3996 matches found
KLA10563 Multiple vulnerabilities in Drupal modules
Multiple serious vulnerabilities have been found in Drupal modules. Malicious users can exploit these vulnerabilities to bypass security restrictions, inject arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Open redirect vulnerabilities in Commerce...
KLA10554 Denial of service vulnerability in Mozilla Firefox
Race condition was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service or other unknown impact. This vulnerability can be exploited remotely via an unknown vectors related to plugins. Original advisories MFSA Related products Mozilla-Firefox CVE...
KLA10553 Denial of service vulnerabilities in Oracle MySQL
An unspecified vulnerabilities were found in Oracle MySQL. By exploiting these vulnerabilities malicious users can affect availability. These vulnerabilities can be exploited remotely via an unknown vectors related to InnoDB, Federated, DDL, Partition, SP, XA, Encryption and other unknown vectors...
KLA10555 Denial of service vulnerability in Hyper-V
An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed application. Original advisories MS advisory CVE-2015-1647 Related products...
KLA10572 Multiple vulnerabilities in Lenovo System Update
Multiple serious vulnerabilities have been found in Lenovo System Update. Malicious users can exploit these vulnerabilities to bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. Lack of command piping restrictions can be exploited locally via named pip...
KLA10561 Code injection vulnerability in Microsoft Sharepoint
An XSS vulnerabilities were found in Microsoft Sharepoint. By exploiting these vulnerabilities malicious users can inject arbitrary scripts. These vulnerabilities can be exploited remotely via a specially designed request. Original advisories MS15-036 CVE-2015-1653 CVE-2015-1640 Related products...
KLA10557 Security bypass vulnerability in Active Directory
Improper logoff handling was found in Microsoft Active Directory. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via workstation manipulations. Original advisories MS15-040 CVE-2015-1638 Related products...
KLA10556 Obtain sensitive information vulnerability in .NET Framework
An unspecified vulnerability was found in Microsoft .NET. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories MS15-041 CVE-2015-1648 Related products...
KLA10558 Obtain sensitive information vulnerability in MSXML
An unspecified vulnerability was found in Microsoft XML Core Services. By exploiting this vulnerability malicious users can bypass security restrictions or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed DTD. Original advisories MS15-039...
KLA10546 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, cause denial of service or possible execute arbitrary code. Below is a complete list of vulnerabilities 1. Unknown...
KLA10560 Privilege escalation vulnerability in Microsoft products
An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed task. Original advisories MS15-037 CVE-2015-0098 Related products Microsoft-Windows-7...
KLA10559 Privileges escalation in Microsoft products
Multiple improper impersonation levels handling were found in Microsoft products. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited locally via a specially designed application. Original advisories MS15-038 CVE-2015-1643 CVE-2015-1644...
KLA10549 Code execution vulnerability in Microsoft GC
An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed EMF image. Original advisories MS15-035 CVE-2015-1645 Related products...
KLA10552 Code execution vulnerabilities in Internet Explorer
Multiple unspecified vulnerabilities were found in Microsoft Internet Explorer. By exploiting these vulnerabilities malicious users can execute arbitrary code or cause denial of service. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories MS15-03...
KLA10550 Code execution vulnerability in Microsoft HTTPS.sys
An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTTP request. Original advisories MS15-034 CVE-2015-1635 Exploitation Public exploits...
KLA10547 Multiple vulnerabilities in Adobe Flash Player
Memory corruption, buffer overflow, use-after-free, double free and memory leak vulnerabilities were found in Adobe Flash. By exploiting these vulnerabilities malicious users can bypass security restrictions, execute arbitrary code or obtain sensitive information. These vulnerabilities can be...
KLA10548 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, availability and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, Hotspot, JavaFX, Delpoyment, Tools, JSSE,...
KLA10551 Code execution vulnerabilities in Microsoft Office
Use-after-free, XSS and aother unspecified vulnerabilities were found in Microsoft products. By exploiting these vulnerabilities malicious users can execute or inject arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Office document. Original advisories...
KLA10545 Multiple vulnerabilities in MediaWiki and extensions
Multiple serious vulnerabilities have been found in MediaWiki. Malicious users can exploit these vulnerabilities to bypass security restrictions, inject arbitrary code, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. Unknown vulnerability ca...
KLA10541 Multiple vulnerabilities in Juniper Junos
Multiple serious vulnerabilities have been found in Juniper Junos. Malicious users can exploit these vulnerabilities to gainprivileges, execute arbitrary code orspoof user interface. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via unspecified vectors...
KLA10540 Multiple vulnerability in Apple OS X
Multiple serious vulnerabilities have been found in Apple OS X. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Unsaf...
KLA10538 Multiple vulnerabilities in McAfee ATD
Multiple serious vulnerabilities have been found in McAfee ATD. Malicious users can exploit these vulnerabilities to obtain sensitive information or bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper access restrictions and other unknown vulnerabilities can be...
KLA10539 Multiple vulnerabilities in Open-source ARJ archiver
Buffer overflow, improper strings restriction and other unknown vulnerabilities were found in Open-source ARJ archiver. By exploiting these vulnerabilities malicious users can cause denial of service, execute arbitrary code or write to arbitrary local files. These vulnerabilities can be exploited...
KLA10537 Multiple vulnerabilities in CA Spectrum
Multiple serious vulnerabilities have been found in CA Spectrum. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities 1. Improper data serialization can be exploited remotely via a specially designed Java object...
KLA10531 Security bypass vulnerabilities in Mozilla Firefox
Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities 1. Lack of privileges restrictions can be exploited remotely via vectors related to reader mode. Firefox for...
KLA10534 Sensitive information obtain vulnerabilities in Siemens SIMATIC STEP
Improper password store and other uncnown vulnerability were found in SIMATIC STEP 7. By exploiting these vulnerabilities malicious users can obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors. Original advisories Siemens advisory Related products...
KLA10533 Multiple vulnerabilities in IBM domino
Multiple serious vulnerabilities have been found in IBM Domino. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. Unknown vulnerability can be exploited locally via an unknown...
KLA10532 Denial of service vulnerabilities in Cisco Unity Connection
An unspecified vulnerabilities were found in Cisco Unity Connector. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via SIP messages, sessions and connections manipulation. Original advisories Cisco advisory Related...
KLA10536 Multiple vulnerabilities in Citrix NetScaler
Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed...
KLA10535 Multiple vulnerabilities in Inductive Automation Ignition
Multiple serious vulnerabilities have been found in Inductive Automation Ignition. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or inject arbitrary code. Below is a complete list of vulnerabilities 1. Improper passwords handling c...
KLA10530 JRE update for multiple VMware products
Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...
KLA10527 Multiple vulnerabilities in different versions of Xen
Multiple serious vulnerabilities have been found in Xen. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Unknown vulnerability can be exploited remotely via a logger or domctl manipulation...
KLA10528 Code injection vulnerability in pfsense
Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface. Original advisories pfSense advisory...
KLA10524 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or have other unknown impact. Below is a complete list of vulnerabilities 1. Improper IPC interaction handling can be exploited...
KLA10526 Multiple vulnerabilities in SAP products
Multiple serious vulnerabilities have been found in SAP products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Buffer overflow and improper access...
KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Firefox before 37.0, Mozilla Firefox ESR 31.x before 31.6, Mozilla Thunderbird before 31.6. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause a denial of service heap memory corruption and bypass an...
KLA10520 Multiple vulnerabilities in HP Operations Orchestration
An unspecified vulnerabilities were found in HP Operations Orchestration. By exploiting these vulnerabilities malicious users can bypass authentication,obtain sensitive information or modify data. These vulnerabilities can be exploited remotely via an unknown vector. Original advisories HP securi...
KLA10519 Multiple vulnerabilities in FreeXL
An unspecified vulnerability was found in FreeXL. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed workbook. Original advisories - Related products FreeXL CVE list...
KLA10521 Denial of service vulnerability in Shibboleth SP
An unspecified vulnerability was found in Shibboleth SP. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed SAML message. Original advisories Shibboleth advisory Related products...
KLA10529 Multiple vulnerabilities in HP iLO
An unspecified vulnerabilities were found in KP iLO. By exploiting these vulnerabilities malicious users can gain privileges, bypass security restrictions, cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via an unknwon versions. Original advisori...
KLA10523 Multiple vulnerabilities in IBM SAM
Lack of unicast respond restrictions was found in IBM SAM. By exploiting this vulnerability malicious users cause denial of service or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed packets. Original advisories IBM advisory Related products...
KLA10513 Denial of service vulnerability in Foxit products
An unspecified vulnerability was found in Foxit products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed GIF image. Original advisories Foxit bulletins Exploitation Public exploits exist for this...
KLA10516 Denial of service vulnerability in MongoDB
An unspecified vulnerability was found in MongoDB. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed string in BSON request. Original advisories MongoDB JIRA Related products MongoDB CVE list...
KLA10517 Privilege escalation in Foxit Reader
Search path vulnerability was found in Foxit Reader Cloud plugin. By exploiting this vulnerability malicious users gain privileges. This vulnerability can be exploited locally via files manipulation. Original advisories Foxit bulletins Exploitation Public exploits exist for this vulnerability...
KLA10515 Multiple vulnerabilities in PHP and extensions
Multiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be exploited remotely via a specially designed year...
KLA10514 Multiple vulnerabilities in PHP and plugins
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to inject or execute arbitrary code, bypass security restrictions or cause denial of service. Below is a complete list of vulnerabilities 1. Multiple use-after-free vulnerabilities can be...
KLA10508 Multiple vulnerabilities in Schneider Electric products
Multiple serious vulnerabilities have been found in Schneider Electric products. Malicious users can exploit these vulnerabilities to obtain sensitive information orbypass security restrictions. Below is a complete list of vulnerabilities 1. Improper credentials storing and transmitting can be...
KLA10512 Multiple vulnerabilities in Johnson Controls Metasys
An unspecified vulnerabilities were found in Johnson Controls Metasys. By exploiting this vulnerability malicious users can execute arbitrary code or obtain sensitive information. These vulnerabilities can be exploited remotely via a speciaaly designed POST request or shell script. Original...
KLA11444 OSI vulnerability in PuTTY
Information exposure vulnerability was found in PuTTY. Malicious users can exploit this vulnerability locally to obtain sensitive information. Original advisories PuTTY vulnerability private-key-not-wiped-2 Related products PuTTY CVE list CVE-2015-2157 warning Solution Update to the latest versio...
KLA10509 Multiple vulnerabilities in McAfee DLPe
Multiple serious vulnerabilities have been found in McAfee DLPe. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, inject arbitrary code or write local files. Below is a complete list of vulnerabilities 1. XSS...