Tag
#chrome
Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.
Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enable information disclosure via network access.
Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that it said is being actively exploited in the wild. Trend Micro's Zero Day Initiative (ZDI) said the volume is the lowest since August 2021, although it pointed out that "this number is expected to rise in the coming months." Of the 38 vulnerabilities, six are rated Critical and
There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions.
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.
Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter.
Categories: Threat Intelligence Tags: malvertising Tags: Aurora stealer Tags: loader Tags: Amadey Not all system updates mean well, and some will even trick you into installing malware. (Read more...) The post Fake system update drops Aurora stealer via Invalid Printer loader appeared first on Malwarebytes Labs.
By Deeba Ahmed The first-ever browser security survey of CISOs’ security practices reveals CISOs' struggles, displeasure with current security solutions and cloud concerns. This is a post from HackRead.com Read the original post: LayerX’s Browser Security Survey Reveals: 87% of SaaS Adopters Exposed to Browser-borne Attacks in the Past Year