Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1328-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1306-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : chromium (openSUSE-2020-1309)

This update for chromium fixes the following issues : Chromium was updated to version 85.0.4183.83 boo1175757 fixing : - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...

Google Chrome Security Update (stable-channel-update-for-desktop_25-2020-08) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1309-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1306-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

CVE-2020-6569

Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

Google Chrome Code Execution Vulnerability (CNVD-2020-49906)

Google Chrome is a web browser from Google. A security vulnerability exists in WebUSB in versions of Google Chrome prior to 85.0.4183.83. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 20 security fixes, including: 1109120 High CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-24 1116706 High CVE-2020-6559: Use after free in presentation API. Report...

OPENSUSE-SU-2020:1181-1 Security update of chromium

Chromium was updated to 84.0.4147.105 boo1174582: CVE-2020-6537: Type Confusion in V8 CVE-2020-6538: Inappropriate implementation in WebView CVE-2020-6532: Use after free in SCTP CVE-2020-6539: Use after free in CSS CVE-2020-6540: Heap buffer overflow in Skia CVE-2020-6541: Use after free in WebU...

Google Chrome Security Update (stable-channel-update-for-desktop_27-2020-07) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

chromium-browser: Use after free in WebUSB

Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6541

Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Google Chrome Code Execution Vulnerability (CNVD-2020-49883)

Google Chrome is a web browser from Google, Inc. WebUSB is a component that supports browser access to USB devices. A security vulnerability exists in WebUSB in versions of Google Chrome prior to 84.0.4147.105. A remote attacker can exploit the vulnerability to execute arbitrary code with the hel...

KLA11917 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebUSB can be exploited to cause denial of service. 2. Heap...

Stable Channel Update for Desktop

The stable channel has been updated to 84.0.4147.105 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update contains 8 security fixes, including: 1105318 High CVE-2020-6537: Type Confusion in V8. Reported by Alphalaab on 2020-07-14 1096677 High CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang@Rudykewang and Aryb1n@aryb1n of Tencent...

CVE-2019-18672

Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Notably, this breaks the security of U2F for new server registrations and invalidates existing...

CVE-2019-18672

Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow a partial reset of cryptographic secrets to known values via crafted messages. Notably, this breaks the security of U2F for new server registrations and invalidates existing...

CVE-2019-18671

Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes in the .bss segment via crafted messages. The vulnerability could allow code execution or other forms of impact. It can be triggered by unauthenticated attacke...