21 matches found
SUSE CVE-2026-7930
Is not a vulnerability, is a feature bug...
EUVD-2026-27963
Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7930
CVE-2026-7930 concerns Chromium/Google Chrome cookies input validation. Multiple connected sources describe insufficient validation of untrusted input in Cookies, enabling privilege escalation via a crafted HTML page. Debian security advisory DSA-6250-1 lists Chrome/Chromium as affected and notes...
CVE-2026-7930
Removed by vendor...
Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32
A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster tracked as APT32, a Vietnamese-aligned hacking crew that's also...
Malicious code in assisting-threading (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 33605e5f943eacd5d5ab7a4c37625226e2ef072f2fd3dac068b169d58ba1c2c9 Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...
Malicious code in threading-assistant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b7b431362a8fc3af245e62278011eb007f0b23eeaa959c3a34bbb959fa549a4c Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...
MAL-2024-12362 Malicious code in thethreadingassistant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 762eff7d2ce4176f6050d35736ba93b5853e8519e760522372aced785a146e59 Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...
Malicious code in assistant-threader (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6dba125172b57e6b24bcd2cc0df076483e1fe36d1969f37e533d611fb6f9d808 Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...
Malicious code in thethreadingassistant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 762eff7d2ce4176f6050d35736ba93b5853e8519e760522372aced785a146e59 Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...
MAL-2024-12363 Malicious code in threading-assistant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b7b431362a8fc3af245e62278011eb007f0b23eeaa959c3a34bbb959fa549a4c Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...
SUSE CVE-2017-5042
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent...
SUSE CVE-2019-13744
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
SUSE CVE-2022-2615
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
SUSE CVE-2022-2860
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page...
DEBIAN-CVE-2022-2860
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page...
CVE-2022-2615
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
DonPAPI - Dumping DPAPI Credz Remotely
Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...
Google Chrome cookies information disclosure vulnerability
Google Chrome is a web browser from Google, Inc. cookies is one of the cookie plug-ins. An information disclosure vulnerability exists in Google Chrome cookies, which stems from the program's failure to fully implement policies. The vulnerability can be exploited to disclose cross-origin data via...
DEBIAN-CVE-2019-13744
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page...