Security
Headlines
HeadlinesLatestCVEs

Headline

Gentoo Linux Security Advisory 202401-34

Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.

Packet Storm
#vulnerability#web#mac#google#microsoft#linux#rce#chrome
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Gentoo Linux Security Advisory                           GLSA 202401-34- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -                                           https://security.gentoo.org/- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High    Title: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities     Date: January 31, 2024     Bugs: #907999, #908471, #909283, #910522, #911675, #912364, #913016, #913710, #914350, #914871, #915137, #915560, #915961, #916252, #916620, #917021, #917357, #918882, #919321, #919802, #920442, #921337       ID: 202401-34- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Synopsis========Multiple vulnerabilities have been discovered in Chromium and itsderivatives, the worst of which can lead to remote code execution.Background==========Chromium is an open-source browser project that aims to build a safer,faster, and more stable way for all users to experience the web.Google Chrome is one fast, simple, and secure browser for all yourdevices.Microsoft Edge is a browser that combines a minimal design withsophisticated technology to make the web faster, safer, and easier.Affected packages=================Package                    Vulnerable        Unaffected-------------------------  ----------------  -----------------www-client/chromium        < 120.0.6099.109  >= 120.0.6099.109www-client/google-chrome   < 120.0.6099.109  >= 120.0.6099.109www-client/microsoft-edge  < 120.0.2210.133  >= 120.0.2210.133Description===========Multiple vulnerabilities have been discovered in Chromium and itsderivatives. Please review the CVE identifiers referenced below fordetails.Impact======Please review the referenced CVE identifiers for details.Workaround==========There is no known workaround at this time.Resolution==========All Google Chrome users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=www-client/google-chrome-120.0.6099.109"All Chromium users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=www-client/chromium-120.0.6099.109"All Microsoft Edge users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-120.0.2210.133"References==========[ 1 ] CVE-2023-2312      https://nvd.nist.gov/vuln/detail/CVE-2023-2312[ 2 ] CVE-2023-2929      https://nvd.nist.gov/vuln/detail/CVE-2023-2929[ 3 ] CVE-2023-2930      https://nvd.nist.gov/vuln/detail/CVE-2023-2930[ 4 ] CVE-2023-2931      https://nvd.nist.gov/vuln/detail/CVE-2023-2931[ 5 ] CVE-2023-2932      https://nvd.nist.gov/vuln/detail/CVE-2023-2932[ 6 ] CVE-2023-2933      https://nvd.nist.gov/vuln/detail/CVE-2023-2933[ 7 ] CVE-2023-2934      https://nvd.nist.gov/vuln/detail/CVE-2023-2934[ 8 ] CVE-2023-2935      https://nvd.nist.gov/vuln/detail/CVE-2023-2935[ 9 ] CVE-2023-2936      https://nvd.nist.gov/vuln/detail/CVE-2023-2936[ 10 ] CVE-2023-2937      https://nvd.nist.gov/vuln/detail/CVE-2023-2937[ 11 ] CVE-2023-2938      https://nvd.nist.gov/vuln/detail/CVE-2023-2938[ 12 ] CVE-2023-2939      https://nvd.nist.gov/vuln/detail/CVE-2023-2939[ 13 ] CVE-2023-2940      https://nvd.nist.gov/vuln/detail/CVE-2023-2940[ 14 ] CVE-2023-2941      https://nvd.nist.gov/vuln/detail/CVE-2023-2941[ 15 ] CVE-2023-3079      https://nvd.nist.gov/vuln/detail/CVE-2023-3079[ 16 ] CVE-2023-3214      https://nvd.nist.gov/vuln/detail/CVE-2023-3214[ 17 ] CVE-2023-3215      https://nvd.nist.gov/vuln/detail/CVE-2023-3215[ 18 ] CVE-2023-3216      https://nvd.nist.gov/vuln/detail/CVE-2023-3216[ 19 ] CVE-2023-3217      https://nvd.nist.gov/vuln/detail/CVE-2023-3217[ 20 ] CVE-2023-3420      https://nvd.nist.gov/vuln/detail/CVE-2023-3420[ 21 ] CVE-2023-3421      https://nvd.nist.gov/vuln/detail/CVE-2023-3421[ 22 ] CVE-2023-3422      https://nvd.nist.gov/vuln/detail/CVE-2023-3422[ 23 ] CVE-2023-3727      https://nvd.nist.gov/vuln/detail/CVE-2023-3727[ 24 ] CVE-2023-3728      https://nvd.nist.gov/vuln/detail/CVE-2023-3728[ 25 ] CVE-2023-3730      https://nvd.nist.gov/vuln/detail/CVE-2023-3730[ 26 ] CVE-2023-3732      https://nvd.nist.gov/vuln/detail/CVE-2023-3732[ 27 ] CVE-2023-3733      https://nvd.nist.gov/vuln/detail/CVE-2023-3733[ 28 ] CVE-2023-3734      https://nvd.nist.gov/vuln/detail/CVE-2023-3734[ 29 ] CVE-2023-3735      https://nvd.nist.gov/vuln/detail/CVE-2023-3735[ 30 ] CVE-2023-3736      https://nvd.nist.gov/vuln/detail/CVE-2023-3736[ 31 ] CVE-2023-3737      https://nvd.nist.gov/vuln/detail/CVE-2023-3737[ 32 ] CVE-2023-3738      https://nvd.nist.gov/vuln/detail/CVE-2023-3738[ 33 ] CVE-2023-3740      https://nvd.nist.gov/vuln/detail/CVE-2023-3740[ 34 ] CVE-2023-4068      https://nvd.nist.gov/vuln/detail/CVE-2023-4068[ 35 ] CVE-2023-4069      https://nvd.nist.gov/vuln/detail/CVE-2023-4069[ 36 ] CVE-2023-4070      https://nvd.nist.gov/vuln/detail/CVE-2023-4070[ 37 ] CVE-2023-4071      https://nvd.nist.gov/vuln/detail/CVE-2023-4071[ 38 ] CVE-2023-4072      https://nvd.nist.gov/vuln/detail/CVE-2023-4072[ 39 ] CVE-2023-4073      https://nvd.nist.gov/vuln/detail/CVE-2023-4073[ 40 ] CVE-2023-4074      https://nvd.nist.gov/vuln/detail/CVE-2023-4074[ 41 ] CVE-2023-4075      https://nvd.nist.gov/vuln/detail/CVE-2023-4075[ 42 ] CVE-2023-4076      https://nvd.nist.gov/vuln/detail/CVE-2023-4076[ 43 ] CVE-2023-4077      https://nvd.nist.gov/vuln/detail/CVE-2023-4077[ 44 ] CVE-2023-4078      https://nvd.nist.gov/vuln/detail/CVE-2023-4078[ 45 ] CVE-2023-4349      https://nvd.nist.gov/vuln/detail/CVE-2023-4349[ 46 ] CVE-2023-4350      https://nvd.nist.gov/vuln/detail/CVE-2023-4350[ 47 ] CVE-2023-4351      https://nvd.nist.gov/vuln/detail/CVE-2023-4351[ 48 ] CVE-2023-4352      https://nvd.nist.gov/vuln/detail/CVE-2023-4352[ 49 ] CVE-2023-4353      https://nvd.nist.gov/vuln/detail/CVE-2023-4353[ 50 ] CVE-2023-4354      https://nvd.nist.gov/vuln/detail/CVE-2023-4354[ 51 ] CVE-2023-4355      https://nvd.nist.gov/vuln/detail/CVE-2023-4355[ 52 ] CVE-2023-4356      https://nvd.nist.gov/vuln/detail/CVE-2023-4356[ 53 ] CVE-2023-4357      https://nvd.nist.gov/vuln/detail/CVE-2023-4357[ 54 ] CVE-2023-4358      https://nvd.nist.gov/vuln/detail/CVE-2023-4358[ 55 ] CVE-2023-4359      https://nvd.nist.gov/vuln/detail/CVE-2023-4359[ 56 ] CVE-2023-4360      https://nvd.nist.gov/vuln/detail/CVE-2023-4360[ 57 ] CVE-2023-4361      https://nvd.nist.gov/vuln/detail/CVE-2023-4361[ 58 ] CVE-2023-4362      https://nvd.nist.gov/vuln/detail/CVE-2023-4362[ 59 ] CVE-2023-4363      https://nvd.nist.gov/vuln/detail/CVE-2023-4363[ 60 ] CVE-2023-4364      https://nvd.nist.gov/vuln/detail/CVE-2023-4364[ 61 ] CVE-2023-4365      https://nvd.nist.gov/vuln/detail/CVE-2023-4365[ 62 ] CVE-2023-4366      https://nvd.nist.gov/vuln/detail/CVE-2023-4366[ 63 ] CVE-2023-4367      https://nvd.nist.gov/vuln/detail/CVE-2023-4367[ 64 ] CVE-2023-4368      https://nvd.nist.gov/vuln/detail/CVE-2023-4368[ 65 ] CVE-2023-4427      https://nvd.nist.gov/vuln/detail/CVE-2023-4427[ 66 ] CVE-2023-4428      https://nvd.nist.gov/vuln/detail/CVE-2023-4428[ 67 ] CVE-2023-4429      https://nvd.nist.gov/vuln/detail/CVE-2023-4429[ 68 ] CVE-2023-4430      https://nvd.nist.gov/vuln/detail/CVE-2023-4430[ 69 ] CVE-2023-4431      https://nvd.nist.gov/vuln/detail/CVE-2023-4431[ 70 ] CVE-2023-4572      https://nvd.nist.gov/vuln/detail/CVE-2023-4572[ 71 ] CVE-2023-4761      https://nvd.nist.gov/vuln/detail/CVE-2023-4761[ 72 ] CVE-2023-4762      https://nvd.nist.gov/vuln/detail/CVE-2023-4762[ 73 ] CVE-2023-4763      https://nvd.nist.gov/vuln/detail/CVE-2023-4763[ 74 ] CVE-2023-4764      https://nvd.nist.gov/vuln/detail/CVE-2023-4764[ 75 ] CVE-2023-4900      https://nvd.nist.gov/vuln/detail/CVE-2023-4900[ 76 ] CVE-2023-4901      https://nvd.nist.gov/vuln/detail/CVE-2023-4901[ 77 ] CVE-2023-4902      https://nvd.nist.gov/vuln/detail/CVE-2023-4902[ 78 ] CVE-2023-4903      https://nvd.nist.gov/vuln/detail/CVE-2023-4903[ 79 ] CVE-2023-4904      https://nvd.nist.gov/vuln/detail/CVE-2023-4904[ 80 ] CVE-2023-4905      https://nvd.nist.gov/vuln/detail/CVE-2023-4905[ 81 ] CVE-2023-4906      https://nvd.nist.gov/vuln/detail/CVE-2023-4906[ 82 ] CVE-2023-4907      https://nvd.nist.gov/vuln/detail/CVE-2023-4907[ 83 ] CVE-2023-4908      https://nvd.nist.gov/vuln/detail/CVE-2023-4908[ 84 ] CVE-2023-4909      https://nvd.nist.gov/vuln/detail/CVE-2023-4909[ 85 ] CVE-2023-5186      https://nvd.nist.gov/vuln/detail/CVE-2023-5186[ 86 ] CVE-2023-5187      https://nvd.nist.gov/vuln/detail/CVE-2023-5187[ 87 ] CVE-2023-5217      https://nvd.nist.gov/vuln/detail/CVE-2023-5217[ 88 ] CVE-2023-5218      https://nvd.nist.gov/vuln/detail/CVE-2023-5218[ 89 ] CVE-2023-5346      https://nvd.nist.gov/vuln/detail/CVE-2023-5346[ 90 ] CVE-2023-5472      https://nvd.nist.gov/vuln/detail/CVE-2023-5472[ 91 ] CVE-2023-5473      https://nvd.nist.gov/vuln/detail/CVE-2023-5473[ 92 ] CVE-2023-5474      https://nvd.nist.gov/vuln/detail/CVE-2023-5474[ 93 ] CVE-2023-5475      https://nvd.nist.gov/vuln/detail/CVE-2023-5475[ 94 ] CVE-2023-5476      https://nvd.nist.gov/vuln/detail/CVE-2023-5476[ 95 ] CVE-2023-5477      https://nvd.nist.gov/vuln/detail/CVE-2023-5477[ 96 ] CVE-2023-5478      https://nvd.nist.gov/vuln/detail/CVE-2023-5478[ 97 ] CVE-2023-5479      https://nvd.nist.gov/vuln/detail/CVE-2023-5479[ 98 ] CVE-2023-5480      https://nvd.nist.gov/vuln/detail/CVE-2023-5480[ 99 ] CVE-2023-5481      https://nvd.nist.gov/vuln/detail/CVE-2023-5481[ 100 ] CVE-2023-5482      https://nvd.nist.gov/vuln/detail/CVE-2023-5482[ 101 ] CVE-2023-5483      https://nvd.nist.gov/vuln/detail/CVE-2023-5483[ 102 ] CVE-2023-5484      https://nvd.nist.gov/vuln/detail/CVE-2023-5484[ 103 ] CVE-2023-5485      https://nvd.nist.gov/vuln/detail/CVE-2023-5485[ 104 ] CVE-2023-5486      https://nvd.nist.gov/vuln/detail/CVE-2023-5486[ 105 ] CVE-2023-5487      https://nvd.nist.gov/vuln/detail/CVE-2023-5487[ 106 ] CVE-2023-5849      https://nvd.nist.gov/vuln/detail/CVE-2023-5849[ 107 ] CVE-2023-5850      https://nvd.nist.gov/vuln/detail/CVE-2023-5850[ 108 ] CVE-2023-5851      https://nvd.nist.gov/vuln/detail/CVE-2023-5851[ 109 ] CVE-2023-5852      https://nvd.nist.gov/vuln/detail/CVE-2023-5852[ 110 ] CVE-2023-5853      https://nvd.nist.gov/vuln/detail/CVE-2023-5853[ 111 ] CVE-2023-5854      https://nvd.nist.gov/vuln/detail/CVE-2023-5854[ 112 ] CVE-2023-5855      https://nvd.nist.gov/vuln/detail/CVE-2023-5855[ 113 ] CVE-2023-5856      https://nvd.nist.gov/vuln/detail/CVE-2023-5856[ 114 ] CVE-2023-5857      https://nvd.nist.gov/vuln/detail/CVE-2023-5857[ 115 ] CVE-2023-5858      https://nvd.nist.gov/vuln/detail/CVE-2023-5858[ 116 ] CVE-2023-5859      https://nvd.nist.gov/vuln/detail/CVE-2023-5859[ 117 ] CVE-2023-5996      https://nvd.nist.gov/vuln/detail/CVE-2023-5996[ 118 ] CVE-2023-5997      https://nvd.nist.gov/vuln/detail/CVE-2023-5997[ 119 ] CVE-2023-6112      https://nvd.nist.gov/vuln/detail/CVE-2023-6112[ 120 ] CVE-2023-6345      https://nvd.nist.gov/vuln/detail/CVE-2023-6345[ 121 ] CVE-2023-6346      https://nvd.nist.gov/vuln/detail/CVE-2023-6346[ 122 ] CVE-2023-6347      https://nvd.nist.gov/vuln/detail/CVE-2023-6347[ 123 ] CVE-2023-6348      https://nvd.nist.gov/vuln/detail/CVE-2023-6348[ 124 ] CVE-2023-6350      https://nvd.nist.gov/vuln/detail/CVE-2023-6350[ 125 ] CVE-2023-6351      https://nvd.nist.gov/vuln/detail/CVE-2023-6351[ 126 ] CVE-2023-6508      https://nvd.nist.gov/vuln/detail/CVE-2023-6508[ 127 ] CVE-2023-6509      https://nvd.nist.gov/vuln/detail/CVE-2023-6509[ 128 ] CVE-2023-6510      https://nvd.nist.gov/vuln/detail/CVE-2023-6510[ 129 ] CVE-2023-6511      https://nvd.nist.gov/vuln/detail/CVE-2023-6511[ 130 ] CVE-2023-6512      https://nvd.nist.gov/vuln/detail/CVE-2023-6512[ 131 ] CVE-2023-6702      https://nvd.nist.gov/vuln/detail/CVE-2023-6702[ 132 ] CVE-2023-6703      https://nvd.nist.gov/vuln/detail/CVE-2023-6703[ 133 ] CVE-2023-6704      https://nvd.nist.gov/vuln/detail/CVE-2023-6704[ 134 ] CVE-2023-6705      https://nvd.nist.gov/vuln/detail/CVE-2023-6705[ 135 ] CVE-2023-6706      https://nvd.nist.gov/vuln/detail/CVE-2023-6706[ 136 ] CVE-2023-6707      https://nvd.nist.gov/vuln/detail/CVE-2023-6707[ 137 ] CVE-2023-7024      https://nvd.nist.gov/vuln/detail/CVE-2023-7024[ 138 ] CVE-2024-0222      https://nvd.nist.gov/vuln/detail/CVE-2024-0222[ 139 ] CVE-2024-0223      https://nvd.nist.gov/vuln/detail/CVE-2024-0223[ 140 ] CVE-2024-0224      https://nvd.nist.gov/vuln/detail/CVE-2024-0224[ 141 ] CVE-2024-0225      https://nvd.nist.gov/vuln/detail/CVE-2024-0225Availability============This GLSA and any updates to it are available for viewing atthe Gentoo Security Website: https://security.gentoo.org/glsa/202401-34Concerns?=========Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users' machines is of utmostimportance to us. Any security concerns should be addressed [email protected] or alternatively, you may file a bug athttps://bugs.gentoo.org.License=======Copyright 2024 Gentoo Foundation, Inc; referenced textbelongs to its owner(s).The contents of this document are licensed under theCreative Commons - Attribution / Share Alike license.https://creativecommons.org/licenses/by-sa/2.5

Related news

Vulnerability in Tencent WeChat custom browser could lead to remote code execution

While this issue was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component was not updated, and still remained vulnerable when Talos reported it to the vendor.

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by

November 2023 – January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review

Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let’s take a look at what’s been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let’s take a look at the Microsoft Patch Tuesdays vulnerabilities, Linux Patch Wednesdays vulnerabilities and […]

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities

Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The

Debian Security Advisory 5595-1

Debian Linux Security Advisory 5595-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5595-1

Debian Linux Security Advisory 5595-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5595-1

Debian Linux Security Advisory 5595-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5595-1

Debian Linux Security Advisory 5595-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CISA Warns of Exploited Vulnerabilities in Chrome and Excel Parsing Library

By Waqas CISA Urges Swift Action as Two Critical Vulnerabilities Emerge. This is a post from HackRead.com Read the original post: CISA Warns of Exploited Vulnerabilities in Chrome and Excel Parsing Library

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Debian Security Advisory 5585-1

Debian Linux Security Advisory 5585-1 - An important security issue was discovered in Chromium, which could result in the execution of arbitrary code.

Update Chrome now! Emergency update patches zero-day

Google has issued an emergency update for Chrome that fixes an actively exploited zero-day vulnerability in the WebRTC component.

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

CVE-2023-6707: Stable Channel Update for Desktop

Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Debian Security Advisory 5577-1

Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5577-1

Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5577-1

Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5577-1

Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5577-1

Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5577-1

Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5573-1

Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5573-1

Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5573-1

Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5573-1

Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5573-1

Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-6512: Stable Channel Update for Desktop

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to

Update now! Chrome fixes actively exploited zero-day vulnerability

Google's released an update to Chrome which includes seven security fixes. Make sure you're using the latest version!

Google Patches Another Chrome Zero-Day as Browser Attacks Mount

The vulnerability is among a rapidly growing number of zero-day bugs that major browser vendors have reported recently.

CVE-2023-6351: Stable Channel Update for Desktop

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Debian Security Advisory 5556-1

Debian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5556-1

Debian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-6112: Stable Channel Update for Desktop

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5551-1

Debian Linux Security Advisory 5551-1 - Debian appears to have forgotten to put the actual details of the advisory in this advisory, but they recommend that you upgrade your chromium packages.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Ubuntu Security Notice USN-6403-3

Ubuntu Security Notice 6403-3 - USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 16.04 LTS. It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

CVE-2023-5996: Stable Channel Update for Desktop

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-5859: Stable Channel Update for Desktop

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

CVE-2023-5854: 1488267 - chromium - An open-source project to help move the web forward.

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE-2023-5858

Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

Debian Security Advisory 5536-1

Debian Linux Security Advisory 5536-1 - An important security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-5472: Stable Channel Update for Desktop

Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-5487: Stable Channel Update for Desktop

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE-2023-5474

Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

Red Hat Security Advisory 2023-5538-01

Red Hat Security Advisory 2023-5538-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5534-01

Red Hat Security Advisory 2023-5534-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5537-01

Red Hat Security Advisory 2023-5537-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5536-01

Red Hat Security Advisory 2023-5536-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-5540-01

Red Hat Security Advisory 2023-5540-01 - The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Issues addressed include a buffer overflow vulnerability.

libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior. libcue is incorporated into

RHSA-2023:5535: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that ...

RHSA-2023:5536: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a...

RHSA-2023:5540: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-5217: A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compile...

CVE-2023-5346

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5515-1

Debian Linux Security Advisory 5515-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5508-1

Debian Linux Security Advisory 5508-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5508-1

Debian Linux Security Advisory 5508-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went. Alternative video link (for Russia): https://vk.com/video-149273431_456239136 September was quite a busy month for me. Vulnerability Management courses I participated in two educational activities. The first one is an on-line cyber security course for […]

The security pitfalls of social media sites offering ID-based authentication

Two notable vulnerabilities in Google Chrome should be patched asap, and an allegedly new ransomware-as-a-service group.

CVE-2023-5186

Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)

CVE-2023-5187

Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Critical Chrome Update Counters Spyware Vendor’s Exploits

By Waqas Ensure Your Chrome Browser Is Up to Date and Secure: Enable Automatic Updates to Safeguard Against Cybersecurity Threats This is a post from HackRead.com Read the original post: Critical Chrome Update Counters Spyware Vendor’s Exploits

Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability

Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). Exploitation of such buffer overflow flaws can

10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome

Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.

Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the

Chrome Read-Only Property Overwrite

Chrome suffers from a read-only property overwrite in TurboFan.

CVE-2023-4902

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-4900: Stable Channel Update for Desktop

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-4904

Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-4764

Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4763: Stable Channel Update for Desktop

Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4761

Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5487-1

Debian Linux Security Advisory 5487-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

CVE-2023-4572: Stable Channel Update for Desktop

Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5483-1

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5483-1

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5483-1

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5483-1

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5483-1

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Update now! Google Chrome's first weekly update has arrived

Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.

Update now! Google Chrome's first weekly update has arrived

Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.

Update now! Google Chrome's first weekly update has arrived

Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.

Update now! Google Chrome's first weekly update has arrived

Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.

Update now! Google Chrome's first weekly update has arrived

Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.

CVE-2023-4427

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4429

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4430

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4431

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5479-1

Debian Linux Security Advisory 5479-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-4358

Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2312: Stable Channel Update for Desktop

Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4356

Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4075

Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4069

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4070

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4078: Stable Channel Update for Desktop

Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE-2023-3740: Stable Channel Update for Desktop

Insufficient validation of untrusted input in Themes in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially serve malicious content to a user via a crafted background URL. (Chromium security severity: Low)

Apple iOS, Google Android Patch Zero-Days in July Security Updates

Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.

Apple iOS, Google Android Patch Zero-Days in July Security Updates

Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.

Apple iOS, Google Android Patch Zero-Days in July Security Updates

Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.

Apple iOS, Google Android Patch Zero-Days in July Security Updates

Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5440-1

Debian Linux Security Advisory 5440-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5440-1

Debian Linux Security Advisory 5440-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5440-1

Debian Linux Security Advisory 5440-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-3421: Stable Channel Update for Desktop

Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-3420

Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-3422

Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5428-1

Debian Linux Security Advisory 5428-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5428-1

Debian Linux Security Advisory 5428-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5428-1

Debian Linux Security Advisory 5428-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5428-1

Debian Linux Security Advisory 5428-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Update Chrome now! Google fixes critical vulnerability in Autofill payments

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: Autofill Tags: payments critical Tags: CVE-2023-3214 Google has released an update which includes five security fixes including a critical vulnerability in Autofill payments. (Read more...) The post Update Chrome now! Google fixes critical vulnerability in Autofill payments appeared first on Malwarebytes Labs.

CVE-2023-3215

Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-3217

Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-3214

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

CVE-2023-3216

Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Now’s not the time to take our foot off the gas when it comes to fighting disinformation online

YouTube released a statement that “we will stop removing content that advances false claims that widespread fraud, errors, or glitches occurred in the 2020 and other past US Presidential elections.”

Debian Security Advisory 5420-1

Debian Linux Security Advisory 5420-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Update Chrome now! Google patches actively exploited zero-day

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: V8 Tags: heap corruption Tags: type confusion Tags: CVE-2023-3079 Google has released a Chrome update for a zero-day for which an exploit is actively being used in the wild. (Read more...) The post Update Chrome now! Google patches actively exploited zero-day appeared first on Malwarebytes Labs.

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type

CVE-2023-3079

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5418-1

Debian Linux Security Advisory 5418-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-2934

Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2933

Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

CVE-2023-2930

Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2932

Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

CVE-2023-2935

Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2931

Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

CVE-2023-2936

Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2937

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2929

Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2939

Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)

CVE-2023-2940

Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2941

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low)

CVE-2023-2938

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution