Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2023-46485: TOTOlink X6000R command injection(setTracerouteCfg)

An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component.

CVE
#vulnerability#web#windows#apple#js#java#acer#chrome#webkit
CVE-2023-45996: Vuln0wned Report: SQL Injection in member_type.php · Issue #216 · slims/slims9_bulian

SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the member_type.php.

Hamas Hackers Targeting Israelis with New BiBi-Linux Wiper Malware

By Waqas The Security Joes Incident Response team of cybersecurity researchers recently discovered the new BiBi-Linux Wiper malware. This is a post from HackRead.com Read the original post: Hamas Hackers Targeting Israelis with New BiBi-Linux Wiper Malware

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. "MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications to Windows users," Elastic

CVE-2023-46867: Bugs from Fuzzing · Issue #54 · InternationalColorConsortium/DemoIccMAX

In International Color Consortium DemoIccMAX 79ecb74, CIccXformMatrixTRC::GetCurve in IccCmm.cpp in libSampleICC.a has a NULL pointer dereference.

Surge in QR Code Quishing: Check Point Records 587% Attack Spike

By Deeba Ahmed Explore insights into the rise of Quishing attacks, the risks associated with QR code exploitation, and crucial preventive… This is a post from HackRead.com Read the original post: Surge in QR Code Quishing: Check Point Records 587% Attack Spike

iLeakage Attack: Theft of Sensitive Data from Apple’s Safari Browser

By Deeba Ahmed What happens in iLeakage attacks is that the CPU is tricked into executing speculative code that reads sensitive data from memory. This is a post from HackRead.com Read the original post: iLeakage Attack: Theft of Sensitive Data from Apple’s Safari Browser

CVE-2023-5472: Chromium: CVE-2023-5472: Use after free in Profiles

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Safari Side-Channel Attack Enables Browser Theft

The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history.