KLA12236 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface, obtain sensitive information, perform cross-site scripting attack. Below is a complete li...

Microsoft Edge 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in DevTools in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

Microsoft Edge 资源管理错误漏洞

Chrome is a web browsing tool developed by Google, and a post-release reuse vulnerability exists in DevTools in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash...

Microsoft Edge 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome DevTools. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

OPENSUSE-SU-2021:0973-1 Security update for libqt5-qtwebengine

This update for libqt5-qtwebengine fixes the following issues: Update to version 5.15.3 CVE fixes backported in chromium updates: - CVE-2020-16044: Use after free in WebRTC - CVE-2021-21118: Heap buffer overflow in Blink - CVE-2021-21119: Use after free in Media - CVE-2021-21120: Use after free i...

PT-2021-7874 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 91.0.4472.77 Description: The issue is related to a use after free in DevTools, which allowed an attacker to execute arbitrary code via a crafted Chrome Extension if a user was convinced to install a malicious...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 91 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 91.0.4472.77 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

UBUNTU-CVE-2021-21232

Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Hack-Tools

This is an offensive tool for Web Pentesters. It is a browser extension called HackTools, which facilitates web application penetration tests. The extension includes cheat sheets and tools such as XSS payloads, reverse shells, and more, accessible in one click. It can be used in pop-up mode or in...

CVE-2021-23985

If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker able to make a direct network...

CVE-2021-23985

If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker able to make a direct network...

CVE-2021-23985

If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker able to make a direct network...

CVE-2021-23985

CVE-2021-23985 affects Mozilla Firefox prior to version 87. The issue involves the ability to alter certain about:config values (e.g., via malware on the user’s machine) that could enable Devtools remote debugging in a way that is unobtrusive to the user, allowing a remote attacker with direct ne...

CVE-2021-23985

If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker able to make a direct network...

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists due to the Devtools remote debugging feature which could be enabled in a way that was unnoticable to the user, which allow an attacker to make direct network connection to the victim to monitor the user's browsing activity...

UBUNTU-CVE-2021-23985

If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker able to make a direct network...

Mozilla Firefox < 87.0

"The version of Firefox installed on the remote Windows host is prior to 87.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-10 advisory. - Mozilla developers Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 86. Some of these...

Galer - A Fast Tool To Fetch URLs From HTML Attributes By Crawl-In

A fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet, which is possible to extract src, href, url and action values by evaluating JavaScript through Chrome DevTools Protocol. Installation from Binary The installation is easy. You can download a prebuilt bina...

DEBIAN-CVE-2021-21132

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension...

CVE-2021-21132

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension...