125 matches found
CVE-2018-5742
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...
Design/Logic Flaw
cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication SEC-72...
UBUNTU-CVE-2019-5786
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
Linux/x86 - shred file Shellcode (72 bytes)
Exploit Title: Linux/x86 shred file 72 bytes Google Dork: None Exploit Author: strider Vendor Homepage: None Software Link: None Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : None Shellcode Length: 72 ------------------------------Description--------------------------------- This...
Chrome V8TrustedTypePolicyOptions::ToImpl Type Confusion Vulnerability
Chrome: Type confusion in V8TrustedTypePolicyOptions::ToImpl VULNERABILITY DETAILS The binding code generator doesn't add checks to ensure that the callback properties of a dictionary are indeed JS functions. For example, for the the TrustedTypePolicyOptions dictionary:...
DEBIAN-CVE-2019-5783
Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page...
CVE-2019-5771
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page...
UBUNTU-CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
UBUNTU-CVE-2019-5778
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension...
UBUNTU-CVE-2019-5777
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
chromium-browser: Use after free in PDFium
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...
Google Chrome memory misreference vulnerability (CNVD-2019-06210)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A memory misreference vulnerability exists in PDFium in versions of Google Chrome prior to 72.0.3626.81. No details of the vulnerability are provided at this time...
Google Chrome Insufficient Policy Enforcement Vulnerability (CNVD-2019-23565)
Chrome is a web browsing tool developed by Google. A policy enforcement insufficiency vulnerability exists in Omnibox in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit the vulnerability to spoof the contents of the Omnibox URL bar via a crafted domain name...
Google Chrome Insufficient Policy Enforcement Vulnerability (CNVD-2019-23564)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A policy enforcement insufficiency vulnerability exists in Omnibox in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit the vulnerability to...
Google Chrome Insufficient Data Validation Vulnerability
Chrome is a web browsing tool developed by Google. A data validation insufficiency vulnerability exists in IndexedDB in Google Chrome versions prior to 72.0.3626.81. An attacker can exploit this vulnerability to bypass the same source policy via a crafted HTML page...
Google Chrome ServiceWorker Policy Enforcement Vulnerability
Google Chrome is the United States Google Google company developed a Web browser. ServiceWorker is one of the background messaging components. A security vulnerability exists in ServiceWorker in versions of Google Chrome prior to 72.0.3626.81, which stems from the program failing to adequately...
Google Chrome memory misreference vulnerability (CNVD-2019-06211)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A memory misreference vulnerability exists in SwiftShader in versions prior to Google Chrome 72.0.3626.81. No detailed vulnerability details are provided at this ti...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 72 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 72.0.3626.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach
British and Dutch data protection regulators Tuesday hit the ride-sharing company Uber with a total fine of $1,170,892 1.1 million for failing to protect its customers' personal information during a 2016 cyber attack involving millions of users. Late last year, Uber unveiled that the company had...
72 Hours: Understanding the GDPR Data Breach Reporting Timeline
We're down to the wire with respect to the General Data Protection Regulation GDPR compliance deadline of May 25, 2018. Organizations that fail to comply could face fines of up to €20M roughly $22M or 4 percent of their annual global turnover from the prior year and we’ll soon see just how EU...