Security
Headlines
HeadlinesLatestCVEs

Headline

Gentoo Linux Security Advisory 202312-07

Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.

Packet Storm
#vulnerability#web#mac#linux#c++#rce

Gentoo Linux Security Advisory GLSA 202312-07


                                       https://security.gentoo.org/  

Severity: High
Title: QtWebEngine: Multiple Vulnerabilities
Date: December 22, 2023
Bugs: #913050, #915465
ID: 202312-07


Synopsis

Multiple vulnerabilitiies have been discovered in QtWebEngine, the worst
of which could lead to remote code execution.

Background

QtWebEngine is a library for rendering dynamic web content in Qt5 and
Qt6 C++ and QML applications.

Affected packages

Package Vulnerable Unaffected


dev-qt/qtwebengine < 5.15.11_p20231120 >= 5.15.11_p20231120

Description

Multiple vulnerabilities have been discovered in QtWebEngine. Please
review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All QtWebEngine users should upgrade to the latest version:

emerge --sync

emerge --ask --oneshot --verbose “>Þv-qt/qtwebengine-5.15.11_p20231120”

References

[ 1 ] CVE-2023-4068
https://nvd.nist.gov/vuln/detail/CVE-2023-4068
[ 2 ] CVE-2023-4069
https://nvd.nist.gov/vuln/detail/CVE-2023-4069
[ 3 ] CVE-2023-4070
https://nvd.nist.gov/vuln/detail/CVE-2023-4070
[ 4 ] CVE-2023-4071
https://nvd.nist.gov/vuln/detail/CVE-2023-4071
[ 5 ] CVE-2023-4072
https://nvd.nist.gov/vuln/detail/CVE-2023-4072
[ 6 ] CVE-2023-4073
https://nvd.nist.gov/vuln/detail/CVE-2023-4073
[ 7 ] CVE-2023-4074
https://nvd.nist.gov/vuln/detail/CVE-2023-4074
[ 8 ] CVE-2023-4075
https://nvd.nist.gov/vuln/detail/CVE-2023-4075
[ 9 ] CVE-2023-4076
https://nvd.nist.gov/vuln/detail/CVE-2023-4076
[ 10 ] CVE-2023-4077
https://nvd.nist.gov/vuln/detail/CVE-2023-4077
[ 11 ] CVE-2023-4078
https://nvd.nist.gov/vuln/detail/CVE-2023-4078
[ 12 ] CVE-2023-4761
https://nvd.nist.gov/vuln/detail/CVE-2023-4761
[ 13 ] CVE-2023-4762
https://nvd.nist.gov/vuln/detail/CVE-2023-4762
[ 14 ] CVE-2023-4763
https://nvd.nist.gov/vuln/detail/CVE-2023-4763
[ 15 ] CVE-2023-4764
https://nvd.nist.gov/vuln/detail/CVE-2023-4764
[ 16 ] CVE-2023-5218
https://nvd.nist.gov/vuln/detail/CVE-2023-5218
[ 17 ] CVE-2023-5473
https://nvd.nist.gov/vuln/detail/CVE-2023-5473
[ 18 ] CVE-2023-5474
https://nvd.nist.gov/vuln/detail/CVE-2023-5474
[ 19 ] CVE-2023-5475
https://nvd.nist.gov/vuln/detail/CVE-2023-5475
[ 20 ] CVE-2023-5476
https://nvd.nist.gov/vuln/detail/CVE-2023-5476
[ 21 ] CVE-2023-5477
https://nvd.nist.gov/vuln/detail/CVE-2023-5477
[ 22 ] CVE-2023-5478
https://nvd.nist.gov/vuln/detail/CVE-2023-5478
[ 23 ] CVE-2023-5479
https://nvd.nist.gov/vuln/detail/CVE-2023-5479
[ 24 ] CVE-2023-5480
https://nvd.nist.gov/vuln/detail/CVE-2023-5480
[ 25 ] CVE-2023-5481
https://nvd.nist.gov/vuln/detail/CVE-2023-5481
[ 26 ] CVE-2023-5482
https://nvd.nist.gov/vuln/detail/CVE-2023-5482
[ 27 ] CVE-2023-5483
https://nvd.nist.gov/vuln/detail/CVE-2023-5483
[ 28 ] CVE-2023-5484
https://nvd.nist.gov/vuln/detail/CVE-2023-5484
[ 29 ] CVE-2023-5485
https://nvd.nist.gov/vuln/detail/CVE-2023-5485
[ 30 ] CVE-2023-5486
https://nvd.nist.gov/vuln/detail/CVE-2023-5486
[ 31 ] CVE-2023-5487
https://nvd.nist.gov/vuln/detail/CVE-2023-5487
[ 32 ] CVE-2023-5849
https://nvd.nist.gov/vuln/detail/CVE-2023-5849
[ 33 ] CVE-2023-5850
https://nvd.nist.gov/vuln/detail/CVE-2023-5850
[ 34 ] CVE-2023-5851
https://nvd.nist.gov/vuln/detail/CVE-2023-5851
[ 35 ] CVE-2023-5852
https://nvd.nist.gov/vuln/detail/CVE-2023-5852
[ 36 ] CVE-2023-5853
https://nvd.nist.gov/vuln/detail/CVE-2023-5853
[ 37 ] CVE-2023-5854
https://nvd.nist.gov/vuln/detail/CVE-2023-5854
[ 38 ] CVE-2023-5855
https://nvd.nist.gov/vuln/detail/CVE-2023-5855
[ 39 ] CVE-2023-5856
https://nvd.nist.gov/vuln/detail/CVE-2023-5856
[ 40 ] CVE-2023-5857
https://nvd.nist.gov/vuln/detail/CVE-2023-5857
[ 41 ] CVE-2023-5858
https://nvd.nist.gov/vuln/detail/CVE-2023-5858
[ 42 ] CVE-2023-5859
https://nvd.nist.gov/vuln/detail/CVE-2023-5859
[ 43 ] CVE-2023-5996
https://nvd.nist.gov/vuln/detail/CVE-2023-5996
[ 44 ] CVE-2023-5997
https://nvd.nist.gov/vuln/detail/CVE-2023-5997
[ 45 ] CVE-2023-6112
https://nvd.nist.gov/vuln/detail/CVE-2023-6112

Availability

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/202312-07

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users’ machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
https://bugs.gentoo.org.

License

Copyright 2023 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Related news

Gentoo Linux Security Advisory 202401-34

Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Gentoo Linux Security Advisory 202311-11

Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.

Debian Security Advisory 5556-1

Debian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5556-1

Debian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-6112: Stable Channel Update for Desktop

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Debian Security Advisory 5551-1

Debian Linux Security Advisory 5551-1 - Debian appears to have forgotten to put the actual details of the advisory in this advisory, but they recommend that you upgrade your chromium packages.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-5996: Stable Channel Update for Desktop

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-5858

Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

CVE-2023-5859: Stable Channel Update for Desktop

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

CVE-2023-5854: 1488267 - chromium - An open-source project to help move the web forward.

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5526-1

Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-5474

Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

CVE-2023-5487: Stable Channel Update for Desktop

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-4764

Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4763: Stable Channel Update for Desktop

Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4761

Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Google Fixes Serious Security Flaws in Chrome and Android

Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

CVE-2023-4078: Stable Channel Update for Desktop

Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

CVE-2023-4075

Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4070

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4069

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution