18 matches found
Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems
An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena MOBA video game that could have been exploited to establish backdoor access to players' systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 CVSS...
Security update for nodejs-electron (important)
openSUSE Security Update: Security update for nodejs-electron Announcement ID: openSUSE-SU-2022:0070-1 Rating: important References: Cross-References: CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30630 CVE-2021-30631 CVE-2021-30632 CVE-2021-30633 CVE-2021-37981...
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-38003
CVE-2021-38003 affects Chromium/Chrome’s V8 engine before version 95.0.4638.69. Description and multiple advisories confirm an inappropriate implementation in V8 that could enable remote code execution via crafted HTML, with exploitation noted in the wild (per Arch Linux ASA notes). Affected comp...
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
openSUSE: Security Advisory for chromium (openSUSE-SU-2021:1462-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1462-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1462-1 advisory. - : Use after free in Sign-In. CVE-2021-37997 - : Use after free in Garbage Collection. CVE-2021-37998 - : Insufficient data validation in...
OPENSUSE-SU-2021:1462-1 Security update for chromium
This update for chromium fixes the following issues: Chromium 95.0.4638.69 boo1192184: CVE-2021-37997: Use after free in Sign-In CVE-2021-37998: Use after free in Garbage Collection CVE-2021-37999: Insufficient data validation in New Tab Page CVE-2021-38000: Insufficient validation of untrusted...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1462-1 Rating: important References: 1192184 Cross-References: CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 Affected Products: openSUSE Leap 15.2...
FreeBSD : chromium -- multiple vulnerabilities (976d7bf9-38ea-11ec-b3b0-3065ec8fd3ec)
Chrome Releases reports : This release contains 8 security fixes, including : - 1259864 High CVE-2021-37997 : Use after free in Sign-In. Reported by Wei Yuan of MoyunSec VLab on 2021-10-14 - 1259587 High CVE-2021-37998 : Use after free in Garbage Collection. Reported by Cassidy Kim of Amber...
Chromium: CVE-2021-38003 Inappropriate implementation in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that exploits for this vulnerability exist in the wild...
Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input i...
CVE-2021-38003
creationtimestamp| type| source ---|---|--- 2021-10-29 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=682 2021-10-29 06:14:24+00:00| exploited| https://t.me/cKure/7810 2021-10-29 16:50:00+00:00| exploited| https://t.me/truesecator/2268 2021-10-30 15:46:49+00:00| seen|...
[ASA-202110-7] chromium: multiple issues
Arch Linux Security Advisory ASA-202110-7 ========================================= Severity: High Date : 2021-10-29 CVE-ID : CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 Package : chromium Type : multiple issues Remote : Yes Link :...