CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

CVE-2024-10487

Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-7281

Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-8905

Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5498

Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-4368

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

pipewire Security Vulnerabilities

pipewire is pipewire open source an underlying multimedia framework for processing audio and video on Linux systems. A security vulnerability exists in pipewire that stems from the Ubuntu pipeline-pulse in snap granting microphone access when the snap interface for audio recording is not set...

PT-2024-11902 · Canonical +1 · Pipewire-Pulse +1

Name of the Vulnerable Software and Affected Versions: pipewire-pulse in Ubuntu snap affected versions not specified Description: The issue concerns the pipewire-pulse in Ubuntu snap, which grants microphone access even when the snap interface for audio-record is not set. This could potentially...

CVE-2023-32216

Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

Internet Bug Bounty: Canonical Snapcraft vulnerable to remote code execution under certain conditions

Preface: I apologize for previously submitting this bug to hacker1 before it was fully addressed by the Ubuntu Security Team I have reported this issue to the Ubuntu Security team and it has been fixed: CVE-2020-27348 Bug link: https://bugs.launchpad.net/snapcraft/+bug/1901572 Ubuntu Security Tea...

Microsoft Releases PowerShell Core for Linux as a Snap Package

Microsoft's love for Linux continues… Microsoft has released its command-line shell and scripting language PowerShell Core for Linux operating system as a Snap package, making it easier for Linux users to install Microsoft PowerShell on their system. Yes, you heard me right. Microsoft has made...

Bytecoin cryptocurrency mining malware found in Ubuntu Snap Store

By Uzair Amir A Github user going by the handle of "Tarwirdur" recently This is a post from HackRead.com Read the original post: Bytecoin cryptocurrency mining malware found in Ubuntu Snap Store...