CVE-2024-45772

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

Fedora: Security Advisory (FEDORA-2024-aaff7345b8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA73578 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in FoxitPDFReaderUpdater.exe can be exploited to...

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 16 security bugs in Chromium: CVE-2024-9120: Use after free in Dawn CVE-2024-9122: Type Confusion in V8 CVE-2024-9123: Integer overflow in Skia CVE-2024-9369: Insufficient data validation in Mojo CVE-2024-9602: Type confusion in V8 CVE-2024-9603...

DragonForce Ransomware Expands RaaS, Targets Firms Worldwide

DragonForce ransomware is expanding its RaaS operation and becoming a global cybersecurity threat against businesses. Companies must implement…...

Unspecified Vulnerability in Google Chrome (CNVD-2024-39250)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome versions prior to 124.0.6367.60, which stems from an improper UI implementation and can be exploited by remote attackers to perform UI spoofing via specific UI gestures...

openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0312-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0312-1 advisory. - Chromium 129.0.6668.58 stable released 2024-09-17 boo1230678 CVE-2024-8904: Type Confusion in V8 CVE-2024-8905: Inappropriate implementation in...

CVE-2024-9121

Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2024-9121

Mode C: Concrete details found. CVE-2024-9121 affects Chromium-based Chrome/Chromium. In Chromium’s V8, an inappropriate implementation allowed out-of-bounds memory access via a crafted HTML page, with a High impact (memory corruption/potential code execution). Public references indicate Chrome/C...

OPENSUSE-SU-2024:0312-1 Security update for chromium

This update for chromium fixes the following issues: - Chromium 129.0.6668.58 stable released 2024-09-17 boo1230678 CVE-2024-8904: Type Confusion in V8 CVE-2024-8905: Inappropriate implementation in V8 CVE-2024-8906: Incorrect security UI in Downloads CVE-2024-8907: Insufficient data validation i...

OPENSUSE-SU-2024:0311-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 129.0.6668.58 stable released 2024-09-17 boo1230678 CVE-2024-8904: Type Confusion in V8 CVE-2024-8905: Inappropriate implementation in V8 CVE-2024-8906: Incorrect security UI in Downloads CVE-2024-8907: Insufficient data validation in...

CVE-2024-7024

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-7282

Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-7020

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2024-7020

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-7019

CVE-2024-7019 describes an insecure UI implementation in Google Chrome (Chromium-based) before 124.0.6367.60, where a remote attacker could induce UI spoofing via a crafted HTML page if the user performs specific UI gestures. The evidence across connected sources consistently references the same ...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...