5606 matches found
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom...
Chromium: CVE-2023-4429: Use after free in Loader
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Smoke Loader Botnet Drops Location Tracker Whiffy Recon Malware
By Deeba Ahmed The new Whiffy Recon Malware was identified by cybersecurity researchers at Secureworks. This is a post from HackRead.com Read the original post: Smoke Loader Botnet Drops Location Tracker Whiffy Recon Malware...
SUSE CVE-2023-4429
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
FreeBSD : chromium -- multiple vulnerabilities (5fa332b9-4269-11ee-8290-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5fa332b9-4269-11ee-8290-a8a1599412c6 advisory. - Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote...
The vulnerability of the Google Chrome browser downloader allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Google Chrome browser browser loader is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
CVE-2023-4429
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2023-4429
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-4429
CVE-2023-4429 affects Google Chrome (Chromium-based) Loader use-after-free vulnerabilities prior to Chrome 116.0.5845.110. The issue allows a remote attacker to potentially trigger heap corruption via a crafted HTML page, with impact described as high. Connected advisories confirm Chromium/Chrome...
CVE-2023-4429
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
UBUNTU-CVE-2020-24292
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 r1859 allows remote attackers to run arbitrary code via opening of crafted ico file...
UBUNTU-CVE-2022-48063
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 116.0.5845.110, which stemmed from a post-release reuse issue in the Loader module...
PT-2023-4502 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.110 Description: The issue is related to a use after free in the Loader component, which could allow a remote attacker to exploit heap corruption via a crafted HTML page. This could potentially impac...
Malicious code in usaa-sass-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35bce4289bb065eb9e1460adcc822a34e49647575381e636708872a124ddbf1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1532 Malicious code in usaa-sass-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35bce4289bb065eb9e1460adcc822a34e49647575381e636708872a124ddbf1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-37250
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This...
CVE-2023-37250
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This...
CVE-2023-37250
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This...
Race condition
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This...