Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2024-4948: Chromium: CVE-2024-4948 Use after free in Dawn

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

Microsoft Security Response Center
#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2024-4947: Chromium: CVE-2024-4947 Type Confusion in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-30056: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris

GHSA-xc3p-28hw-q24g: Grafana proxy Cross-site Scripting

Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MEDIUM severity security fix for XSS for Grafana. Release v.8.3.5, only containing security fixes: - [Download Grafana 8.3.5](https://grafana.com/grafana/download/8.3.5) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-5/) Release v.7.5.15, only containing security fixes: - [Download Grafana 7.5.15](https://grafana.com/grafana/download/7.5.15) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-15/) ## XSS ([CVE-2022-21702](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702)) ### Summary On Jan. 16, an external security researcher, Jasu Viding contacted Grafana to disclose an XSS vulnerability in the way that Grafana handles data sources. An attacker could serve HTML content through the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-si...

Patch Tuesday, May 2024 Edition

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.

Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data

By Deeba Ahmed Android Security Alert- Hackers are disguising malware as popular apps like Instagram and Snapchat to steal your login details. Learn how to identify fake apps and protect yourself from this sneaky cyberattack. This is a post from HackRead.com Read the original post: Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024. Out-of-bounds write bugs could be typically

Update Chrome now! Google releases emergency security patch

Google has released security patches for two vulnerabilities. Make sure you're using the latest version.

CVE-2024-4761: Chromium: CVE-2024-4761 Out of bounds write in V8

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**