Google Chrome Security Update (stable-channel-update-for-desktop_7-2020-04) - Windows

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[ASA-202004-9] chromium: multiple issues

Arch Linux Security Advisory ASA-202004-9 ========================================= Severity: High Date : 2020-04-08 CVE-ID : CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432 CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436 CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: This updates includes 32 security fixes, including: 1019161 High CVE-2020-6454: Use after free in extensions. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2019-10-29 1043446 High CVE-2020-6423: Use after free in audio. Reported by Anonymous on...

July 24, 2018—KB4338817 (OS Build 16299.579)

July 24, 2018—KB4338817 OS Build 16299.579 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that causes devices within Active Directory or Hybrid AADJ++ domains to...

WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting

Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Date: 2020-01-21 Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...

WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit

Exploit for multiple platform in category web applications Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

DEBIAN-CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

Command injection

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

CVE-2020-6811

CVE-2020-6811 concerns Mozilla Firefox/Thunderbird where Devtools Network tab’s Copy as cURL did not properly escape the HTTP method. The underlying issue could allow command injection if the generated curl command is pasted into a terminal. Public advisories indicate affected products include Th...

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

RHEL 8 : firefox (RHSA-2020:0819)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0819 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it...

Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it...

Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it...

Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it...

RHEL 6 : firefox (RHSA-2020:0816)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0816 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it...