Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2023-35618: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a browser sandbox escape.

Microsoft Security Response Center
#vulnerability#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader

Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin.

CE Phoenixcart 1.0.8.20 Shell Upload

CE Phoenixcart version 1.0.8.20 suffers from a remote shell upload vulnerability.

New Report: Unveiling the Threat of Malicious Browser Extensions

Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like

CVE-2023-6512: Stable Channel Update for Desktop

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)

The 23andMe Data Breach Keeps Spiraling

23andMe has provided more information about the scope and scale of its recent breach, but with these details come more unanswered questions.

Fake Lockdown Mode Exposes iOS Users to Malware Attacks

By Waqas iOS Security Flaw: Fake Lockdown Mode Can Be Used to Trick Users, Leaving Them Exposed. This is a post from HackRead.com Read the original post: Fake Lockdown Mode Exposes iOS Users to Malware Attacks

Inside America's School Internet Censorship Machine

A WIRED investigation into internet censorship in US schools found widespread use of filters to censor health, identity, and other crucial information. Students say it makes the web entirely unusable.

A week in security (November 27 – December 3)

A list of topics we covered in the week of November 27 to December 3 of 2023