Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Netgear wireless router open to code execution after buffer overflow vulnerability

There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.

TALOS
Open in Source
#vulnerability#web#mac#windows#google#microsoft#cisco#dos#js#java#intel#rce#perl#buffer_overflow#chrome#wifi
Tramyardg Autoexpress 1.3.0 Authentication Bypass

Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.

Gasmark Pro 1.0 Shell Upload

Gasmark Pro version 1.0 suffers from a remote shell upload vulnerability.

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said. “If we

CVE-2024-2400: Chromium: CVE-2024-2400 Use after free in Performance Manager

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Debian Security Advisory 5639-1

Debian Linux Security Advisory 5639-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2024-26246: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this could bypass the Edge AutoFill Protection feature

CVE-2024-26163: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a browser sandbox escape.