Google has released security updates to address four vulnerabilities impacting Chrome. One of the four vulnerabilities, CVE-2024-0519, is exploited in the wild. The vulnerability was reported anonymously to Google. CVE-2024-0519 is the first zero-day vulnerability addressed by Google this year. CVE-2024-0519 is a high-severity out-of-bounds memory access vulnerability in the V8 JavaScript and WebAssembly engines. … Continue reading “Google Patches Actively Exploited Zero-day Vulnerability Impacting Chrome Browser (CVE-2024-0519)”
Tag: Google Chrome
Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2023-7024)
Google has released a patch to address a high-severity vulnerability in the Chrome browser. Tracked as CVE-2023-7024, the vulnerability is being exploited in the wild. CVE-2023-7024 is a heap-based buffer overflow vulnerability in the open-source WebRTC framework. Many other web browsers, such as Mozilla Firefox, Safari, and Microsoft Edge, also use the WebRTC framework to … Continue reading “Google Chrome Zero-day Vulnerability Exploited in the Wild (CVE-2023-7024)”
Google Addresses Actively Exploited Zero-day Vulnerability in Chrome Browser (CVE-2023-5217)
Google has released emergency updates to address a zero-day vulnerability in its Chrome browser. CVE-2023-5217 is a high-severity vulnerability that can lead to program crashes or arbitrary code execution. Google has mentioned in the advisory that the vulnerability is being exploited in the wild. Clément Lecigne of Google’s Threat Analysis Group (TAG) has discovered the … Continue reading “Google Addresses Actively Exploited Zero-day Vulnerability in Chrome Browser (CVE-2023-5217)”
Google Chrome Zero-day Heap Overflow Vulnerability (CVE-2023-4863)
Google has released security updates to address a zero-day vulnerability in the widely used web browser Chrome. Tracked as CVE-2023-4863, the CVE has been rated critical by Google. Google is aware of the active exploitation of the vulnerability. CVE-2023-4863 is a Heap Buffer Overflow vulnerability in WebP image format. The vulnerability may allow an attacker … Continue reading “Google Chrome Zero-day Heap Overflow Vulnerability (CVE-2023-4863)”
Google Chrome Type Confusion Zero-day Vulnerability Exploited in the Wild (CVE-2023-3079)
Google released security updates to address a zero-day vulnerability in the widely used web browser Chrome. Google has given CVE-2023-3079 a high severity rating. The vulnerability was discovered by Clément Lecigne of Google’s Threat Analysis Group. Google is aware of the active exploitation of the vulnerability. The advisory provides no information regarding the other vulnerability … Continue reading “Google Chrome Type Confusion Zero-day Vulnerability Exploited in the Wild (CVE-2023-3079)”
Google Releases Update to Address Second Zero-day Vulnerability in its Chrome Browser (CVE-2023-2136)
Google has released updates to address six vulnerabilities in its Chrome browser. One of the six vulnerabilities ( CVE-2023-2136) is being exploited in the wild. Google has mentioned in the advisory that “an exploit for CVE-2023-2136 exists in the wild.” CVE-2023-2136 is the second zero-day vulnerability in the Chrome browser addressed by Google. Google … Continue reading “Google Releases Update to Address Second Zero-day Vulnerability in its Chrome Browser (CVE-2023-2136)”
Google Patches Actively Exploited Zero-day Vulnerability in its Chrome Browser (CVE-2023-2033)
Google Chrome, the most widely used web browser, faces a type confusion vulnerability (CVE-2023-2033). Google has addressed the vulnerability with the latest version of Chrome. Clement Lecigne of Google’s Threat Analysis Group has reported this vulnerability. Google has mentioned in the advisory that they are aware of active exploitation of this vulnerability in … Continue reading “Google Patches Actively Exploited Zero-day Vulnerability in its Chrome Browser (CVE-2023-2033)”
Google Releases Emergency Update to Fix Actively Exploited Zero-day Vulnerability in its Chrome Browser (CVE-2022-4262)
Chrome has released security updates for Windows, Mac, and Linux to fix the zero-day vulnerability. Tracked as CVE-2022-4262, it is a type confusion vulnerability in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group has reported this vulnerability. Google has acknowledged the active exploitation of this vulnerability in the wild. … Continue reading “Google Releases Emergency Update to Fix Actively Exploited Zero-day Vulnerability in its Chrome Browser (CVE-2022-4262)”
Google Releases New Stable Chanel 108 Addressing Multiple Vulnerabilities in Chrome
Google has released Chrome 108 to the stable channel for Windows, Mac, and Linux addressing multiple vulnerabilities in the browser. In the advisory published on Nov 29, 2022, Google mentions, “The updates will roll out over the coming days/weeks.” The security fix addresses 28 vulnerabilities with severity ranging from high to medium. The advisory … Continue reading “Google Releases New Stable Chanel 108 Addressing Multiple Vulnerabilities in Chrome”
Google Releases Patch for an Actively Exploited Zero-day Vulnerability in its Chrome Browser (CVE-2022-4135)
Google has released an update for Chrome browser on Windows, Mac, and Linux to address a high-severity zero-day vulnerability (CVE-2022-4135). The vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Group. “Google is aware that an exploit for CVE-2022-4135 exists in the wild.”, says the advisory released by Google on November 24, 2022. … Continue reading “Google Releases Patch for an Actively Exploited Zero-day Vulnerability in its Chrome Browser (CVE-2022-4135)”