#chrome

Mozilla Firefox only stores up to 1024 HSTS entries. When the limit is reached, Firefox discards entries based on their age and recent visits to the domain in question.

An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.

Debian Linux Security Advisory 5483-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Jorani version 1.0.3 suffers from a cross site scripting vulnerability.

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1.

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)

Categories: Exploits and vulnerabilities Tags: stable channel Tags: weekly updates Tags: CVE-2023-4427 Tags: CVE-2023-4428 Tags: CVE-2023-4429 Tags: CVE-2023-4430 Tags: CVE-2023-4431 Tags: use after free Tags: out of bounds Tags: heap corruption The first of Chrome's now weekly security updates fixes five vulnerabilities. (Read more...) The post Update now! Google Chrome's first weekly update has arrived appeared first on Malwarebytes Labs.