183 matches found
CVE-2019-11741
A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these site...
Google Chrome Script Injection Vulnerability (CNVD-2019-21125)
Google Chrome is a web browser from Google, an American company. A script injection vulnerability exists in Google Chromium versions prior to 69.0.3497.81. An attacker can exploit this vulnerability to execute malicious scripts in a user's browser...
Rockwell Automation/Allen-Bradley 1768-EWEB Ethernet/IP Enhanced Web Server Module
Binary data 69.prm...
CVE-2018-16078
Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
UBUNTU-CVE-2018-16071
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...
UBUNTU-CVE-2018-17459
Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
Fedora 28 : chromium (2018-13d8c35127)
Update to Chromium 69. EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives... Fixes a lot of security issues, like every major release of Chromium, including CVE-2018-16087 CVE-2018-16088 CVE-2018-16086CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068...
Google Vows Privacy Changes in Chrome Browser After User Backlash
Google took steps to quiet critics Wednesday after irking them earlier this week when data privacy issues tied to Chrome 69 came to light. On Sunday, Matthew Green, a cryptographer and professor at Johns Hopkins University, blasted Google for what he said were questionable privacy policies in...
Fedora 27 : chromium (2018-4a16e37c81)
The remote Fedora 27 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2018-4a16e37c81 advisory. Update to Chromium 69. EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives... Fixes a lot of security issues, like...
Security update for chromium (important)
This update for Chromium to version 69.0.3497.81 fixes multiple issues. Security issues fixed boo1107235: - CVE-2018-16065: Out of bounds write in V8 - CVE-2018-16066:Out of bounds read in Blink - CVE-2018-16067: Out of bounds read in WebAudio - CVE-2018-16068: Out of bounds write in Mojo -...
chromium-browser: Multiple download restriction bypass
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
chromium-browser: Use after free in WebRTC
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...
chromium-browser: Out of bounds write in V8
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
chromium-browser: User gesture requirement bypass
A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page...
Google Chrome Blink Buffer Overflow Vulnerability (CNVD-2019-03614)
Google Chrome is a web browser developed by Google Inc. Blink is a browser layout engine rendering engine jointly developed by Google Inc. and Opera Software of Norway. A buffer overflow vulnerability exists in Blink in versions of Google Chrome prior to 69.0.3497.81. The vulnerability can be...
Google Chrome DevTools Information Disclosure Vulnerability
Google Chrome is the United States Google Google company developed a Web browser. Devtools is one of the development and debugging tools. An information disclosure vulnerability exists in DevTools in versions of Google Chrome prior to 69.0.3497.81. A remote attacker can exploit the vulnerability ...
Google Chrome WebRTC Buffer Overflow Vulnerability
Google Chrome is a web browser developed by Google, Inc. WebRTC is a component of the browser that supports real-time voice or video conversations. A buffer overflow vulnerability exists in WebRTC in Google Chrome versions prior to 69.0.3497.81. An attacker can exploit the vulnerability to obtain...
Google Chrome URL Spoofing Vulnerability (CNVD-2018-22398)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the full-screen mode in Google Chrome versions prior to 69.0.3497.81. A remote attacker can exploit the vulnerability to forge URLs...
Google Rolls Out 40 Fixes with Chrome 69
Google has officially lifted the curtain on Chrome 69 for Windows, Mac and Linux this week. The tech giant’s latest browser version comes loaded with new security features and a slew of patches. Overall, the update included 40 security fixes. Several of those were rated “high,” including five...
CVE-2018-4853
A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...