3996 matches found
KLA10454 PE vulnerabilities in MSCVMM
Improper user roles validating was found in MSCVMM. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed credentials. Original advisories MS bulletin CVE-2015-0012 Related products...
KLA10456 SB vulnerability in MS Office
An use-after-free vulnerability was found in Microsoft Office. By exploiting this vulnerability malicious users can bypass ASLR protection. This vulnerability can be exploited remotely via a specially designed document. Original advisories MS bulletin CVE-2014-6362 Related products Microsoft-Offi...
KLA10443 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. By exploiting these vulnerabilities malicious users can gain privilleges, bypass security and cause denial of service. Below is a complete list of vulnerabilities 1. Improper URI restrictions can be exploited via a URI filesystem;...
KLA10494 Multiple vulnerabilities in Fortinet FortiAuthenticator
Multiple serious vulnerabilities have been found in Fortinet FortiAuthenticator. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, inject code and read arbitrary files. Below is a complete list of vulnerabilities 1. XSS vulnerability can be...
KLA10452 Multiple vulnerabilities in VMware products
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to gain privileges or cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to file write can be exploited locally; 2. Improper input validation...
KLA10451 Multiple vulnerabilities in VLC
Multiple serious vulnerabilities have been found in VLC. Malicious users can exploit these vulnerabilities to cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed FLV or M2V files. Original advisories - Related products...
KLA10439 Multiple vulnerabilities in Adobe products
Multiple critical vulnerabilities have been found in Adobe Products. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service and other unknown impact. Below is a complete list of vulnerabilities 1. A use-after-free...
KLA10476 Code execution vulnerability in Microsoft products
Buffer overflow was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed packets related to Telnet service. Original advisories MS advisory CVE-2015-0014 Related products...
KLA10446 CI vulnerability in Mozilla products
Improper interpretation of HTTP headers was found in Mozilla products. By exploiting this vulnerability malicious users can inject cookie. This vulnerability can be exploited via specially designed HTTP headers. Original advisories MFSA Related products Mozilla-Firefox Mozilla-Thunderbird...
KLA10445 ACE vulnerability in Mozilla
Improper DOM objects interaction was found in Mozilla products. By exploiting this vulnerability malicious users can execute arbitrary code. This culnerability can be exploited remotely via unspecified vectors. Original advisories MFSA Related products Mozilla-Firefox Mozilla-SeaMonkey CVE list...
KLA10447 Multiple vulnerabilities in Java SE
Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to cause loss of integrity, denial of service and obtain sensitive information. Below is a complete list of vulnerabilities 1. Vectors relsted to Swing, Hotspot, JAX-WS,...
KLA10460 Multiple vulnerabilities in OpenSSL
Multiple serious vulnerabilities have been found in OpenSSL. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions. Below is a complete list of vulnerabilities pppeep 1. An unknown vulnerability can be exploited remotely via specially designe...
KLA10453 Multiple vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. These vulnerabilities can be exploited via a specially designed packet. Original advisories - Related products Wireshark CVE list CVE-2015-0564 warning...
KLA10616 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office products. Malicious users can exploit these vulnerabilities to run arbitrary code, cause denial of service, loss of integrity, security bypass, privilege escalation and obtain sensitive information. Below is a complete list of...
KLA10611 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface. Below is a complete list of vulnerabilities 1. An improper tokens validation can be exploited remotely via an unspecified...
KLA10605 Code execution vulnerability in Microsoft VBScript
An unspecified vulnerabilities were found in Microsoft VBScript engine. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories CVE-2014-6363 CVE-2014-0271 Exploitation...
KLA10444 DoS vulnerability in LibreOffice
Unspecified vulnerability was found in LibreOffice. By exploiting this vulnerabilities malicious users can cause denial of server, and possibly execute arbitrary code. This vulnerability can be exploited remotely via specially designed RTF file. Original advisories - Related products LibreOffice...
KLA10601 Multiple vulnerabilities in Microsoft products
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...
KLA10610 Security bypass vulnerability in Microsoft IIS
Improper wildcard processing was found in Microsoft IIS. By exploiting this vulnerability malicious users can bypass intended rules. This vulnerability can be exploited remotely via a specially designed HTTP request. Original advisories CVE-2014-4078 Related products...
KLA10604 Multiple vulnerabilities in Microsoft SharePoint
Multiple serious vulnerabilities have been found in Microsoft SharePoint. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed requests; 2...
KLA10612 Information disclosure vulnerability in Microsoft AD Federation Services
An unspecified vulnerability was found in Microsoft AD Federation Services. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via unattended workstation manipulations. Original advisories CVE-2014-6331 Related products...
KLA10603 Multiple vulnerabilities in Microsoft .NET Framework
Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions fain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of...
KLA10448 Multiple Pidgin vulnerabilities
Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information and write local files. Below is a complete list of vulnerabilities 1. Vectors related to Jabber protocol can be exploited remotely...
KLA10505 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and vulnerability. These vulnerabilities can be exploited remotely via an unknown vectors related to JSSE, JAXP, AWT, 2D, Deployment, Libraries,...
KLA10614 Code injection vulnerability in Microsoft ASP.NET MVC
XSS vulnerability was found in ASP.NET MVC. By exploiting this vulnerability malicious users can inject arbitrary script. This vulnerability can be exploited remotely via a specially designed web page. Original advisories CVE-2014-4075 Related products Microsoft-ASP.NET-MVC CVE list CVE-2014-4075...
KLA10440 Multiple vulnerabilities in Adobe Acrobat & Reader
Multiple critical vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code and read arbitrary files. Below is a complete list of...
KLA10609 Multiple vulnerabilities in Microsoft Lync Server
Multiple serious vulnerabilities have been found in Microsoft Lync Server. Malicious users can exploit these vulnerabilities to inject arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed URL...
KLA10602 Multiple vulnerabilities in Microsoft Internet Explorer
Multiple overflows and other unknown vulnerabilities were found in Microsoft Internet Explorer. By exploiting these vulnerabilities malicious users can gain privileges, execute arbitrary code or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially designed...
KLA10429 DoS vulnerability in FileZilla
An unspecified vulnerability was found in FileZilla. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally via folder name manipulations. Original advisories FileZilla changelog Related products FileZilla CVE list Solution Update...
KLA10353 DoS vulnerability in Symantec
An unspecified vulnerability was found in Symantec products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed e-mail message. Original advisories Symantec advisory Related products...
KLA10269 OSI vulnerability in Nessus
An unspecified vulnerability was found in Nessus. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely at a point related to Web UI. Original advisories - Related products Nessus CVE list CVE-2014-4980 warning Solution...
KLA10176 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and other possible impact. Below is a complete list of vulnerabilities 1. Unknown vectors can be exploited remotely; 2...
KLA10615 Multiple vulnerabilities in Microsoft SQL Server
Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to cause denial of service or inject arbitrary code. Below is a complete list of vulnerabilities 1. Lack of stack memory restrictions can be exploited remotely via a special...
KLA10340 Multiple vulnerabilities in Splunk
Multiple serious vulnerabilities have been found in Splunk. Malicious users can exploit these vulnerabilities to inject arbitrary script or read local files. Below is a complete list of vulnerabilities 1. An XSS vulnerability can be exploited remotely via specially designed HTPP headers; 2. A...
KLA10098 Vulnerability in CVSNT
An unspecified vulnerability was found in CVSNT. By exploiting this vulnerability malicious users can bypass permission checks, modify directories and execute arbitrary code. This vulnerability can be exploited remotely via specially designed branching. Original advisories March Hare bulletin...
KLA10071 DoS vulnerability in Apache Subversion
An unspecified vulnerability was found in Apache Subversion. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to moddavsvn via a specially designed OPTIONS request. Original advisories Apache...
KLA10343 Multiple vulnerabilities in Stunnel
An obsolete version of OpenSSL was found in Stunnel. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely. Original advisories Stunnel changelog Exploitation Public exploits exi...
KLA10354 ACE vulnerability in Symantec Endpoint Protection
A buffer overflow was found in Symantec products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed argument. Original advisories Symantec advisory Exploitation Public exploits exist for this...
KLA10313 Vulnerability in SRWare Iron
An unspecified vulnerability was found in SRWare Iron. By exploiting this vulnerability malicious users can cause unknown impact. This vulnerability can be exploited from an unknown vector. Original advisories changelog Related products SRWare-Iron CVE list Solution Update to latest version...
KLA10400 DoS vulnerabilities in Wireshark
Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Improper handling of n and r symbols can be exploited remotely via a specially designed packet; 2. Improper...
KLA10442 DoS vulnerability in QuickTime
An unknown vulnerability have been found in Apple QuickTime. Vulnerability can be exploited remotely via specially designed mvhd atom. Original advisories Apple bulletin Related products Apple-QuickTime CVE list CVE-2014-4979 critical Solution Update to latest version Quicktime download Impacts D...
KLA10393 LPE & OSI vulnerabilities in Siemens Simatic WinCC
Multiple serious vulnerabilities have been found in Siemens Simatic WinCC. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unsafe encryption key can be exploited remotely via key extraction; 2...
KLA10119 Multiple vulnerabilities in Mozilla
An unspecified vulnerability was found in Clam Anti-virus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally at a point related to the OLE2 parser via a specially designed file. Below is a complete list of vulnerabilities 1...
KLA10359 Vulnerability in Tableau
An obsolete version of OpenSSL was found in Tableau. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely. Original advisories Tableau changelog Exploitation Public exploits exi...
KLA10507 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and availability. This vulnerability can be exploited remotely via an unknown vectors related to JavaFX, JMX, Security, Deployment, Serviceabilit...
KLA10284 Multiple vulnerabilities in Oracle VirtualBox
Unspecified vulnerabilities were found in Oracle VirtualBox. By exploiting this vulnerability malicious users can affect integrity, availability and confidentiality. This vulnerability can be exploited remotely via unknown vectors. Original advisories - Exploitation Public exploits exist for this...
KLA10265 Multiple vulnerabilities in MySQL
Unspecified vulnerabilities were found in MySQL Server. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and availability. These vulnerabilities can be exploited remotely at vectors related to SRCHAR, SRINFOSC and ENFED. Original advisories - Related...
KLA10290 DoS vulnerability in PHP
A use-after-free vulnerability was found in PHP. By exploiting this vulnerability malicious users can cause denial of service or cause other unspecified impact. This vulnerability can be exploited locally at a point related to SPL. Original advisories PHP bugtracker Related products PHP CVE list...
KLA10613 Denial of service vulnerability in Microsoft Service Bus
An unspecified vulnerability was found in Microsoft Service Bus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed AMQP messages. Original advisories CVE-2014-2814 Related products...
KLA10036 Multiple vulnerabilities in Adobe Flash and Adobe AIR
Multiple serious vulnerabilities have been found in Adobe Flash Player and Adobe AIR SDK. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Vectors related to unknown applications can...