Exploits and vulnerabilities – Page 19 – Computer Security Articles

Update now! Emergency fix for Google Chrome’s V8 JavaScript engine zero-day flaw released

December 8, 2022 admin 108.0.5359.94, 108.0.5359.95, chrome, chrome v8 flaw, cve-2022-4262, Exploits and vulnerabilities, Google Chrome, news, Type Confusion, v8, v8 javascript engine

Categories: Exploits and vulnerabilities

Categories: News

Tags: V8

Tags: V8 JavaScript Engine

Tags: Google Chrome

Tags: Chrome

Tags: CVE-2022-4262

Tags: 108.0.5359.94

Tags: 108.0.5359.95

Tags: Chrome V8 flaw

Tags: type confusion

Google has rolled out an out-of-band patch for an actively exploited zero-day vulnerability in its V8 JavaScript engine. Make sure you’re using the latest version.

MalwareBytes Security

A Chrome fix for an in-the-wild exploit is out—Check your version

October 28, 2022 admin Exploits and vulnerabilities, news

Categories: Exploits and vulnerabilities

Categories: News

Google has issued an update for Chrome to fix an issue in the V8 JavaScript engine

MalwareBytes Security

Fake Proof-of-Concepts used to lure security professionals

October 27, 2022 admin abuseipdb, Exploits and vulnerabilities, GitHub, leiden, news, poc, pocs, virustotal

Categories: Exploits and vulnerabilities

Categories: News

Tags: PoC

Tags: PoCs

Tags: Leiden

Tags: GitHub

Tags: VirusTotal

Tags: AbuseIPDB

Researchers from Leiden University analyzed many thousands of Proof-of-Concepts and found that 10 percent of those they found on GitHub are malicious

MalwareBytes Security

Cisco warns of ISE vulnerability with no fixed release or workaround

October 24, 2022 admin anyconnect vpn server, Cisco, cve-2022-20822, cve-2022-20933, cve-2022-20959, Exploits and vulnerabilities, identity services engine, input validation, news

Categories: Exploits and vulnerabilities

Categories: News

Tags: Cisco

Tags: Identity Services Engine

Tags: AnyConnect VPN server

Tags: CVE-2022-20822

Tags: CVE-2022-20959

Tags: CVE-2022-20933

Tags: input validation

Cisco’s latest security advisory includes a vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) that could allow an attacker to read and delete files.

MalwareBytes Security

Why Log4Text is not another Log4Shell

October 19, 2022 admin Apache, commons text, cve-2022-42889, Exploits and vulnerabilities, interpolators, log4j, log4shell, log4text, news

Categories: Exploits and vulnerabilities

Categories: News

Tags: Log4Text

Tags: Apache

Tags: Commons Text

Tags: CVE-2022-42889

Tags: Log4j

Tags: Log4Shell

Tags: interpolators

Log4Text is a recently found vulnerability in Apache Commons. Log4Text provoked a knee jerk reaction because it reminds us of Log4Shell. So should we worry?

(Read more…)

The post Why Log4Text is not another Log4Shell appeared first on Malwarebytes Labs.

MalwareBytes Security