Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2023-48200: GitHub - grocy/grocy: ERP beyond your fridge - Grocy is a web-based self-hosted groceries & household management solution for your home

Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component.

CVE
Open in Source
#sql#xss#vulnerability#web#windows#linux#nodejs#js#git#php#nginx#auth#docker#chrome#firefox
CVE-2023-6112: Stable Channel Update for Desktop

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release. The updates are in

CVE-2022-45781: Tenda AX1803 Buffer Overflow vulnerability . - XFALLEN

Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName.

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October 2023, targeting marketing professionals in India with an aim to hijack Facebook business accounts. "An important feature that sets it apart is that, unlike previous campaigns, which relied on .NET applications, this one used Delphi as the programming

Debian Security Advisory 5551-1

Debian Linux Security Advisory 5551-1 - Debian appears to have forgotten to put the actual details of the advisory in this advisory, but they recommend that you upgrade your chromium packages.

Debian Security Advisory 5546-1

Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-36027

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2023-36027: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.

CVE-2023-36024

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability