22 matches found
Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input i...
Google Chrome Heap Corruption (CVE-2021-21166)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild
Threat intelligence researchers from Google on Wednesday shed more light on four in-the-wild zero-days in Chrome, Safari, and Internet Explorer browsers that were exploited by malicious actors in different campaigns since the start of the year. What's more, three of the four zero-days were...
New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered...
Fedora 33 : chromium (2021-4740239e28)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-4740239e28 advisory. - Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a...
openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0392-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Microsoft Edge (Chromium-Based) Multiple Vulnerabilities (Mar 2021)
This host is missing an important security update according to Microsoft Edge Chromium-Based updates. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild
Google has addressed yet another actively exploited zero-day in Chrome browser, marking the second such fix released by the company within a month. The browser maker on Friday shipped 89.0.4389.90 for Windows, Mac, and Linux, which is expected to be rolling out over the coming days/weeks to all...
CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21166
CVE-2021-21166 describes a data race in the audio component of Google Chrome (Chromium-based) prior to 89.0.4389.72, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. Affected product: Google Chrome (Chromium) before 89.0.4389.72; root cause: audi...
CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
FreeBSD : chromium -- multiple vulnerabilities (f00b65d8-7ccb-11eb-b3be-e09467587c17)
Chrome Releases reports : This release includes 47 security fixes, including the below. Google is aware of reports that an exploit for CVE-2021-21166 exists in the wild. Please see URL for details. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Chromium CVE-2021-21166: Object lifecycle issue in audio
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. This CVE has been reported to be exploited in the wild...
New Chrome 0-day Bug Under Active Attacks – Update Your Browser ASAP!
Exactly a month after patching an actively exploited zero-day flaw in Chrome, Google today rolled out fixes for yet another zero-day vulnerability in the world's most popular web browser that it says is being abused in the wild. Chrome 89.0.4389.72, released by the search giant for Windows, Mac,...
CVE-2021-21166
creationtimestamp| type| source ---|---|--- 2021-03-03 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=557 2021-03-03 05:01:48+00:00| exploited| https://t.me/cKure/4156 2021-03-03 08:49:41+00:00| exploited| https://t.me/truesecator/1479 2021-03-03 15:30:55+00:00| seen|...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 89 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 89.0.4389.72 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
Google Chrome < 89.0.4389.72 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 89.0.4389.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 202103stable-channel-update-for-desktop advisory. - Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a...