4 matches found
Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions
A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions. "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly instal...
Microsoft Issues January 2023 Patch Tuesday Updates, Warns of Zero-Day Exploit
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild. 11 of the 98 issues are rated Critical and 87 are rated Important in severity, with one of the vulnerabilities...
CVE-2019-18894
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently...
The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird, related to errors in the implementation of the inter-process communication authentication mechanism, allows an attacker to escalate their privileges and escape from the isolated software environment.
The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird is related to errors in the implementation of the inter-process communication authentication mechanism. Exploiting this vulnerability can allow a malicious actor to increase their privileges and gain access...