KLA10651 Code injection vulnerability in VLC Media Player

Lack of content restrictions was found in VLC Media Player. By exploiting this vulnerability malicious users can inject arbitrary code. This vulnerability can be exploited remotely via a specially designed URL. Technical details There is lack of URL neutralization in error page generator at VLC w...

KLA10649 Denial of service vulnerabilities in Wireshark

An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet. Technical details This vulnerability related to next conditions...

KLA10648 Multiple vulnerabilities in Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to Bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory corruption...

KLA10644 Privelege escalation vulnerability in Microsoft .NET Framework

An improper optimization at RyuJIT were found in Microsoft .NET Framework. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited remotely via a specially designed .NET application. Technical details This vulnerability caused by improper...

KLA10645 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a...

KLA10643 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, conduct CSS attack, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Several...

KLA10650 Multiple vulnerabilities in Adobe products

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Type confusion, use-after-free, multiple overflows and memory corruption could...

KLA10647 Privilege escalation vulnerability in Microsoft System Center

Improper validation input was found in Microsoft System Center. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed website. Original advisories CVE-2015-2420 Related products...

KLA10646 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper OGL,...

KLA10642 Obtain sensitive information vulnerability in Mozilla Firefox and Firefox ESR

An unspecified vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via vectors related ti PDF viewer. Technical details There are way to bypass same origin policy and inject...

KLA10636 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service or and obtain sensitive information via specially crafted JavaScript code, specially crafted web site, unspecified linear-time attack, crafted XML data...

KLA10640 Multiple vulnerabilities in Apache HTTP Server

Multiple serious vulnerabilities have been found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities 1. Stack recursion crash in the modlua module in the luarequest.c file in luawebsocketread function c...

KLA10635 RCE vulnerability in Microsoft Font Driver

A remote code execution vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can take complete control of the affected system. This vulnerability can be exploited remotely via a specially crafted OpenType fonts. Original advisories CVE-2015-2426...

KLA10641 Multiple vulnerabilities in HP System Management Homepage

Multiple serious vulnerabilities have been found in HP System Management Homepage. Malicious users can exploit remotely these vulnerabilities to cause a denial of service, execution of arbitrary code, unauthorized modifications and access, disclosure of information and CSRF cross-site request...

KLA10639 Multiple vulnerabilities in Oracle products

Multiple vulnerabilities were found in Oracle Supply Chain Products Suite, Oracle Database Server, Oracle Commerce Platform and Oracle Enterprise Manager. By exploiting this vulnerability malicious users can affect confidentiality, integrity and availability. This vulnerabilities can be exploited...

KLA10638 Multiple vulnerabilities in Oracle MySQL

Unspecified vulnerabilities were found in MySQL Server. Malicious users can exploit these vulnerabilities to affect confidentiality,integrity and availability via unknown vectors related to Partition, DML, GIS and RBR. Original advisories Oracle Critical Patch Update Advisory Related products MyS...

KLA10637 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via a specially crafted packet trace file. Below is a complete list of vulnerabilities 1. The deemergnumlist function and the debcdnum function in...

KLA10629 Multiple vulnerabilities in Oracle Java SE

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can cause denial of service, affect integrity and obtain sensitive information. These vulnerabilities can be exploited remotely via vectors related to 2D, CORBA, JMX, Libraries, RMI,...

KLA10627 Flash Player update for Google Chrome

Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10626. Original advisories Google Chrome blog entry Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...

KLA10632 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft office. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can ...

KLA10626 Code execution vulnerability in Adobe Flash Player

Use-after-free and memory corruption vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via an unknown vectors. Original advisories Adobe advisory Exploitation Public...

KLA10630 Multiple vulnerabilities in Oracle VM VirtualBox

An unspecified vulnerabilities were found in Oracle VM VirtualBox. By exploiting these vulnerabilities malicious users can affect integrity, cause denial of service and obtain sensitive information. These vulnerabilities can be exploited locally via an unknown vectors. Original advisories Oracle...

KLA10633 code execution vulnerability in Microsoft VBScript

An unspecified vulnerability was found in Microsoft VBScript. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web site. Original advisories CVE-2015-2372 Related products...

KLA10631 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Unknown vulnerability can b...

KLA10634 Multiple vulnerabilities in Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to read local files, cause denial of service, bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information. Below is a comple...

KLA10628 Multiple vulnerabilities in Adobe Acrobat

Multiple serious vulnerabilities have been found in Adobe Acrobat. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...

KLA10625 Code execution vulnerability in Adobe Shockwave Player

An unspecified vulnerability was found in Adobe Shockwave Player. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via an unknown vectors. Original advisories Adobe advisory Related products Adobe-Shockwave-Player CVE list...

KLA10624 Privelege escalation vulnerability in VMware products

An unspecified vulnerability was found in VMware products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a thread manipulations. Original advisories VMware advisory Related products VMware-Workstation VMware-Player...

KLA10623 Multiple vulnerabilities in Adobe products

Multiple critical vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...

KLA10622 Multiple vulnerabilities in Mozilla products

Multiple serious vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory...

KLA10621 Multiple vulnerabilities in Apple QuickTime

Memory corruption vulnerabilities were found in Apple QuickTime. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed file. Original advisories Apple advisory Related...

KLA10620 Multiple vulnerabilities in Apple iTunes

Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a man-in-the-middle attack at vectors related to iTunes Store...

KLA10619 Code execution vulnerability in Adobe Flash Player

Buffer overflow was found in Adobe Flash Player. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via an unspecified vectors. Original advisories Adobe bulletin Exploitation Malware exists for this vulnerability. Usually suc...

KLA10618 Information disclosure vulnerability in cURL

Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability related to SMB can be exploited remotely via specially designed length and offset...

KLA10617 Bypass security restrictions vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper DNS hostnames handling can be exploited remotely via a specially designed hostname string; ...

KLA10595 Flash Player update for Google Chrome

Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10593. Original advisories Google blog record Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details...

KLA10594 Multiple vulnerabilities in Microsoft Internet Explorer

An unspecified vulnerabilities were found in Microsoft Internet Explorer. By exploiting these vulnerabilities malicious users can gain privileges or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories Microsoft bulletin...

KLA10597 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory allocation can be exploited locally via an unknown vectors; 2...

KLA10600 Code execution vulnerability in Microsoft Office

Improper memory handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed file. Original advisories Microsoft Advisory CVE-2015-1759 CVE-2015-1770 CVE-2015-1760...

KLA10599 Multiple vulnerabilities in Microsoft Products

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Incorrect memory initialization can be exploited...

KLA10596 Code execution vulnerability in Windows Media Player

An unspecified vulnerability was found in Windows Media Player. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DataObject. Original advisories Microsoft bulletin CVE-2015-1728 Related products...

KLA10593 Multiple vulnerabilities in Adobe products

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. A...

KLA10598 Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper same-origin policy handling can be exploited remotely via a...

KLA10592 Denial of service vulnerability in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or conduct some other impact. Below is a complete list of vulnerabilities 1. Double free vulnerability can be exploited remotely via SSL session...

KLA11367 Information disclosure vulnerability in CCleaner

Vulnerability related to writing the filenames to disk was found in CCleaner. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2015-3999 Related products CCleaner CVE list CVE-2015-3999 warning Solution Update to the latest version CCleaner...

KLA10585 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, conduct cross-scripting attack, cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilitie...

KLA10653 Code execution vulnerability in QuickTime

An unspecified vulnerability was found in QuickTime. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Original advisories Apple advisory Related products...

KLA10575 Multiple vulnerabilities in Adobe products

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Use-after-free, buffer overflow, memory leak and...

KLA10580 Multiple vulnerabilities in Microsoft products

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown...

KLA10577 Arbitrary code execution vulnerabilities in Windows Journal

An unspecified vulnerabilities were found in Windows products. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Journal file. Original advisories Microsoft Advisory CVE-2015-1697 CVE-2015-1696...