CERT-In flags Google Chrome vulnerabilities

CERT-In, India’s cyber security watchdog, has discovered several vulnerabilities in the widely-used Google Chrome operating system. These vulnerabilities have the ability to bypass security measures on the targeted system.

According to a CERT-In advisory, attackers can exploit vulnerabilities to run unauthorized code, cause a denial of service, and bypass security on targeted systems.

• Uncategorized

UnitedHealth confirms 190 million impacted by 2024 data breach

By infosecbulletin / Monday , January 27 2025

UnitedHealth confirmed that the ransomware attack on its Change Healthcare unit last February impacted about 190 million Americans, nearly double...

Read More

• Event

Registration Open For BCS CTF 2025

By infosecbulletin / Monday , January 27 2025

So, to test your cyber security skill, here is another chance to do that. Bangladesh computer society (BCS) is going...

Read More

• International

New Ransomware Tactics Target VMware ESXi Via SSH Tunneling

By infosecbulletin / Sunday , January 26 2025

Sygnia's recent report highlights the changing strategies of ransomware groups targeting VMware ESXi appliances. These attackers exploit vital virtual infrastructure...

Read More

• Uncategorized

Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass

By infosecbulletin / Friday , January 24 2025

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting...

Read More

• Alert

CISA Releases 6 ICS Advisories Detailing Security Issues

By infosecbulletin / Friday , January 24 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released 6 advisories for Industrial Control Systems (ICS), highlighting vulnerabilities in various...

Read More

• Hot Topic

Account Credentials for Security Vendors Found on Dark Web: Cyble Report

By infosecbulletin / Thursday , January 23 2025

# "While many leaked security credentials belong to customers, some exposed sensitive accounts suggest that security vendors too have been...

Read More

• Vulnerabilities

Four Critical Ivanti CSA Vulnerabilities Exploited: CISA , FBI warns

By infosecbulletin / Thursday , January 23 2025

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory...

Read More

• Alert
• Vulnerabilities

GitLab Releases Patch (CVE-2025-0314) for XSS Exploit

By infosecbulletin / Thursday , January 23 2025

GitLab has released update for high severity cross-site scripting (XSS) flaw. Versions 17.8.1, 17.7.3, and 17.6.4 for both Community Edition...

Read More

• Uncategorized

CVE-2025-20156
Cisco Fixes Meeting Management Allowing Privilege Escalation

By infosecbulletin / Thursday , January 23 2025

Cisco has released a security advisory concerning a critical privilege escalation vulnerability (CVE-2025-20156) in its Meeting Management software. With a...

Read More

• Alert
• Vulnerabilities

Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack

By infosecbulletin / Wednesday , January 22 2025

Fortinet customers must apply the latest updates, as almost 50,000 management interfaces remain vulnerable to the latest zero-day exploit. The...

Read More

ALSO READ:

Microsoft November 2023 Patch fixes 5 zero-days, 58 flaws

“These vulnerabilities exist in Google Chrome OS due to use after free in profiles, inappropriate implementation in downloads, heap buffer overflow in pdf and issue in Linux Kernel. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially-crafted request on the targeted system.”

CERT-In regularly identifies vulnerabilities in devices and operating systems and publicly warns users and companies about them.