CVE-2024-5836

Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

CVE-2024-5836

Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

CVE-2024-5836

CVE-2024-5836 affects Google Chrome DevTools by Inappropriate Implementation in DevTools, allowing code execution when a user is convinced to install a crafted Chrome Extension. Impact is High with attacker-controlled arbitrary code execution possible via a malicious extension, prior to Chrome 12...

CVE-2024-5836

Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

CVE-2024-5836

Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

Google Chrome < 126.0.6478.56 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 126.0.6478.56. It is, therefore, affected by multiple vulnerabilities as referenced in the 202406stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a...

KLA68913 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in PDFium can be exploited to caus...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 126 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 126.0.6478.54 Linux 126.0.6478.56/57 Windows, Mac contains a number of fixes and improvements -- a list of changes is...

PT-2024-4245 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.54 Description: The issue is related to an inappropriate implementation in DevTools, which can be exploited by an attacker to execute arbitrary code via a crafted Chrome Extension. This can happen if...

abedy-gitlab-client (>=0.0.2.4 <=0.3.0), abilian-devtools (>=0.5.14 <=0.7.3) +1315 more potentially affected by CVE-2024-21503 via black (>=18.3.0a0 <=24.2.0)

black PYPI version =18.3.0a0, =0.0.2.4, =0.5.14, =0.1.0, =0.0.1, =0.1.5, =0.1.0, =0.4.0, =1.0.0, =0.1.2, =0.1.2, =0.1.0, =0.1.2, =1.0.2 - aibs-informatics-test-resources =0.0.4 and more Source cves: CVE-2024-21503 Source advisory: OSV:PYSEC-2024-48...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0092-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6669-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6669-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsin...

GLSA-202402-26 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-26 Mozilla Firefox: Multiple Vulnerabilities - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

Rocky Linux 8 : firefox (RLSA-2024:0608)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0608 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affect...

Medium: firefox

Issue Overview: An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. CVE-2024-0741 It was possible for certain browser prompts and dialogs to b...

Medium: thunderbird

Issue Overview: An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. CVE-2024-0741 It was possible for certain browser prompts and dialogs to b...

Updated nss and firefox packages fix some security vulnerabilities

Out of bounds write in ANGLE. CVE-2024-0741 Failure to update user input timestamp. CVE-2024-0742 Crash when listing printers on Linux. CVE-2024-0746 Bypass of Content Security Policy when directive unsafe-inline was set. CVE-2024-0747 Phishing site popup could show local origin in address bar...

AlmaLinux 9 : firefox (ALSA-2024:0603)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0603 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects...