Malware Devil

Thursday, July 30, 2020

Google Adds Security Updates to Chrome Autofill

Register for Dark Reading Newsletters

Subscribe to Newsletters

White Papers
Video
Cartoon Contest
Current Issue
imageSpecial Report: Computing’s New Normal, a Dark Reading PerspectiveThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
image

Flash Poll

The Threat from the Internet--and What Your Organization Can Do About It
The Threat from the Internet–and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
image
Twitter Feed
Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-16166
PUBLISHED: 2020-07-30
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
CVE-2020-16165
PUBLISHED: 2020-07-30
The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Injection in an ORDER BY clause. This is related to the /api/blade-log/api/list ascs and desc parameters.
CVE-2020-7205
PUBLISHED: 2020-07-30
A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmo…

CVE-2020-15129
PUBLISHED: 2020-07-30
In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik’s handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard component doesn’t validate that the value of the header "X-Forwarded-Prefix" is a site…

CVE-2020-16162
PUBLISHED: 2020-07-30
** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked c…


https://www.malwaredevil.com/2020/07/30/google-adds-security-updates-to-chrome-autofill/?utm_source=rss&utm_medium=rss&utm_campaign=google-adds-security-updates-to-chrome-autofill

No comments:

Post a Comment

Barbary Pirates and Russian Cybercrime

In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...