Multiple Security Vulnerabilities in Google Chrome
fevereiro 28, 2023
Overview Recently, NSFOCUS CERT detected that Google Chrome officially released a security bulletin, which fixed multiple security vulnerabilities. The key vulnerabilities are as follows: Google Chrome use-after-free vulnerability (CVE-2023-0927): Due to a use-after-free flaw in the Web Payments API in Google Chrome, a remote attacker capable of compromising the renderer process could exploit a heap […]
Google Chrome V8 Type Confusion Vulnerability (CVE-2022-4262) Alert
dezembro 6, 2022
Overview On December 5, NSFOCUS CERT found that Google officially released a type confusion vulnerability (CVE-2022-4262) in Google Chrome V8. A type confusion error occurs because a program uses one type of method to allocate or initialize a resource, such as a pointer, object, or variable, but then accesses that resource with another method that […]
Google Chrome Remote Code Execution Vulnerability (CVE-2022-3723) Alert
outubro 31, 2022
Overview Recently, NSFOCUS CERT monitored that Google Chrome has officially released a security bulletin and fixed a remote code execution vulnerability in Chrome V8 (JavaScript engine). Due to a type confusion vulnerability in Chrome V8, a remote attacker could exploit the vulnerability to execute arbitrary code on the target system. At present, the official has […]
Google Chrome Releases Updates for Remediation of the Zero-day Vulnerability (CVE-2020-6418) Threat Alert
março 16, 2020
Overview
On February 24, local time, Google released updates for fixing multiple vulnerabilities existing in the desktop Chrome browser, including the high-risk CVE-2020-6418 vulnerability that has been exploited by attackers in the wild.
CVE-2020-6418 is a type confusion vulnerability in V8, which is Google Chrome’s open-source JavaScript and WebAssembly engine. This vulnerability was discovered and reported by Clement Lecigne of Google’s Threat Analysis Group. (mais…)