Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Sync in Google Chrome prior to version 141.0.7390.65 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

EUVD-2024-3430

Malicious code in bioql PyPI...

CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...

CVE-2024-53867

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 CVSS score: 9.8, the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticate...

Malicious Chrome extensions can steal data by abusing Sync feature

By Saad Rajpoot Security Researcher reveals malicious use of Chrome extension- C&C and data exfiltration possible through Sync Feature. This is a post from HackRead.com Read the original post: Malicious Chrome extensions can steal data by abusing Sync feature...