π¨ CVE-2020-16010
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
π@cveNotify
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
π@cveNotify
Chrome Releases
Chrome for Android Update
Hi, everyone! We've just released Chrome 86 ( 86.0.4240.185) for Android: it'll become available on Google Play over the next few weeks. ...
π±1
π¨ CVE-2020-16013
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The stable channel has been updated to 86.0.4240.198 for Windows, Mac & Linux which will roll out over the coming days/weeks. A list of all ...
π±1
π¨ CVE-2020-16017
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
π@cveNotify
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The stable channel has been updated to 86.0.4240.198 for Windows, Mac & Linux which will roll out over the coming days/weeks. A list of all ...
π±1
π¨ CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
π@cveNotify
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
π@cveNotify
Joomla! Developer Networkβ’
Joomla! Developer Network
The Flexible Platform Empowering Website Creators
π±1
π¨ CVE-2019-5825
Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2020-6418
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2020-15999
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
π¨ CVE-2020-6572
Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
π@cveNotify
Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 81 to the stable channel for Windows, Mac and Linux. This will roll out ove...
π¨ CVE-2021-21148
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 89 to the stable channel for Windows, Mac and Linux. This will roll out ove...
π¨ CVE-2021-21193
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 89.0.4389.90 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list o...
π¨ CVE-2021-21206
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 89.0.4389.128 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list ...
π¨ CVE-2021-21220
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-21224
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
π@cveNotify
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 90.0.4430.85 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list...
π¨ CVE-2021-30533
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.
π@cveNotify
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 91 to the stable channel for Windows, Mac and Linux. This will roll out ove...
π¨ CVE-2021-30551
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 91.0.4472.101 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list ...
π¨ CVE-2021-30554
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 91.0.4472.114 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list ...
π¨ CVE-2021-30563
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 91.0.4472.164 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list ...
π¨ CVE-2021-30632
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-30633
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
π@cveNotify
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
π@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 93.0.4577.82 for Windows, Mac and Linux which will roll out over the coming days/weeks A full list of...
π¨ CVE-2025-34293
GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the stored password and the account's security question and answer. The exposed recovery data and encrypted password may be used to reset or take over the target account.
π@cveNotify
GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the stored password and the account's security question and answer. The exposed recovery data and encrypted password may be used to reset or take over the target account.
π@cveNotify
Navigacloud
About GN4 Content Management Suite
More than any time in the history of our industry, a newspaperβs bottom-line and ability to compete is impacted by the capabilities of its content management system.