The development comes as Google assigned a new CVE identifier, CVE-2023-5129, to the critical flaw in the libwebp image library – originally tracked as CVE-2023-4863 – that has come under active exploitation in the wild, considering its broad attack surface. It's also suspected that the Israeli spyware maker Cytrox may have exploited a recently patched Chrome vulnerability (CVE-2023-4762, CVSS score: 8.8) as a zero-day to deliver Predator, although very little information is currently available about the in-the-wild attacks. CVE-2023-4863 (CVSS score: 8.8) - Heap buffer overflow in WebP. CVE-2023-2136 (CVSS score: 9.6) - Integer overflow in Skia.The latest discovery brings to five the number of zero-day vulnerabilities in Google Chrome for which patches have been released this year. From USER to ADMIN: Learn How Hackers Gain Full Controlĭiscover the secret tactics hackers use to become admins, how to detect and block it before it's too late.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |