanitize colons in a remote...
KLA11025 Buffer overflow vulnerability in QuickTime
Buffer overflow vulnerability was found in QuickTime. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Apple bulletin Related products Apple-QuickTime CVE list CVE-2011-3428 critical Solution Update to latest version Quicktime download Impacts ACE...
KLA10749 Multiple vulnerabilities in MariaDB
Multiple serious vulnerabilities have been found in MariaDB. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper server hostname verification...
KLA10748 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface and execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple memory safety...
KLA10743 Multiple vulnerabilities in Oracle Java SE
An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can affect application confidentiality, integrity and availability. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, AWT, Libraries, Networking,...
KLA10745 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple unspecified vulnerabilities at HarfBuzz and V8 c...
KLA10747 Obsolete PHP version in XAMPP & WAMP
Obsolete version of PHP was found in XAMPP & WAMP. Details about PHP vulnerabilities you can get at KLA10746. Original advisories - Related products PHP CVE list CVE-2016-1904 critical CVE-2016-1903 high CVE-2015-8617 critical CVE-2015-8616 critical CVE-2015-6836 critical CVE-2015-6833 warning...
KLA10746 Multiple vulnerabilities in PHP
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to cause denial of service, affect arbitrary files, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be...
KLA10742 Security bypass vulnerability in Gajim
An unspecified vulnerability was found in Gajim. By exploiting this vulnerability malicious users can modify roster and intercept messages. This vulnerability can be exploited remotely via a specially designed roster-push IQ stanza. Original advisories - Related products Gajim CVE list...
KLA10792 Denial of service vulnerability in Apache Subversion
An integer overflow was found in Apache Subversion. By exploiting this vulnerability malicious authenticated users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request. Technical details This vulnerability ca...
KLA10741 Denial of service vulnerability in FireBird
Improper commands usage at RDBMS was found in FireBird. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via vectors related to gbak utility. Technical details This vulnerability related to unhandled case exception at...
KLA10739 Code execution vulnerability in Microsoft VBScript
Improper memory objects handling was found in Microsoft VBScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details To mitigate this vulnerability you can restrict acces...
KLA10735 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory objects...
KLA10737 Code execution vulnerability in Microsoft Silverlight
Improper strings handling was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details This vulnerability can be triggered while Silverlight...
KLA10734 Multiple vulnerabilities in Adobe products
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Untrusted search path vulnerability at Adobe...
KLA10736 Spoofing vulnerability in Microsoft Exchange Server
Improper web requests handling was found in Microsoft Exchange Server at Outlook Web Access. By exploiting this vulnerability malicious users can spoof user interface. This vulnerability can be exploited remotely via a specially designed email with malicious link. Original advisories CVE-2016-003...
KLA10740 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling at VBScript engine can be...
KLA10738 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a...
KLA10752 Denial of service vulnerability in Microsoft Acrtive Directory Federation Services
Lack of input data checks was found in Microsoft Active Directory Federation Services. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed input to form-based authentication. Original advisories...
KLA10731 Multiple vulnerabilities in Apple QuickTime
An unspecified vulnerabilities were found in Apple QuickTime. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed movie file. Original advisories Apple advisory Related...
KLA10733 Multiple vulnerabilities in VMware products
Memory corruption vulnerability was found in VMware products. By exploiting this vulnerability malicious users can cause denial of service or gain privileges. This vulnerability can be exploited remotely via an unknown vectors. NB: This vulnerability have no public CVSS rating so rating can be...