Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said. “If we

The Hacker News
Open in Source
#ios#google#chrome#The Hacker News
CVE-2024-2400: Chromium: CVE-2024-2400 Use after free in Performance Manager

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Debian Security Advisory 5639-1

Debian Linux Security Advisory 5639-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2024-26246: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this could bypass the Edge AutoFill Protection feature

CVE-2024-26163: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a browser sandbox escape.

Client Details System 1.0 SQL Injection

Client Details System version 1.0 suffers from a remote SQL injection vulnerability.

SnipeIT 6.2.1 Cross Site Scripting

SnipeIT version 6.2.1 suffers from a persistent cross site scripting vulnerability.

New Vcurms Malware Targets Popular Browsers for Data Theft

By Waqas Another day, another malware exploiting cloud services to steal sensitve data from unsuspecting Windows users. This is a post from HackRead.com Read the original post: New Vcurms Malware Targets Popular Browsers for Data Theft

FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk

By Waqas The February 2024 Global Threat Index report released by Check Point Software Technologies Ltd. exposes the alarming vulnerability of cybersecurity worldwide. This is a post from HackRead.com Read the original post: FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk