Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR

The Hacker News
Open in Source
#vulnerability#web#ios#mac#windows#apple#google#microsoft#linux#buffer_overflow#asus#zero_day#chrome#The Hacker News
Update Chrome now! Google patches critical vulnerability being exploited in the wild

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: CVE-2023-4863 Tags: WebP Tags: buffer overflow Tags: 116.0.5845.187/.188 Chrome users are being urged to patch a critical vulnerability for which an exploit is available. (Read more...) The post Update Chrome now! Google patches critical vulnerability being exploited in the wild appeared first on Malwarebytes Labs.

Two Apple issues added by CISA to its catalog of known exploited vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: Blastpass Tags: citizenlab Tags: pegasus Tags: nso Tags: cisa Tags: apple Tags: cve-2023-41064 Tags: cve-2023-41061 Tags: buffer overflow CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities. (Read more...) The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.

Major cyberattack leaves MGM Resorts reeling

Categories: News Categories: Personal Tags: MGM resorts Tags: hotel Tags: casino Tags: attack Tags: cyber Tags: shutdown MGM resorts has suffered a major cyberattack leading to shutdowns across the US. (Read more...) The post Major cyberattack leaves MGM Resorts reeling appeared first on Malwarebytes Labs.

CVE-2023-40440: About the security content of macOS Monterey 12.6.8

This issue was addressed with improved state management of S/MIME encrypted emails. This issue is fixed in macOS Monterey 12.6.8. A S/MIME encrypted email may be inadvertently sent unencrypted.

CVE-2023-38878: GitHub - devcode-it/openstamanager: Il software gestionale open source per l'assistenza tecnica e la fatturazione

A reflected cross-site scripting (XSS) vulnerability in DevCode OpenSTAManager versions 2.4.24 to 2.4.47 may allow a remote attacker to execute arbitrary JavaScript in the web browser of a victim by injecting a malicious payload into the 'error' and 'error_description' parameters of 'oauth2.php'.

CVE-2023-38743: Authenticated RCE vulnerability in ADManager Plus | CVE

Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine.

Apple Security Advisory 2023-09-07-1

Apple Security Advisory 2023-09-07-1 - macOS Ventura 13.5.2 addresses buffer overflow and code execution vulnerabilities.

CVE-2019-16470: Adobe Security Bulletin

Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2022-28831: Adobe Security Bulletin

Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.