Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2023-27777: GitHub - lohyt/Privilege-escalation-in-online-jewelry-website: Vertical Privilege Escalation vulnerability found in Online Jewellery Store from Sourcecodester website.

Cross-site scripting (XSS) vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL.

CVE
Open in Source
#sql#xss#vulnerability#web#git#php#chrome#firefox
CVE-2023-2134

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2133

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2135

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2137

Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2136: Stable Channel Update for Desktop

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Malware authors join forces and target organisations with Domino Backdoor

Categories: News Tags: domino Tags: loader Tags: backdoor Tags: malware Tags: ransomware Tags: emotet Tags: network Tags: corporate Tags: business Tags: organisation Tags: data Tags: theft Tags: steal Tags: banking Tags: trojan We take a look at a malware collective pushing a set of Domino malware files. (Read more...) The post Malware authors join forces and target organisations with Domino Backdoor appeared first on Malwarebytes Labs.

'Zaraza' Bot Targets Google Chrome to Extract Login Credentials

The data-stealing malware threatens the cyber safety of individual and organizational privacy by infecting a range of Web browsers.

Spring cleaning tips for your browser

Categories: News Tags: Some tips that can enhance your browser's speed Tags: so you have more time to enjoy the outdoors Some tips that can enhance your browser's speed, so you have more time to enjoy the outdoors. (Read more...) The post Spring cleaning tips for your browser appeared first on Malwarebytes Labs.

Google Issues Emergency Chrome Update for Zero-Day Bug

Because the security vulnerability is under active exploit, Google isn't releasing full details of the flaw while users could remain vulnerable.