15 matches found
Stable Channel Update for ChromeOS / ChromeOS Flex
The Stable channel is being updated to 122.0.6045.214 Platform version: 15753.38.0 for most ChromeOS devices and will be rolled out over the coming days. This build contains a number of bug fixes and security updates. If you find new issues, please let us know one of the following ways: File a bu...
Stable Channel Update for ChromeOS / ChromeOS Flex
The Stable channel is being updated to OS version: 15699.58.0 Browser version: 121.0.6167.159 for most ChromeOS devices. If you find new issues, please let us know one of the following ways 1. File a bug 2. Visit our ChromeOS communities 1. General: Chromebook Help Community 2. Beta Specific:...
Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks
Google on Monday introduced a new bug bounty program for its open source projects, offering payouts anywhere from $100 to $31,337 a reference to eleet or leet to secure the ecosystem from supply chain attacks. Called the Open Source Software Vulnerability Rewards Program OSS VRP, the offering is...
Google Triples Some Bug Bounty Payouts
Google is upping the ante for its Chrome bug bounty rewards program, doubling payouts from $15,000 to $30,000 for “high-quality” reports. It is also tripling baseline payouts for Chrome to $15,000. The bug-bounty pay raise is part of Google’s Chromium open-source project, which supplies the vast...
Four New Normals for 2017
Let’s not talk about cybersecurity predictions for 2017. Let’s talk instead about new normals, things that have ceased to be novel because, well, they happen all the time and everywhere. Let’s concede that things such as greedy ransomware, imposing IOT botnets, high-profile bug bounties and...
flashplugin: multiple issues
CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, CVE-2016-6924 arbitrary code execution Multiple Memory corruption vulnerabilities that could lead to arbitrary code execution have been found...
Google's Android Rewards Program Pays Out Half Million in First Year
Google wrapped up the first year of its Android Security Rewards program this week, a span of time that saw the company pay out just north of half a million dollars to security researchers who helped identify vulnerabilities in the mobile operating system. In all, the company paid 82 researchers ...
Flash Uninitialized Stack Variable MPD Parsing Memory Corruption
Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=316&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for: https://code.google.com/p/chromium/issues/detail?id=472201 Credit is to bilou,...
Adobe Flash AS2 - textfield.filters Use-After-Free (1)
Source: https://code.google.com/p/google-security-research/issues/detail?id=330&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for: https://code.google.com/p/chromium/issues/detail?id=476926 Credit is to bilou, working with the Chromium Vulnerability Rewards...
Adobe Flash AS2 - textfield.filters Use-After-Free (2)
Source: https://code.google.com/p/google-security-research/issues/detail?id=342&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for https://code.google.com/p/chromium/issues/detail?id=480496 Credit is to bilou, working with the Chromium Vulnerability Rewards Progra...
Adobe Flash AS2 - Color.setRGB Use-After-Free
Adobe Flash AS2 - Color.setRGB Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=367&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Deadline tracking for Chromium VRP bug https://code.google.com/p/chromium/issues/detail?id=484610...
Adobe Flash AS2 - Color.setRGB Use-After-Free
Source: https://code.google.com/p/google-security-research/issues/detail?id=367&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Deadline tracking for Chromium VRP bug https://code.google.com/p/chromium/issues/detail?id=484610 Credit is to bilou, working with the Chromium...
Facebook Bug Bounty Submissions Dramatically Increase
Facebook today reported a dramatic increase in 2013 submissions to its bug bounty program, and said that despite reports from researchers that it’s becoming difficult to find severe bugs on its various properties, the social network plans to increase rewards for critical bugs. “The volume of...
Stable Channel Update for Chrome OS
The Stable channel has been updated to 26.0.1410.57 Platform version: 3701.81.2 for all Chrome OS devices. This build contains some security improvements. Machines will be receiving updates over the next several days. Security fixes and rewards: Please see the Chromium security page for more...
Google Fixes 30 Bugs in Chrome, Pays $17K in Bounties
Google has fixed 30 bugs in version 13.0.782.107, the latest build of its Chrome browser, pushed to the stable channel for Windows, Mac and Linux today. 14 of the bugs are deemed high-risk, including cross-origin script injection, HTML range handling and URI handling issues. Nine of the bugs are...