Security
Headlines
HeadlinesLatestCVEs

Tag

#google

CVE-2021-37988: Stable Channel Update for Desktop

Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.

CVE
Open in Source
#google
CVE-2021-37978: Stable Channel Update for Desktop

Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37979: Stable Channel Update for Desktop

heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-37980: Stable Channel Update for Desktop

Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows.

CVE-2021-37977: 1252878 - chromium - An open-source project to help move the web forward. - Monorail

Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Android Patches Actively Exploited Zero-Day Kernel Bug

Google’s Android November 2021 security updates plug 18 flaws in the framework and system components and 18 more in the kernel and vendor components.

Google patches zero-day vulnerability, and others, in Android

Google has patched 39 vulnerabilities, some of which are rated as critical and one that may be under limited, targeted exploitation. Categories: Exploits and vulnerabilities Tags: Android TV CVE-2-21-0930 CVE-2021-0889 CVE-2021-0918 CVE-2021-0930 CVE-2021-1048 CVE-2021-1924 CVSS eop heap overflow MediaTek patch levels qualcomm rce UAF *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/11/google-patches-zero-day-vulnerability-and-others-in-android/ ) )* The post Google patches zero-day vulnerability, and others, in Android appeared first on Malwarebytes Labs.

Apple macOS Flaw Allows Kernel-Level Compromise

‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.

Data breach at US healthcare provider Viverant PT impacts more than 6,500 patients

Minnesota healthcare provider hit by cyber-attack A data breach at a physical therapy center based in the US has breached the personal data of more than 6,500 patients. Viverant PT, based in Minneapol

Is Apple’s Safari browser the last, best hope for web privacy?

Apple's "also ran" browser might be the most important bulwark we have against a Google Chrome hegemony. Categories: Privacy Tags: Apple privacy safari *( Read more... ( https://blog.malwarebytes.com/cybercrime/privacy/2021/11/is-apples-safari-browser-the-last-best-hope-for-web-privacy/ ) )* The post Is Apple’s Safari browser the last, best hope for web privacy? appeared first on Malwarebytes Labs.