CVE-2020-15959

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering...

Information Disclosure

chromium is vulnerable to information disclosure. Out of bounds read in SQLite in Google Chrome allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Information Disclosure

chromium-browser is vulnerable to information disclosure. Uninitialized data in SQLite in Google Chrome allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Out Of Bound Reads

Google chrome is vulnerable to out of bound reads. Out of bounds read in SQLite in Google Chrome allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

AES Finder - Utility To Find AES Keys In Running Processes

Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys. Usage Open aes-finder.sln solution in Visual Studio 2013 to compile source. Alternatively use gcc/clang: g++ -O3 -march=native -fomit-frame-pointer aes-finder.cpp -o aes-finder To search for keys in process...

Google Chrome Security Bypass Vulnerability (CNVD-2020-61101)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions of Google Chrome prior to 85.0.4183.102, which can be exploited by an attacker to obtain potentially sensitive information in process memory...

CVE-2019-8607

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of proces...

Cisco Releases Security Advisory for DVMRP Vulnerability in IOS XR Software

Cisco has released a security advisory on a vulnerability—CVE-2020-3566—in the Distance Vector Multicast Routing Protocol DVMRP feature of Cisco IOS XR software. This vulnerability affects Cisco devices running IOS XR software that have an active interface configured under multicast routing. A...

CVE-2020-6555

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

chromium-browser: Side-channel information leakage in autofill

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

MGASA-2020-0300 Updated thunderbird packages fix security vulnerability

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection CVE-2020-12398. When browsing a malicious page, a race condition in our...

About the security content of watchOS 3 - Apple Support

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, see the Apple Product Security...

DEBIAN-CVE-2020-6521

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6521

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6521

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6521

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6521

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Updated firefox packages fix security vulnerability

Updated nss and firefox packages fix security vulnerabilities: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys CVE-2020-12399. Side channel vulnerabilities during RSA key generation in NSS CVE-2020-12402. When browsing ...

Security Vulnerabilities fixed in Thunderbird 68.10.0 — Mozilla

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash.Note: this issue only affects Firefox on ARM64 platforms. Manipulating individual parts of a URL object could have caused an...

CVE-2020-6503

Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...