3965 matches found
KLA10176 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and other possible impact. Below is a complete list of vulnerabilities 1. Unknown vectors can be exploited remotely; 2...
KLA10615 Multiple vulnerabilities in Microsoft SQL Server
Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to cause denial of service or inject arbitrary code. Below is a complete list of vulnerabilities 1. Lack of stack memory restrictions can be exploited remotely via a special...
KLA10340 Multiple vulnerabilities in Splunk
Multiple serious vulnerabilities have been found in Splunk. Malicious users can exploit these vulnerabilities to inject arbitrary script or read local files. Below is a complete list of vulnerabilities 1. An XSS vulnerability can be exploited remotely via specially designed HTPP headers; 2. A...
KLA10098 Vulnerability in CVSNT
An unspecified vulnerability was found in CVSNT. By exploiting this vulnerability malicious users can bypass permission checks, modify directories and execute arbitrary code. This vulnerability can be exploited remotely via specially designed branching. Original advisories March Hare bulletin...
KLA10343 Multiple vulnerabilities in Stunnel
An obsolete version of OpenSSL was found in Stunnel. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely. Original advisories Stunnel changelog Exploitation Public exploits exi...
KLA10071 DoS vulnerability in Apache Subversion
An unspecified vulnerability was found in Apache Subversion. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to moddavsvn via a specially designed OPTIONS request. Original advisories Apache...
KLA10354 ACE vulnerability in Symantec Endpoint Protection
A buffer overflow was found in Symantec products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed argument. Original advisories Symantec advisory Exploitation Public exploits exist for this...
KLA10313 Vulnerability in SRWare Iron
An unspecified vulnerability was found in SRWare Iron. By exploiting this vulnerability malicious users can cause unknown impact. This vulnerability can be exploited from an unknown vector. Original advisories changelog Related products SRWare-Iron CVE list Solution Update to latest version...
KLA10400 DoS vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Improper handling of n and r symbols can be exploited remotely via a specially designed packet; 2. Improper...
KLA10442 DoS vulnerability in QuickTime
An unknown vulnerability have been found in Apple QuickTime. Vulnerability can be exploited remotely via specially designed mvhd atom. Original advisories Apple bulletin Related products Apple-QuickTime CVE list CVE-2014-4979 critical Solution Update to latest version Quicktime download Impacts D...
KLA10393 LPE & OSI vulnerabilities in Siemens Simatic WinCC
Multiple serious vulnerabilities have been found in Siemens Simatic WinCC. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unsafe encryption key can be exploited remotely via key extraction; 2...
KLA10119 Multiple vulnerabilities in Mozilla
An unspecified vulnerability was found in Clam Anti-virus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally at a point related to the OLE2 parser via a specially designed file. Below is a complete list of vulnerabilities 1...
KLA10359 Vulnerability in Tableau
An obsolete version of OpenSSL was found in Tableau. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely. Original advisories Tableau changelog Exploitation Public exploits exi...
KLA10284 Multiple vulnerabilities in Oracle VirtualBox
Unspecified vulnerabilities were found in Oracle VirtualBox. By exploiting this vulnerability malicious users can affect integrity, availability and confidentiality. This vulnerability can be exploited remotely via unknown vectors. Original advisories - Exploitation Public exploits exist for this...
KLA10507 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and availability. This vulnerability can be exploited remotely via an unknown vectors related to JavaFX, JMX, Security, Deployment, Serviceabilit...
KLA10265 Multiple vulnerabilities in MySQL
Unspecified vulnerabilities were found in MySQL Server. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and availability. These vulnerabilities can be exploited remotely at vectors related to SRCHAR, SRINFOSC and ENFED. Original advisories - Related...
KLA10290 DoS vulnerability in PHP
A use-after-free vulnerability was found in PHP. By exploiting this vulnerability malicious users can cause denial of service or cause other unspecified impact. This vulnerability can be exploited locally at a point related to SPL. Original advisories PHP bugtracker Related products PHP CVE list...
KLA10613 Denial of service vulnerability in Microsoft Service Bus
An unspecified vulnerability was found in Microsoft Service Bus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed AMQP messages. Original advisories CVE-2014-2814 Related products...
KLA10036 Multiple vulnerabilities in Adobe Flash and Adobe AIR
Multiple serious vulnerabilities have been found in Adobe Flash Player and Adobe AIR SDK. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Vectors related to unknown applications can...
KLA10450 ACE vulnerability in RealPlayer
Multiple buffer overflows was found in the RealPlayer. By using this vulnerability malicious user can execute arbitrary code. This vulnerability can be exploited remotely via specially designed MP4 file. Original advisories RealNetworks advisory Related products RealPlayer RealPlayer-Cloud CVE li...
KLA10306 ACE vulnerability in RealPlayer
A buffer overflow was found in RealPlayer. By exploiting this vulnerability malicious users can execute arbitrary files. This vulnerability can be exploited remotely via a specially designed MP4 file. Original advisories RealPlayer bulletin Related products RealPlayer CVE list CVE-2014-3113...
KLA10289 OSI vulnerability in PHP
An unspecified vulnerability was found in PHP. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely at a point related to phpinfo. Original advisories - Related products PHP CVE list CVE-2014-4721 warning Solution Update t...
KLA10242 Vulnerability in LibreOffice
Automatic macros execution was found in LibreOffice. By exploiting this vulnerability malicious users can have an unspecified impact via unspecified attack vectors. Original advisories LibreOffice bulletin Related products LibreOffice CVE list CVE-2014-0247 critical Solution Update to latest...
KLA10011 Multiple vulnerabilities in Microsoft Graphics Component
Multiple serious vulnerabilities have been found in a number of Microsoft products full list below. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to unknown vulnerabilities can...
KLA10236 ACE vulnerability in Kerio Control
An SQL injection vulnerability was found in Kerio Control. By exploiting this vulnerability malicious users can execute arbitrary SQL. This vulnerability can be exploited remotely via a specially designed php call. Original advisories Release history Exploitation Public exploits exist for this...
KLA10181 ACE vulnerability in Sketchup
Multiple critical vulnerabilities have been found in Google SketchUp. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. A buffer overflow can be exploited remotely via a specially designed BMP file; 2. The out of bounds wri...
KLA10005 Multiple Adobe Acrobat & Reader vulnerabilities
Unspecified vulnerabilities were found in Adobe Reader & Adobe Acrobat versions X and XI. By exploiting this vulnerability malicious users can execute arbitrary code or cause denial of service. These vulnerabilities can be exploited on the network at unknown attack points via use-after-free and...
KLA10266 OSI vulnerability in MySQL Workbench
Vulnerabilities in the linked library were found in MySQL Workbench. By exploiting these vulnerabilities malicious users can obtain sensitive information. These vulnerabilities can be exploited remotely via man-in-the-middle attacks at a point related to OpenSSL. Original advisories MySQL bulleti...
KLA10003 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in the following Adobe Flash Player versions: 13.0.0.206 and earlier for Windows, Mac OS; 11.2.202.356 and earlier for Linux and Adobe AIR SDK & Compiler version 13.0.0.83. Malicious users can exploit these vulnerabilities to bypass a sandbox...
KLA10332 OSI vulnerability in Snare
Weak keying material was found in Snare Agent. By exploiting this vulnerability malicious users can obtain and modify sensitive information. This vulnerability can be exploited remotely via MITM, at a point related to OpenSSL. Original advisories Snare Agent changelog Related products Snare CVE...
KLA10128 DoS vulnerability in Core FTP
Buffer overflows were found in the Core FTP client. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. This vulnerability can be exploited from the network via a specially designed server reply. Original advisories - Exploitation Publ...
KLA10175 DoS vulnerability in GnuPG
An unspecified vulnerability was found in GnuPG. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed packets. Original advisories - Related products GnuPG-gpg CVE list CVE-2014-4617 warning Solution Upda...
KLA10342 OSI vulnerability in Stunnel
Improper work with OpenSSL was found in Stunnel. By exploiting this vulnerability malicious users can obtain private keys or certificates. This vulnerability can be exploited remotely at a point related to children’s processes. Original advisories Stunnel Changelog Related products Stunnel CVE li...
KLA10262 PE vulnerability in McAfee
An unspecified vulnerability was found in McAfee products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally. Original advisories McAfee bulletin Related products McAfee-Host-Intrusion-Prevention McAfee-VirusScan CVE list Solution...
KLA10990 Vulnerability in VideoLAN VLC media player
A vulnerability in the transcode module was found in VLC media player versions before 2.1.5. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a non-malicious input. Technical details This...
KLA10023 DoS vulnerability in GOM Media Player
An unspecified vulnerability was found in the GOM Media Player. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to an unknown application via a specially designed .OGG file. Original advisories N...
KLA10013 OSI vulnerability in multiple Microsoft XML Core Services
By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network at a point related to MSXML via a specially designed website. It is caused by a missing property information restriction. Original advisories MS Bulletin...
KLA10012 Vulnerability in Microsoft Word 2007 & Office Compatibility Pack
An unspecified vulnerability was found in the Word 2007 and Office Compatibility Pack. By exploiting this vulnerability malicious users can execute arbitrary code or cause a denial of service. This vulnerability can be exploited from the network at point related to an unknown application via a...
KLA10006 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome 35.0.1916.114 and earlier. Malicious users can exploit these vulnerabilities to cause denial of service or other possible issues. Below is a complete list of vulnerabilities 1. heap-based buffer overflow in...
KLA10002 Multiple vulnerabilities in Adobe Flash Player
Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to inject arbitrary script or HTML, access restrictions, execute arbitrary code or cause denial of service Vectors related to unknown applications can be exploited to inject...
KLA10382 Multiple vulnerabilities in VMware
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to obtain sensitive information, hijack a session or cause denial of service. Below is a complete list of vulnerabilities 1. Improperly restrictions can be exploited remotely via...
KLA10010 Multiple vulnerabilities at Microsoft Internet Explorer
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer versions 6-11. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass a sandbox protection mechanism, obtain sensitive information, modify TLS session data or read...
KLA10149 ACE vulnerability in Ericom
A buffer overflow was found in Ericom products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed request. Original advisories Ericom bulletin Exploitation Public exploits exist for this vulnerability...
KLA10433 Multiple vulnerabilities in Pidgin
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary programs and other unknown impact. Below is a complete list of vulnerabilities 1. Improper traffic restrictions can be exploited remotely via...
KLA10070 RLF vulnerability in Apache Tomcat
An improper class constriction vulnerability was found in Apache Tomcat. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited from the network at a point related to the XML parser via a specially designed web application. Original advisori...
KLA10026 OAF vulnerability in Foxit
An XSS vulnerability was found in Foxit Reader, Foxit Enterprise Reader and Foxit PhantomPDF. By exploiting this vulnerability malicious users can overwrite registry entries and load malicious files. This vulnerability can be exploited locally at a point related to the Recent Documents section of...
KLA10019 DoS vulnerability in Winamp
An unspecified vulnerability was found in Winamp. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to Winamp F263 Decoder Service via a malformed .FLV file. Original advisories NVD Related product...
KLA10007 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome 34.0.1847.137 and earlier. Malicious can use these vulnerabilities to cause denial of service, spoof UI or possibly other impact. Below is a complete list of vulnerabilities 1. use-after-free in StyleElement::removedFromDocument...
KLA10301 DoS vulnerability in Python
An incorrect hash realization was found in Python. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed input. Original advisories - Related products Python CVE list CVE-2013-7040 warning Solution Updat...
KLA10077 WLF vulnerability in Apple iTunes
A permissions vulnerability was found in Apple iTunes. By exploiting this vulnerability malicious users can modify local files. This vulnerability can be exploited locally via standard file system operations. Original advisories Apple bulletin Related products Apple-iTunes CVE list CVE-2014-1347...