Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2021-22142: Elastic Stack 7.13.0 and 6.8.16 Security Update

Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content.

CVE
#vulnerability#chrome
Atomic Stealer distributed to Mac users via fake browser updates

Compromised websites are being used to redirect to fake browser updates and deliver malware onto Mac users.

Jorani Leave Management System 1.0.2 Host Header Injection

Jorani Leave Management System version 1.0.2 suffers from a host header injection vulnerability.

FireBear Improved Import And Export 3.8.6 XSLT Server Side Injection

FireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution.

ALPHV (BlackCat) Ransomware Gang Uses Google Ads for Targeted Victims

By Deeba Ahmed Yet another day, another instance of a Google service being exploited for spreading malware infections. This is a post from HackRead.com Read the original post: ALPHV (BlackCat) Ransomware Gang Uses Google Ads for Targeted Victims

CVE-2023-36026

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2023-36008

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2023-6112: Chromium: CVE-2023-6112 Use after free in Navigation

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2023-5997: Chromium: CVE-2023-5997 Use after free in Garbage Collection

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Debian Security Advisory 5556-1

Debian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.