3965 matches found
KLA10749 Multiple vulnerabilities in MariaDB
Multiple serious vulnerabilities have been found in MariaDB. Malicious users can exploit these vulnerabilities to cause denial of service, affect integrity, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper server hostname verification...
KLA10748 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface and execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple memory safety...
KLA10745 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple unspecified vulnerabilities at HarfBuzz and V8 c...
KLA10743 Multiple vulnerabilities in Oracle Java SE
An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can affect application confidentiality, integrity and availability. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, AWT, Libraries, Networking,...
KLA10747 Obsolete PHP version in XAMPP & WAMP
Obsolete version of PHP was found in XAMPP & WAMP. Details about PHP vulnerabilities you can get at KLA10746. Original advisories - Related products PHP CVE list CVE-2016-1904 critical CVE-2016-1903 high CVE-2015-8617 critical CVE-2015-8616 critical CVE-2015-6836 critical CVE-2015-6833 warning...
KLA10746 Multiple vulnerabilities in PHP
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to cause denial of service, affect arbitrary files, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be...
KLA10742 Security bypass vulnerability in Gajim
An unspecified vulnerability was found in Gajim. By exploiting this vulnerability malicious users can modify roster and intercept messages. This vulnerability can be exploited remotely via a specially designed roster-push IQ stanza. Original advisories - Related products Gajim CVE list...
KLA10792 Denial of service vulnerability in Apache Subversion
An integer overflow was found in Apache Subversion. By exploiting this vulnerability malicious authenticated users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request. Technical details This vulnerability ca...
KLA10741 Denial of service vulnerability in FireBird
Improper commands usage at RDBMS was found in FireBird. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via vectors related to gbak utility. Technical details This vulnerability related to unhandled case exception at...
KLA10739 Code execution vulnerability in Microsoft VBScript
Improper memory objects handling was found in Microsoft VBScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details To mitigate this vulnerability you can restrict acces...
KLA10734 Multiple vulnerabilities in Adobe products
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Untrusted search path vulnerability at Adobe...
KLA10740 Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling at VBScript engine can be...
KLA10737 Code execution vulnerability in Microsoft Silverlight
Improper strings handling was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details This vulnerability can be triggered while Silverlight...
KLA10738 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a...
KLA10736 Spoofing vulnerability in Microsoft Exchange Server
Improper web requests handling was found in Microsoft Exchange Server at Outlook Web Access. By exploiting this vulnerability malicious users can spoof user interface. This vulnerability can be exploited remotely via a specially designed email with malicious link. Original advisories CVE-2016-003...
KLA10735 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory objects...
KLA10752 Denial of service vulnerability in Microsoft Acrtive Directory Federation Services
Lack of input data checks was found in Microsoft Active Directory Federation Services. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed input to form-based authentication. Original advisories...
KLA10731 Multiple vulnerabilities in Apple QuickTime
An unspecified vulnerabilities were found in Apple QuickTime. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed movie file. Original advisories Apple advisory Related...
KLA10733 Multiple vulnerabilities in VMware products
Memory corruption vulnerability was found in VMware products. By exploiting this vulnerability malicious users can cause denial of service or gain privileges. This vulnerability can be exploited remotely via an unknown vectors. NB: This vulnerability have no public CVSS rating so rating can be...
KLA10730 Denial of service vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Improper data validation and lack of restrictions can be exploited remotely via a specially designed packet o...
KLA10706 Potentially vulnerable Dell certificate
Microsoft updates Certificate Trust list to exclude potentially vulnerable eDellCert certificate. Via this vulnerability malicious can obtain sensitive information or bypass security restrictions. Technical details For further details about problem you can visit Dell blog entry related. And also ...
KLA10728 Obsolete Adobe Flash Player for Windows
Obsolete version of Adobe Flash Player was found in Microsoft Internet Explorer. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely. Technical details For further information look at KLA10727 Origina...
KLA10727 Code execution vulnerabilities in Adobe Flash Player and AIR
Type confusion, integer overflow, use-after-free and memory corruption vulnerabilities were found in Adobe products. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via an unknown vectors...
KLA10726 Security bypass vulnerability in Dovetones AD Self Password Reset
An unspecified vulnerability was found in Dovestones AD Self Password Reset. By exploiting this vulnerability malicious users can reset arbitrary passwords. This vulnerability can be exploited remotely via a specially designed request. Technical details This vulnerability related to...
KLA10732 Security bypass vulnerability in Mozilla Firefox and Firefox ESR
Lack of security enforcement was found in Mozilla Firefox. By exploiting this vulnerability malicious users can conduct man-in-the-middle attack. This vulnerability can be exploited remotely via a collision-based attacks. Technical details This vulnerability caused by not rejecting MD5 signatures...
KLA10729 Privilege escalation vulnerability in WinRAR
Improper files handling was found in WinRAR. By exploiting this vulnerability malicious users can execute arbitrary code with WinRAR privileges. This vulnerability can be exploited remotely via a specially designed archive. Technical details This vulnerability related to two WinRAR functions:one...
KLA10724 Code execution vulnerability in Foxit products
Multiple use-after-free vulnerabilities were found in Foxit products. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed PDF document. Technical details Vulnerabilities related to Print method an...
KLA10722 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Integer overflow at WebCursor can be exploited remotely via a specially designe...
KLA10723 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list ...
KLA10721 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory corruption issues could be exploit...
KLA10719 Multiple vulnerabilities in Microsoft VBScript
Memory handling vulnerabilities were found in Microsoft VBScript. By exploiting these vulnerabilities malicious users can execute arbitrary code or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories CVE-2015-6135...
KLA10718 Code execution vulnerabilities in Microsoft Graphics Component
Improper fonts handling was found in Microsoft Graphics Component used in Multiple Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content. Original advisories CVE-2015-6108...
KLA10716 Code execution vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Improper memory handling can be exploited remotely via a specially designed content to execute arbitra...
KLA10714 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service or gain privileges. Below is a complete list of vulnerabilities 1. Improper requests parsing at Windows Domain Name System DNS can be exploited...
KLA10712 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, inject arbitrary code or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper objects handling ...
KLA10717 Multiple vulnerabilities in Microsoft Silverlight
Multiple serious vulnerabilities have been found in Microsoft Silverlight. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper requests handling can be exploited remotely via a special...
KLA10715Multiple vulnerabilities in Microsoft Windows Media Center
CVSS: 9.3 Detect date: 12/08/2015 Severity: Critical Description: An unknown vulnerabilities in Microsoft Windows Media Center can be exploited remotely via a specially designed .mcl files. Malicious attacker can execute arbitrary code or obtain sensitive information. Affected products: Microsoft...
KLA10720 Multiple vulnerabilities in Microsoft Internet Explorer & Edge
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer & Edge. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, inject or execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete...
KLA10713 Obsolete Adobe Flash Player for Windows
Obsolete version of Adobe Flash Player can be exploited via multiple vectors Technical details To read further details about this vulnerability you can look at KLA10711 Original advisories Microsoft Advisory Related products Microsoft-Windows CVE list KB list 3119147 Solution Install necessary...
KLA10711 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remote...
KLA11445 ACE vulnerability in PuTTY
Integer overflow vulnerability was found in PuTTY. Malicious users can exploit this vulnerability remotely to execute arbitrary code and cause denial of service. Original advisories PuTTY vulnerability vuln-ech-overflow Related products PuTTY CVE list CVE-2015-5309 warning Solution Update to the...
KLA10704 Multiple vulnerabilities in ARRIS cable modems.
Multiple serious vulnerabilities have been found in ARRIS cable modems. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities: 1. Predictable technician password can be exploited remotely to gain technician...
KLA10703 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper array elements...
KLA10705 Code execution vulnerabilities in Tibbo AggreGate.
Successful exploitation of the identified vulnerabilities may allow an attacker to execute arbitrary code and commands. 1. Unknown vulnerability at Ice Faces servlet allows remote attackers to upload and execute arbitrary Java code via a specially designed XML document; 2. Unknown vulnerability...
KLA10702 Code execution vulnerability in Google Picasa
Integer overflow was found in Google Picasa. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed CAMF section in FOVb image. Original advisories - CVE list CVE-2015-8221 critical Solution Update to the...
KLA11273 Adobe Acrobat X and Adobe Reader X end of life
Adobe announced the end of support of Adobe Acrobat X and Adobe Reader X. Users should immediately make transition to Adobe Acrobat DC and Adobe Acrobat Reader DC. Original advisories Adobe Acrobat X and Adobe Reader X End of Support Related products Adobe-Reader-X Adobe-Acrobat-X CVE list Soluti...
KLA10692 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player for Internet explorer. For details look at KLA10690. Original advisories Microsoft Advisory Related products Microsoft-Windows CVE list KB list 3103688 Solution Install necessary updates from the KB section, that are listed in...
KLA11373 Code execution vulnerability in OpenOffice
Lack of bookmarks restrictions was found in OpenOffice. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DOC file. Technical details To exploit this vulnerability attacker...
KLA10700 Code execution vulnerability in LibreOffice
Lack of bookmarks restrictions was found in LibreOffice & OpenOffice. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DOC file. Technical details To exploit this...
KLA10690 Multiple vulnerabilities in Adobe products
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Type confusion vulnerability can be exploited to execute arbitrary code; ...