Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Debian Security Advisory 5689-1

Debian Linux Security Advisory 5689-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-4761 exists in the wild.

Packet Storm
Open in Source
#google#linux#debian#dos#chrome
CVE-2024-4950: Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4949: Chromium: CVE-2024-4949 Use after free in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4948: Chromium: CVE-2024-4948 Use after free in Dawn

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4947: Chromium: CVE-2024-4947 Type Confusion in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-30056: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris

GHSA-xc3p-28hw-q24g: Grafana proxy Cross-site Scripting

Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MEDIUM severity security fix for XSS for Grafana. Release v.8.3.5, only containing security fixes: - [Download Grafana 8.3.5](https://grafana.com/grafana/download/8.3.5) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-5/) Release v.7.5.15, only containing security fixes: - [Download Grafana 7.5.15](https://grafana.com/grafana/download/7.5.15) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-15/) ## XSS ([CVE-2022-21702](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702)) ### Summary On Jan. 16, an external security researcher, Jasu Viding contacted Grafana to disclose an XSS vulnerability in the way that Grafana handles data sources. An attacker could serve HTML content through the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-si...

Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data

By Deeba Ahmed Android Security Alert- Hackers are disguising malware as popular apps like Instagram and Snapchat to steal your login details. Learn how to identify fake apps and protect yourself from this sneaky cyberattack. This is a post from HackRead.com Read the original post: Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024. Out-of-bounds write bugs could be typically