KLA10527 Multiple vulnerabilities in different versions of Xen

Multiple serious vulnerabilities have been found in Xen. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. Unknown vulnerability can be exploited remotely via a logger or domctl manipulation...

KLA10526 Multiple vulnerabilities in SAP products

Multiple serious vulnerabilities have been found in SAP products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Buffer overflow and improper access...

KLA10528 Code injection vulnerability in pfsense

Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface. Original advisories pfSense advisory...

KLA10524 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or have other unknown impact. Below is a complete list of vulnerabilities 1. Improper IPC interaction handling can be exploited...

KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Firefox before 37.0, Mozilla Firefox ESR 31.x before 31.6, Mozilla Thunderbird before 31.6. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause a denial of service heap memory corruption and bypass an...

KLA10520 Multiple vulnerabilities in HP Operations Orchestration

An unspecified vulnerabilities were found in HP Operations Orchestration. By exploiting these vulnerabilities malicious users can bypass authentication,obtain sensitive information or modify data. These vulnerabilities can be exploited remotely via an unknown vector. Original advisories HP securi...

KLA10523 Multiple vulnerabilities in IBM SAM

Lack of unicast respond restrictions was found in IBM SAM. By exploiting this vulnerability malicious users cause denial of service or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed packets. Original advisories IBM advisory Related products...

KLA10521 Denial of service vulnerability in Shibboleth SP

An unspecified vulnerability was found in Shibboleth SP. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed SAML message. Original advisories Shibboleth advisory Related products...

KLA10519 Multiple vulnerabilities in FreeXL

An unspecified vulnerability was found in FreeXL. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed workbook. Original advisories - Related products FreeXL CVE list...

KLA10529 Multiple vulnerabilities in HP iLO

An unspecified vulnerabilities were found in KP iLO. By exploiting these vulnerabilities malicious users can gain privileges, bypass security restrictions, cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via an unknwon versions. Original advisori...

KLA10516 Denial of service vulnerability in MongoDB

An unspecified vulnerability was found in MongoDB. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed string in BSON request. Original advisories MongoDB JIRA Related products MongoDB CVE list...

KLA10513 Denial of service vulnerability in Foxit products

An unspecified vulnerability was found in Foxit products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed GIF image. Original advisories Foxit bulletins Exploitation Public exploits exist for this...

KLA10517 Privilege escalation in Foxit Reader

Search path vulnerability was found in Foxit Reader Cloud plugin. By exploiting this vulnerability malicious users gain privileges. This vulnerability can be exploited locally via files manipulation. Original advisories Foxit bulletins Exploitation Public exploits exist for this vulnerability...

KLA10515 Multiple vulnerabilities in PHP and extensions

Multiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be exploited remotely via a specially designed year...

KLA10514 Multiple vulnerabilities in PHP and plugins

Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to inject or execute arbitrary code, bypass security restrictions or cause denial of service. Below is a complete list of vulnerabilities 1. Multiple use-after-free vulnerabilities can be...

KLA10508 Multiple vulnerabilities in Schneider Electric products

Multiple serious vulnerabilities have been found in Schneider Electric products. Malicious users can exploit these vulnerabilities to obtain sensitive information orbypass security restrictions. Below is a complete list of vulnerabilities 1. Improper credentials storing and transmitting can be...

KLA10512 Multiple vulnerabilities in Johnson Controls Metasys

An unspecified vulnerabilities were found in Johnson Controls Metasys. By exploiting this vulnerability malicious users can execute arbitrary code or obtain sensitive information. These vulnerabilities can be exploited remotely via a speciaaly designed POST request or shell script. Original...

KLA11444 OSI vulnerability in PuTTY

Information exposure vulnerability was found in PuTTY. Malicious users can exploit this vulnerability locally to obtain sensitive information. Original advisories PuTTY vulnerability private-key-not-wiped-2 Related products PuTTY CVE list CVE-2015-2157 warning Solution Update to the latest versio...

KLA10509 Multiple vulnerabilities in McAfee DLPe

Multiple serious vulnerabilities have been found in McAfee DLPe. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, inject arbitrary code or write local files. Below is a complete list of vulnerabilities 1. XSS...

KLA10522 Multiple vulnerabilities in Citrix CC

Multiple serious vulnerabilities have been found in Citrix Controle Center. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper access restrictions can be exploited remotely via an...

KLA10510 Multiple vulnerabilities in Cisco IOS

An unspecified vulnerabilities were found in multiple versions of Cisco IOS. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed packets or messages. Original advisories -...

KLA10506 Multiple vulnerabilities in Websense products

Multiple serious vulnerabilities have been found in Websense products. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute or inject arbitrary code, spoof user interface and read or write arbitrary files. Below is a complete lis...

KLA10483 Code execution vulnerability in Apache Standard Taglib

An unspecified vulnerability was found in Apache Standard Taglibs. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed XSLT extension. Original advisories - Related products Standard-Taglibs CVE list...

KLA10497 Security bypass vulnerability in IBM Rational ClearQuest

Cross site reference forgery was found in IBM Rational ClearQuest. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via a auth hijack. Original advisories - Related products IBM-Rational-ClearQuest CVE list CVE-2014-89...

KLA10498 Denial of service vulnerabilities in tcpdump

Multiple serious vulnerabilities have been found in tcpdump. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via a specially designed packets and other unknown vectors; ...

KLA10496 Denial of service vulnerability in Apache Xerces

An unspecified vulnerability was found in Apache Xerces-C. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed XML data. Original advisories Apache bulletin Exploitation Public exploits exist for this...

KLA10503 Multiple vulnerabilities in IBM products

Multiple serious vulnerabilities have been found in IBM products. Below is a complete list of vulnerabilities 1. Improper WAR applications support in IBM Bluemix can be exploited remotely via unspecified vectors related to Java overlay feature; 2. Improper API access restrictions in IBM API...

KLA10488 Code injection vulnerabilities in IBM BPM

An unspecified vulnerabilities were found in IBM BPM. By exploiting these vulnerabilities malicious users inject arbitrary web script. This vulnerability can be exploited remotely via a specially designed URL or vectors related to data fields. Original advisories - Related products...

KLA10487 Multiple vulnerabilities in IBM GPFS

Multiple serious vulnerabilities have been found in IBM GPFS. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be...

KLA10489 Multiple vulnerabilities in IBM PowerVC

Multiple vulnerabilities have been found in IBM PowerVC. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper certificate validation can be exploited remotely via a specially designed...

KLA10495 Multiple vulnerabilities in Asus RT-G32 router

Multiple serious vulnerabilities have been found in Asus RT-G32. Malicious users can exploit these vulnerabilities to inject arbitrary code or hijack administrator authentication. Multiple XSS and CSRF vulnerabilities can be exploited remotely via vectors related to startapply.htm Original...

KLA10499 Code execution vulnerability in NSIS

Lack of certificates verification was found in NSIS. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed certificate. Original advisories - Related products Nullsoft-Scriptable-Install-System CVE list...

KLA10477 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

An unspecified vulnerability was found in Mozilla products. By exploiting this vulnerability malicious users execute arbitrary code or gain privileges. This vulnerability can be exploited remotely via a SVG navigation or vectors related to Java-Script JIT. Original advisories MFSA Related product...

KLA10490 Denial of service vulnerability in Cisco IOS

An unspecified vulnerability was found in Cisco IOS. By exploiting this vulnerability malicious users can modify settings or cause denial of service. This vulnerability can be exploited remotely via a specially designed AN messages. Original advisories Cisco alert Related products Cisco-IOS CVE...

KLA10478 Denial of service vulnerability in X.Org libXfont

Improper type conversion and bitmaps handling was found in X.Org libXfont. By exploiting this vulnerability malicious users can execute arbitrary code or cause denial of service. This vulnerability can be exploited remotely via a specially designed BDF font file. Original advisories X.Org advisor...

KLA10493 Code execution vulnerability in Fortinet SSO

Stack based buffer overflow was found in FSSO. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message. Original advisories Fortinet advisory Exploitation Public exploits exist for this vulnerabilit...

KLA10504 Multiple vulnerabilities in Cisco products

Multiple serious vulnerabilities have been found in Cisco products. Below is a complete list of vulnerabilities 1. Improper serial port restrictions in Cisco Virtual TelePresence Server Software can be exploited locally via a specially designed OS commands; 2. An unknown vulnerability in Cisco CS...

KLA10479 Multiple vulnerabilities in OpenSSL

Multiple serious vulnerabilities have been found in OpenSSL. Malicious users can exploit these vulnerabilities to caused denial of service or bypass security restrictions. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via a specially designed...

KLA10465 Multiple vulnerabilities in MyBB

Multiple serious vulnerabilities have been found in MyBB. Malicious users can exploit these vulnerabilities to obtain sensitive information or conduct cross site scrtipting. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via vectors related to...

KLA10466 Multiple vulnerabilities in Apple Safari

Multiple vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to . Below is a complete list of vulnerabilities 1. Inconsistent URL diaplsying can be exploited remotely via a specially designed URL; 2. Unknown vulnerabilities can be exploited remotely...

KLA10491 Multiple vulnerabilities in WordPress plugins

Multiple serious vulnerabilities have been found in WordPress plugins and themes. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code, bypass security and read local files. Below is a complete list of vulnerabilities 1. Multiple XSS vulnerabilities were found in...

KLA10481 Multiple vulnerabilities in WordPress SEO plugin

Multiple CSRF and SQL injection vulnerabilities were found in WordPress SEO plugin. These vulnerabilities can be exploited remotely via vectors related to wpseobulk-editor page. Original advisories Plugin changelog Exploitation Public exploits exist for this vulnerability. Related products...

KLA10482 Multiple vulnerabilities in Cisco AnyConnect SMC

Multiple serious vulnerabilities have been found in Cisco AnyConnect Secure Mobility Client. Malicious users can exploit these vulnerabilities to gain privileges or write arbitrary files. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited locally via a...

KLA10480 Security bypass in Linux Kernel

Race condition was found in Linux Kernel. By exploiting this vulnerability malicious users bypass security restrictions. This vulnerability can be exploited locally via manipulating with handlebytes value. Original advisories - Related products Linux-Kernel CVE list CVE-2015-1420 warning Solution...

KLA10502 Multiple vulnerabilities in BACnet OPC Server

Multiple critical vulnerabilities have been found in BACnet OPC Server. Malicious users can exploit these vulnerabilities to execute arbitrary files and read&write local database. Below is a complete list of vulnerabilities 1. An unknwon vulnerabilities can be exploited remotely via unknown vecto...

KLA10462 Multiple vulnerabilities in Adobe Flash Player

Multiple critical vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. An unspecified vulnerability can be exploited locally via type...

KLA10471 Multiple vulnerabilities in VBScript engine

An unspecified vulnerability was found in VBScript engine. By exploiting this vulnerability malicious users execute arbitrary code or cause denial of service. This vulnerability can be exploited remotely via a specially designed web site. Original advisories Microsoft advisory CVE-2015-0032 Relat...

KLA10473 Code execution vulnerability in Microsoft products

Lack of authentication control was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed UNC share. Original advisories MS advisory CVE-2015-0008 Related products...

KLA10468 Multiple vulnerabilities in Microsoft products

Multiple critical vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory allocation and some other...

KLA10472 Multiple vulnerabilities in Internet Explorer

Multiple critical vulnerabilities have been found in Internet Explorer. Malicious users can exploit these vulnerabilities to gain privilleges, execute arbitrary code, cause denial of service, inject arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. XSS...