Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Apple Users Need to Update iOS Now to Patch Serious Flaws

Plus: Microsoft fixes several zero-day bugs, Google patches Chrome and Android, Mozilla rids Firefox of a full-screen vulnerability, and more.

Wired
Open in Source
#vulnerability#web#ios#android#mac#windows#apple#google#microsoft#dos#java#vmware#buffer_overflow#samsung#zero_day#chrome#webkit#firefox#sap
CVE-2021-46841: About the security content of Apple Music 3.5.0 for Android

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.

CVE-2022-32836: About the security content of Apple Music 3.9.10 for Android

This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.

Password managers: A rough guide to enterprise secret platforms

The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more

CVE-2022-34910: AREMIS: Digital solutions, consulting workspaces and FM

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device.

A week in security (February 20 - 26)

Categories: News The most interesting security related news from the week of February 20 to 26. (Read more...) The post A week in security (February 20 - 26) appeared first on Malwarebytes Labs.

CVE-2023-0927: Chromium: CVE-2023-0927 Use after free in Web Payments API

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

'New Class of Bugs' in Apple Devices Opens the Door to Complete Takeover

With the right kind of exploit, there's hardly any function, app, or bit of data an attacker couldn't access on your Mac, iPad, or iPhone.

Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors

Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor (AP), it's just one of the many processors of a system-on-chip (SoC) that cater to various tasks like cellular communications and multimedia processing. "Securing the Android Platform requires going