Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2022-22021

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.

CVE
#vulnerability#microsoft#rce#chrome
CVE-2022-28749: Security Bulletin

Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host.

CVE-2022-24436: INTEL-SA-00698

Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.

CVE-2022-21180: INTEL-SA-00645

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

CVE-2022-21166: INTEL-SA-00615

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-28226: Яндекс Охота в Браузере

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.

CVE-2022-24127: REDCap Change Log - Eastern Virginia Medical School (EVMS), Norfolk, Hampton Roads

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.

Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser”

Mozilla has launched its Total Cookie Protection addition to Firefox for users worldwide. What does it do? The post Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser” appeared first on Malwarebytes Labs.

Update now!  Microsoft patches Follina, and many other security updates

Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized. The post Update now!  Microsoft patches Follina, and many other security updates appeared first on Malwarebytes Labs.