3965 matches found
KLA10421 DoS vulnerability in JetAudio
An unspecified vulnerability was found in JetAudio. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed OGG file. Original advisories - Exploitation Public exploits exist for this vulnerability. Relate...
KLA10008 Denial of Service in VideoLAN VLC Media Player
An unspecified vulnerability was found in VLC versions 2.1.3 and earlier. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network through a specially designed .png file. It is caused by codeclibpngplugin.dll. Original...
KLA10028 ACE vulnerability in Adobe Illustrator
An unspecified vulnerability was found in Adobe Illustrator CS6. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to an unspecified application. Original advisories Adobe bulletin Related products...
KLA10004 Multiple Adobe Acrobat & Reader vulnerabilities
Multiple serious vulnerabilities have been found in Adobe Reader & Adobe Acrobat versions X and XI. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass a sandbox protection, cause a denial of service or obtain sensitive information. Below is a complete list of...
KLA10200 CI vulnerability in IBM
An XSS vulnerability was found in IBM products. By exploiting this vulnerability malicious users can inject web script. This vulnerability can be exploited remotely via a specially designed e-mail. Original advisories - Related products IBM-Notes IBM-Domino CVE list CVE-2014-0913 warning Solution...
KLA10169 WLF vulnerability in Emacs
An unspecified vulnerability was found in GNU Emacs. By exploiting this vulnerability malicious users can overwrite arbitrary tmp files. This vulnerability can be exploited locally via a symlink attack. Original advisories - Related products GNU-Emacs CVE list CVE-2014-3424 warning CVE-2014-3423...
KLA10212 DoS vulnerability in IBM WebSphere MQ
An unspecified vulnerability was found in IBM WebSphere MQ. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products IBM-WebSphere-MQ CVE list CVE-2014-0911 warning...
KLA10014 Multiple SUI vulnerabilities in Opera
Multiple low severity vulnerabilities have been found in Opera versions 21 and earlier. Malicious users can exploit these vulnerabilities to spoof user interface. Vectors related to the address bar can be exploited to fool some users via user interface spoofing. Original advisories Opera blog...
KLA10001 Multiple vulnerabilities in Oracle Java Runtime Environment & Java Development Kit
Multiple serious vulnerabilities have been found in Oracle Java Runtime Environment & Java Development Kit: 5.61, 6.71, 7.51, 8. Malicious use of these vulnerabilities can affect confidentiality, integrity and availability, cause denial of service, obtain sensitive information or overwrite...
KLA10121 SUI vulnerability in Mozilla Firefox
Unspecified vulnerability was found in the Mozilla Firefox. By exploiting this vulnerability malicious users can spoof the address bar. This vulnerability can be exploited remotely at a point related to DOM events via a specially designed JS. Original advisories MFSA Related products...
KLA10366 OSI vulnerability in Titan FTP Server
A directory traversal vulnerability was found in Titan FTP Server. By exploiting this vulnerability malicious users can list usernames or home folder. This vulnerability can be exploited remotely via specially designed parameters. Original advisories Changelog Exploitation Public exploits exist f...
KLA10291 Multiple vulnerabilities in PaperCut
Multiple serious vulnerabilities have been found in PaperCut. Malicious users can exploit these vulnerabilities to cause denial of service or hijack administrators auth. Below is a complete list of vulnerabilities 1. A CSRF vulnerability can be exploited remotely via unspecified vectors; 2. An...
KLA10201 ACE vulnerability in IBM
An unspecified vulnerability was found in IBM products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to gcc keys. Original advisories - Related products IBM-Notes IBM-Domino CVE list CVE-2014-0892...
KLA10396 SB vulnerability in WinSCP
A lack of hostname verifications was found in the WinSCP. By exploiting this vulnerability malicious users can spoof the SSL server. This vulnerability can be exploited remotely via a man-in-the-middle attack. Original advisories - Related products WinSCP CVE list CVE-2014-2735 high Solution Upda...
KLA10080 OSI vulnerability in AusweisApp
The HeartBleed vulnerability was found in AusweisApp. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network. Original advisories AusweisApp versions changelog Related products AusweisApp CVE list Solution Update to...
KLA10020 DoS vulnerability in Winamp
A stack-based buffer overflow was found in Winamp. By exploiting this vulnerability malicious users can cause denial of service and possibly execute arbitrary code. This vulnerability can be exploited from the network at a point related to Skin packages via a specially designed package. Original...
KLA10336 Multiple vulnerabilities in Sophos Web Appliance
Multiple critical vulnerabilities have been found in Sophos Web Appliance. Malicious users can exploit these vulnerabilities to execute arbitrary commands or change admin password. Below is a complete list of vulnerabilities 1. Vectors related to the netinterface configuration page can be exploit...
KLA10543 Security bypass vulnerability in Microsoft Silverlight
An unspecified vulnerability was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via an unknown vectors. Original advisories MS14-014 CVE-2014-0319 Related products Microsoft-Silverligh...
KLA10436 Multiple vulnerabilities in VMware vSphere Client
Multiple critical vulnerabilities have been found in VMware vSphere. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security. Below is a complete list of vulnerabilities 1. An improper client file update validation can be exploited remotely; 2. An improper...
KLA10129 ACE vulnerability in Core FTP
A buffer overflow was found in Core FTP. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network via a specially designed server reply. Original advisories Core FTP changelog Related products Core-FTP-client...
KLA10297 Multiple vulnerabilities in PostgreSQL
Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service, unauthorized tables access, bypass group politics restrictions and gain privileges. Below is a complete list of vulnerabilities 1. An improper value check...
KLA10449 DoS vulnerability in PostgreSQL
Multiple integer overflows were found in PostgreSQL. By exploiting this vulnerability malicious users can cause denial of service and possible extract arbitrary code. This vulnerability can be exploited remotely via vectors related to hstorerecv, hstorefromarrays, hstorefromarray and...
KLA10072 Multiple vulnerabilities in Apache Tomcat
Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions and read arbitrary files. Below is a complete list of vulnerabilities 1. An integer overflow vulnerability can be exploited...
KLA10067 DoS vulnerabilities in Apache httpd
Multiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to modlogconfig can be exploited remotely via a specially designed cookie; 2. An improper...
KLA10209 ACE vulnerability in IBM Security AppScan
The lack of an integrity check was found in IBM Security AppScan Standart. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Original advisories - Related products...
KLA10018 SUI vulnerability in WinRAR
UI spoofing vulnerability was found in WinRar. By exploiting this vulnerability maliciousmalicious userss can execute arbitrary code. This vulnerability can be exploited from the network via a specially designed ZIP archive file. Original advisories rarlab An7i Security Related products WinRAR CV...
KLA10120 Multiple vulnerabilities in Mozilla
Multiple critical vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1...
KLA10337 DoS vulnerability in Sophos UTM
A memory leak was found in Sophos UTM. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products Sophos-Unified-Threat-Management CVE list CVE-2014-2537 high Solution...
KLA10430 RCE vulnerability in Free Download Manager
A lack of size assertion was found in Free Download Manager. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to the download queue via a specially designed object name. Original advisories RCESecueity...
KLA10404 ACE vulnerability in XnView
An integer overflow was found in XnView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed JXR file. Original advisories - Related products XnView CVE list CVE-2013-3938 critical Solution Update to...
KLA10207 ACE vulnerability in IBM SPSS SamplePower
A buffer overflow was found in the IBM SPSS SamplePower. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed ComboList. Original advisories - Related products IBM-SPSS-SamplePower CVE list CVE-2014-0895...
KLA10441 Vulnerability in Shockwave Player
An unspecified vulnerability was found in the Shockwave Player. By exploiting this vulnerability malicious users can execute arbitrary code or cause denial of service. Original advisories APSB Related products Adobe-Shockwave-Player CVE list CVE-2014-0505 critical Solution Update to latest versio...
KLA10194 SB vulnerability in HP SMH
CSRF vulnerability was found in the HP SMH. By exploiting this vulnerability malicious users can hijack auth. This vulnerability can be exploited from remote by unknown vectors. Original advisories - Related products HP-System-Management-Homepage CVE list CVE-2013-6188 high Solution Update to...
KLA10193 OSI vulnerability in HP SMH
An unspecified vulnerability was found in HP SMH. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely by unknown vectors. Original advisories - Related products HP-System-Management-Homepage CVE list CVE-2013-4846 warning...
KLA10608 Security bypass vulnerability in Microsoft Silverlight
An unspecified vulnerability was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can bypass DEP and ASLR protection. This vulnerability can be exploited remotely via an unspecified vectors. Original advisories CVE-2014-0319 Related products Microsoft-Silverlight C...
KLA10588 Multiple vulnerabilities in Wireshark
Buffer overflow vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed packet trace. Original advisories WNPA advisory Exploitation...
KLA10349 Vulnerability in Sylpheed
An unspecified vulnerability was found in Sylpheed. By exploiting this vulnerability malicious users can cause unknown impact via unknown vectors. Original advisories Changelog Related products Sylpheed CVE list Solution Update to latest version Affected Products - Sylpheed versions 3.3.0 and...
KLA10009 Denial of Service in VideoLAN VLC Media Player
An unspecified vulnerability was found in VLC versions 2.0.7 and earlier. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network through a specially designed playlist file. Original advisories NVD Related products...
KLA10277 LPE vulnerability in Norman Security Suite
An unspecified vulnerability was found in the Norman Security Suite. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via unknown vectors. Original advisories - Related products Norman-Security-Suite CVE list CVE-2014-0816 high...
KLA10261 RLF vulnerability in McAfee ePolicy Orchestrator
An unspecified vulnerability was found in McAfee ePolicy Orchestrator. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed XML file. Original advisories - Related products McAfee-ePolicy-Orchestrator CVE...
KLA10016 Multiple vulnerabilities in Apple QuickTime
Multiple serious vulnerabilities have been found in Apple QuickTime. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. Improper byte-swapping can be exploited to execute arbitrary code or cause...
KLA10082 LPE vulnerabilities in AutoCAD
An unspecified vulnerability was found in Autodesk products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DWG file. Original advisories - Related products AutoCAD CVE list CVE-2014-0819 warning...
KLA10027 ACE vulnerability in Foxit Reader
Unspecified vulnerability was found in Foxit Reader. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited locally at a point related to imgseg.dll via file replacement. Original advisories Foxit bulletin Related products Foxit-Reader CVE...
KLA10607 Code execution vulnerability in Microsoft Forefront Protection
An unspecified vulnerability was found in Microsoft Forefront Protection. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed message. Original advisories CVE-2014-0294 Related products...
KLA10015 SUI Opera vulnerability
An unspecified vulnerability was found in Opera 18 and earlier. By exploiting this vulnerability malicious users can fool legitimate users. This vulnerability can be exploited from the network at a point related to the address bar by spoofing the user interface. Original advisories Opera blog...
KLA10319 Vulnerability in Secunia CSI Agent
Insecure file permissions were found in Secunia CSI Agent. By exploiting this vulnerability malicious users can change configurations. This vulnerability can be exploited locally via an XML config. Original advisories - Related products Secunia-CSI-Agent CVE list CVE-2013-5364 warning Solution...
KLA10024 DoS vulnerability in GOM Media Player
An unspecified vulnerability was found in the GOM Media Player. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network at a point related to an unknown application via a specially designed .AVI file. Original advisories N...
KLA10329 OSI vulnerability in Sleipnir
Provision of geodata without consent was found in the Sleipnir. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed web-site. Original advisories - Related products Sleipnir-Mobile-for-Android CVE...
KLA10039 Adobe Digital Editions security advisory
An unspecified vulnerability was found in Adobe Digital Editions. By exploiting this vulnerability malicious users can execute arbitrary code or cause denial of service. This vulnerability can be exploited from the network at point related to an unknown application. Original advisories Adobe...
KLA10511 Multiple vulnerabilities in Oracle products
An unspecified vulnerabilities were found in Oracle products. By exploiting this vulnerability malicious users can affect integrity, confidentiality and availability. This vulnerability can be exploited remotely via an unknown vectors related to 2D, Beans, CORBA, Deployment, Hotspot, Install, JAA...