Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Tramyardg Autoexpress 1.3.0 SQL Injection

Tramyardg Autoexpress version 1.3.0 suffers from a remote SQL injection vulnerability.

Packet Storm
#sql#vulnerability#web#apple#google#ubuntu#linux#apache#js#git#java#php#auth#chrome#webkit
Gasmark Pro 1.0 Shell Upload

Gasmark Pro version 1.0 suffers from a remote shell upload vulnerability.

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said. “If we

CVE-2024-2400: Chromium: CVE-2024-2400 Use after free in Performance Manager

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Debian Security Advisory 5639-1

Debian Linux Security Advisory 5639-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2024-26246: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this could bypass the Edge AutoFill Protection feature

CVE-2024-26163: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a browser sandbox escape.

Client Details System 1.0 SQL Injection

Client Details System version 1.0 suffers from a remote SQL injection vulnerability.

SnipeIT 6.2.1 Cross Site Scripting

SnipeIT version 6.2.1 suffers from a persistent cross site scripting vulnerability.