Tag
Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.
Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.2.
This affects all versions of package google-cloudstorage-commands.
Google has issued an update for the Chrome browser that includes 11 security fixes, including 5 with a high severity The post Update Google Chrome now! New version includes 11 important security patches appeared first on Malwarebytes Labs.
The next time someone wants to borrow your device to make a call or take a picture, take these steps to protect your privacy.
Plus: The FCC cracks down on car warranty robocalls, Thai activists get targeted by NSO's Pegasus, and the Russia-Ukraine cyberwar continues.
Hello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldn’t be unusual for a US government agency, NSA or CIA to publish such a report. But when a global IT vendor, which, in […]
Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.
Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture.