DEBIAN-CVE-2024-6989

Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-6989

Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-6989

Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-6989

Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-6989

Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry

The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, we...

qt5-webengine -- Multiple vulnerabilities

Backports for 6 security bugs in Chromium: CVE-2024-5496: Use after free in Media Session CVE-2024-5846: Use after free in PDFium CVE-2024-6291: Use after free in Swiftshader CVE-2024-6989: Use after free in Loader CVE-2024-6996: Race in Frames CVE-2024-7536: Use after free in WebAudio...

The vulnerability of the Loader component in Google Chrome and Microsoft Edge browsers allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Loader component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause service interruptions or execute arbitrary code...

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware

Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses SMBs in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns...

CVE-2024-41373

ICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php...

ICEcoder 安全漏洞

ICEcoder is a browser-based code editor from ICEcoder open source. Allows users to code online or offline directly in a web browser. A security vulnerability exists in ICEcoder version 8.1, which stems from the discovery of a contained path traversal vulnerability via...

PT-2024-29381 · Icecoder · Icecoder

Name of the Vulnerable Software and Affected Versions: ICEcoder version 8.1 Description: The issue is related to a Path Traversal vulnerability. It affects the lib/backup-versions-preview-loader.php file. Recommendations: For ICEcoder version 8.1, consider restricting access to the...

Chromium: CVE-2024-6989 Use after free in Loader

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA71043 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

Google Chrome < 127.0.6533.72 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 127.0.6533.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop23 advisory. - Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that originates from memory reuse after release in Loader. An attacker can exploit this vulnerability to execute arbitrary code on the system...

PT-2024-40821 · Jflex · Jflex

Name of the Vulnerable Software and Affected Versions: jflex affected versions not specified Description: A security exception crash has been reported. The crash occurs in the jflex.core.NFA.insertNFA function, which is called by java.base/java.lang.ClassLoader.defineClass1 and...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

Collateral Damage Collateral Damage is a kernel exploit for Xb...

RHEL 8 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 ...

RHEL 9 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A vulnerabilit...