3996 matches found
KLA10680 Code execution vulnerability in Adobe Flash Player
Multiple type confusion vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed SWF file or other unknown vectors. Technical details This vulnerability...
KLA10677 Multiple vulnerabilities in Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memo...
KLA10676 Multiple vulnerabilities in Microsoft JScript and VBScript
Multiple serious vulnerabilities have been found in Microsoft JScript and VBScript. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improperly handling objects...
KLA10679 Multiple vulnerabilities in Adobe Flash Player & AIR
Multiple serious vulnerabilities have been found in Adobe Flash Player & AIR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be...
KLA10678 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper DOM tree workaround at Blink can be...
KLA10682 Multiple vulnerabilities in Adobe Acrobat and Reader
Multiple serious vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited via specially designe...
KLA10675 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...
KLA10674 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper information...
KLA10686 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited via a specially designed user inpu...
KLA10673 Security bypass vulnerabilties at Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper method restrictions at Google V8 can be exploited remotely via a specially designed method...
KLA11454 Multiple vulnerabilities in SeaMonkey
Multiple vulnerabilities were found in SeaMonkey. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. Multiple memory corruption vulnerabilities...
KLA10672 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, impact local files, execute arbitrary code or obtain sensitive information. Below...
KLA10671 Flash Player update for Google Chrome
Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10670. Original advisories Blog entry Exploitation Public exploits exist for this vulnerability. Related products Google-Chrome CVE list CVE-2015-5573 critical CVE-2015-5574 critical CVE-2015-5575 critica...
KLA10670 Multiple vulnerabilities in Adobe products
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Type confusion,...
KLA10665 Obtain sensitive information vulnerability in VMware vCenter Server
Improper certificate validation was found in VMware vCenter Server. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a traffic interception. Technical details This vulnerability can be exploited when vCenter Server...
KLA10669 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities have been found in iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory corruptions at CoreText, WebKit and ICU...
KLA10668 File access vulnerability in QlikTech QlikView
XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data. Original advisories - Exploitation Public exploits exist for this...
KLA10666 Code execution vulnerability in Corel WordPerfect
An unspecified vulnerability was found in Corel WordPerfect. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed Microsoft Word document. Original advisories ZDI advisory Related products...
KLA10664 Code execution vulnerability in Yahoo! Messenger
Buffer overflow vulnerability was found in Yahoo! Messenger. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed emoticons.xml file. Technical details Vulnerability caused by...
KLA10656 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows and related products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Imprope...
KLA10658 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper web request handling at Outlook Web Access can be...
KLA10661 Multiple vulnerabillities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or conduct XSS attack. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a specially design...
KLA10663 Code execution vulnerability in Adobe Shockwave Player
An unspecified vulnerabilities were found in Adobe Shockwave Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via an unknown vectors. Original advisories Adobe Advisory Related products Adobe-Shockwave-Player C...
KLA10657 Multiple vulnerabilities in Microsoft communication services
Improper content sanitization at jQuery engine and other vectors were found in Lync Server and Skype for Business Server. By exploiting these vulnerabilities malicious users can gain privileges or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially design...
KLA10662 Multiple vulnerabilities in Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Internet Explorer. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory objects access at VBScript and JScrip...
KLA10660Code execution vulnerability in Microsoft Windows Media Center
CVSS: 9.3 Detect date: 09/08/2015 Severity: Critical Description: Lack of .mcl Media Center Link files handling restrictions was found in Windows Media Center. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially...
KLA10659 Multiple vulnerabilities in Microsoft .NET Framework
Multiple serious vulnerabilities have been found in .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. Improper memory objects validation can be exploited...
KLA10803 VMware Workstation 10.x end of life
VMware announced the end of support for VMware Workstation 10.x. Users should immediately make transition to VMware Workstation 11.x or later Original advisories https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/product-lifecycle-matrix.pdf Related products...
KLA10655 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Lack of content...
KLA10654 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Use-after-free vulnerability can be exploited remotely...
KLA10652 Code execution vulnerability in Internet Explorer
An improper memory objects handling was found in Internet Explorer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website. Original advisories CVE-2015-2502 Related products...
KLA10651 Code injection vulnerability in VLC Media Player
Lack of content restrictions was found in VLC Media Player. By exploiting this vulnerability malicious users can inject arbitrary code. This vulnerability can be exploited remotely via a specially designed URL. Technical details There is lack of URL neutralization in error page generator at VLC w...
KLA10645 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a...
KLA10643 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, conduct CSS attack, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Several...
KLA10647 Privilege escalation vulnerability in Microsoft System Center
Improper validation input was found in Microsoft System Center. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed website. Original advisories CVE-2015-2420 Related products...
KLA10644 Privelege escalation vulnerability in Microsoft .NET Framework
An improper optimization at RyuJIT were found in Microsoft .NET Framework. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited remotely via a specially designed .NET application. Technical details This vulnerability caused by improper...
KLA10648 Multiple vulnerabilities in Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to Bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple memory corruption...
KLA10646 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper OGL,...
KLA10650 Multiple vulnerabilities in Adobe products
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Type confusion, use-after-free, multiple overflows and memory corruption could...
KLA10649 Denial of service vulnerabilities in Wireshark
An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet. Technical details This vulnerability related to next conditions...
KLA10642 Obtain sensitive information vulnerability in Mozilla Firefox and Firefox ESR
An unspecified vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via vectors related ti PDF viewer. Technical details There are way to bypass same origin policy and inject...
KLA10640 Multiple vulnerabilities in Apache HTTP Server
Multiple serious vulnerabilities have been found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities 1. Stack recursion crash in the modlua module in the luarequest.c file in luawebsocketread function c...
KLA10636 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service or and obtain sensitive information via specially crafted JavaScript code, specially crafted web site, unspecified linear-time attack, crafted XML data...
KLA10641 Multiple vulnerabilities in HP System Management Homepage
Multiple serious vulnerabilities have been found in HP System Management Homepage. Malicious users can exploit remotely these vulnerabilities to cause a denial of service, execution of arbitrary code, unauthorized modifications and access, disclosure of information and CSRF cross-site request...
KLA10635 RCE vulnerability in Microsoft Font Driver
A remote code execution vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can take complete control of the affected system. This vulnerability can be exploited remotely via a specially crafted OpenType fonts. Original advisories CVE-2015-2426...
KLA10639 Multiple vulnerabilities in Oracle products
Multiple vulnerabilities were found in Oracle Supply Chain Products Suite, Oracle Database Server, Oracle Commerce Platform and Oracle Enterprise Manager. By exploiting this vulnerability malicious users can affect confidentiality, integrity and availability. This vulnerabilities can be exploited...
KLA10637 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via a specially crafted packet trace file. Below is a complete list of vulnerabilities 1. The deemergnumlist function and the debcdnum function in...
KLA10638 Multiple vulnerabilities in Oracle MySQL
Unspecified vulnerabilities were found in MySQL Server. Malicious users can exploit these vulnerabilities to affect confidentiality,integrity and availability via unknown vectors related to Partition, DML, GIS and RBR. Original advisories Oracle Critical Patch Update Advisory Related products MyS...
KLA10627 Flash Player update for Google Chrome
Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10626. Original advisories Google Chrome blog entry Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...
KLA10632 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft office. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can ...