Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits

At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept (PoC) exploit for purported zero-day flaws in Discord, Google Chrome, and Microsoft Exchange. VulnCheck, which

The Hacker News
Open in Source
#vulnerability#web#mac#windows#google#microsoft#linux#git#zero_day#chrome#sap#The Hacker News
Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software

Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. Of the 73 flaws, six are rated Critical, 63 are rated Important, two are rated Moderated, and one is rated Low in severity. This also includes three issues the tech giant addressed in its Chromium-based Edge browser

Microsoft fixes six critical vulnerabilities in June Patch Tuesday

Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: CVE-2023-29357 Tags: CVE-2023-29363 Tags: CVE-2023-32014 Tags: CVE-2023-32015 Tags: CVE-2023-32013 Tags: CVE-2023-24897 Tags: CVE-2023-32031 Tags: SharePoint Tags: PGM Tags: Exchange Tags: Hyper-V Patch Tuesday of June 2023 is relatively relaxed. No actively exploited zero-days and only six critical vulnerabilities. (Read more...) The post Microsoft fixes six critical vulnerabilities in June Patch Tuesday appeared first on Malwarebytes Labs.

Teachers Record Management System 1.0 Validation Bypass

Teachers Record Management System version 1.0 suffers from file upload validation bypass vulnerability.

Sales Tracker Management System 1.0 HTML Injection

Sales Tracker Management System version 1.0 suffers from an html injection vulnerability.

Update Chrome now! Google fixes critical vulnerability in Autofill payments

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: Autofill Tags: payments critical Tags: CVE-2023-3214 Google has released an update which includes five security fixes including a critical vulnerability in Autofill payments. (Read more...) The post Update Chrome now! Google fixes critical vulnerability in Autofill payments appeared first on Malwarebytes Labs.

CVE-2023-33145

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2023-3215

Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-3217

Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-3216

Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)