Debian DSA-5112-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5112 advisory. - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially...

Use After Free

chromium is vulnerable to use after free.The vulnerability exist in QR Code Generator...

Chromium: CVE-2022-1127 Use after free in QR Code Generator

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA12495 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Portals can be...

FreeBSD : chromium -- multiple vulnerabilities (ab2d7f62-af9d-11ec-a0b8-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ab2d7f62-af9d-11ec-a0b8-3065ec8fd3ec advisory. - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc.V8 is an open source JavaScript engine. Google Chrome suffers from a resource management error vulnerability that stems from post-release reuse in the QR code generator...

Google Chrome < 100.0.4896.60 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 100.0.4896.60. It is, therefore, affected by multiple vulnerabilities as referenced in the 202203stable-channel-update-for-desktop29 advisory. - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allow...

TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps

An Android banking trojan designed to steal credentials and SMS messages has been observed once again sneaking past Google Play Store protections to target users of more than 400 banking and financial apps, including those from Russia, China, and the U.S. "TeaBot RAT capabilities are achieved via...

qrcp 路径遍历漏洞

Qrcp is a personal developer by Claudio D'Angelis of Italy that scans QR codes to transfer files from a computer to a mobile device over Wifi without leaving the terminal. A security vulnerability exists in qrcp that allows file names specified by the uploader to be ... / directory traversal by t...

WordPress Qyrr – simply and modern QR-Code creation plugin <= 0.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Qyrr – simply and modern QR-Code creation plugin versions = 0.7. Solution Update the WordPress Qyrr – simply and modern QR-Code creation plugin to the latest available version at least 0.8...

Input Validation Error

firefox is vulnerable to input validation error. The vulnerability exists due to lack of URL restrictions when scanning QR codes allowing navigation to some URLs that do not point to web content. This bug only affects Firefox for Android. Other operating systems are unaffected...

Mageia: Security Advisory (MGASA-2020-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Widespread FluBot and TeaBot Malware Campaigns Targeting Android Devices

Researchers from the Bitdefender Mobile Threats team said they have intercepted more than 100,000 malicious SMS messages attempting to distribute Flubot malware since the beginning of December. "Findings indicate attackers are modifying their subject lines and using older yet proven scams to enti...

The vulnerability of the Covid-19 contact tracing system’s web app that uses QR code scanning lies in the insufficient protection of operational data, allowing attackers to carry out cross-site attacks.

The vulnerability of the Covid-19 contact tracing system’s web app with QR code scanning lies in the insufficient protection of sensitive data when the username parameter is used on the login page. Exploiting this vulnerability could allow a malicious actor to perform cross-site attacks using a...

Warning issued over tampered QR codes

Avid readers of the Malwarebytes Labs blog will be well aware of QR code scams. Take, for example, that QR code scam in the Netherlands that victimized at least a dozen and definitely more car owners. It went like this: Someone approaches you and says they want to pay for their parking but cant...

Surge in Malicious QR Codes Sparks FBI Alert

Menus, event ticket sales, quick site access — QR codes have become a common way to interact as a result of the COVID-19 pandemic. But the smart little matrix bar codes are easily tampered with and can be used to direct victims to malicious sites, the FBI warned in an alert. QR codes are the...

Security Vulnerabilities fixed in Firefox 96 — Mozilla

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.This bug only affects Firefox for Windows. Other operating systems are unaffected. When navigating from inside an iframe while requesting fullscreen access,...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security vulnerability that stems from the fact that when a QR code is scanned, Firefox for Android will allow navigation to URLs that do not point to web content...

CVE-2021-38957

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040...

CVE-2021-38957

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclose sensitive information due to hazardous input validation during QR code generation. IBM X-Force ID: 212040...