USN-7052-1 gnome-shell vulnerabilities

It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An attacker could possibly use this issue to launch applications, view sensitive information, or execute arbitrary commands. CVE-2017-8288 It was...

Ubuntu 16.04 LTS : GNOME Shell vulnerabilities (USN-7052-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7052-1 advisory. It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An...

OPENSUSE-SU-2024:0155-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 125.0.6422.141 boo1225690 CVE-2024-5493: Heap buffer overflow in WebRTC CVE-2024-5494: Use after free in Dawn CVE-2024-5495: Use after free in Dawn CVE-2024-5496: Use after free in Media Session CVE-2024-5497: Out of bounds memory acce...

Updated chromium-browser-stable packages fix security vulnerabilities

The chromium-browser-stable package has been updated to the 125.0.6422.141 release. It includes 11 security fixes. Some of them are: High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim@cassidy6564 on 2024-05-11 High CVE-2024-5494: Use after free in Dawn. Reported by wgslfu...

Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Fedora 39 : chromium (2024-4e0ea1c22e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4e0ea1c22e advisory. update to 125.0.6422.141 High CVE-2024-5493: Heap buffer overflow in WebRTC High CVE-2024-5494: Use after free in Dawn High CVE-2024-5495: Use after...

CVE-2024-5497

Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-5497

Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-5497

CVE-2024-5497 is a Chromium/Google Chrome security issue describing an out-of-bounds memory access in the Browser UI that could allow a remote attacker to trigger heap corruption via a crafted HTML page when a user interacts with specific UI gestures. Affected product lines are Chromium-based Chr...

Google Chrome < 125.0.6422.141 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 125.0.6422.141. It is, therefore, affected by multiple vulnerabilities as referenced in the 202405stable-channel-update-for-desktop30 advisory. - Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 11 security fixes: 339877165 High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim@cassidy6564 on 2024-05-11 338071106 High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 338103465 High CVE-2024-5495: U...

Stable Channel Update for Desktop

The Stable channel has been updated to 125.0.6422.141/.142 for Windows, Mac and 125.0.6422.141 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

PT-2024-3928 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.141 Microsoft Edge affected versions not specified Description: The issue is related to an out of bounds memory access in the Browser UI, specifically in the Keyboard Inputs component, which could...

Spying on the spies. See what JavaScript commands get injected by in-app browsers

Developer and privacy expert Felix Krause aka KrauseFx announced this week that he had introduced a simple tool to list the JavaScript commands executed by iOS apps when they deployed an in-app web browser to render webpages. He already shared some eye-opening results on his Twitter feed. By...

USN-3966-1 gnome-shell vulnerability

It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked...

USN-3966-1: GNOME Shell vulnerability

It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked...

CVE-2019-5024

A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full...