Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2023-27796: my-vuls/RG-EW PRO Series at main · winmt/my-vuls

RG-EW1200G PRO Wireless Routers EW_3.0(1)B11P204, RG-EW1800GX PRO Wireless Routers EW_3.0(1)B11P204, and RG-EW3200GX PRO Wireless Routers EW_3.0(1)B11P204 were discovered to contain multiple command injection vulnerabilities via the data.ip, data.protocal, data.iface and data.package parameters in the runPackDiagnose function of diagnose.lua.

CVE
Open in Source
#vulnerability#web#windows#apple#js#auth#telnet#chrome#webkit
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.

Malicious ChatGPT Extensions Add to Google Chrome Woes

The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users' Facebook accounts through stolen cookies.

Online Graduate Tracer System 1.0 SQL Injection

Online Graduate Tracer System version 1.0 suffers from a remote SQL injection vulnerability.

Sales Tracker Management System 1.0 Cross Site Scripting

Sales Tracker Management System version 1.0 suffers from a cross site scripting vulnerability.

Debian Security Advisory 5377-1

Debian Linux Security Advisory 5377-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-27242: Loan-Management-System/README.md at main · kaikai-11/Loan-Management-System

SourceCodester Loan Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Type parameter under the Edit Loan Types module.

CVE-2023-28286: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

CVE-2023-28261: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level.

CVE-2023-1534: Chromium: CVE-2023-1534 Out of bounds read in ANGLE

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**