Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217) | allinfosecnews.com

Sept. 28, 2023, 11:46 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a heap buffer overflow in vp8 encoding in libvpx – a video codec library from Google and the Alliance for Open Media (AOMedia). Heap buffer overflows can cause program crashes or arbitrary code execution. CVE-2023-5217 has been fixed in Google Chrome 117.0.5938.132 for Windows, Mac and Linux users. Google noted that … More →

The post …

0 day alliance buffer buffer overflow buffer overflows chrome chrome zero-day critical cve cve-2023-5217 don't miss encoding exploited google heap buffer overflow hot stuff library media overflow security update video vulnerability zero-day zero-day vulnerability

More from www.helpnetsecurity.com / Help Net Security

Snowflake denies breach, blames data theft on poorly secured customer accounts 10 hours ago | www.helpnetsecurity.com

accounts actor aware breach +26

Snowflake compromised? Attackers exploit stolen credentials 1 day, 11 hours ago | www.helpnetsecurity.com

accounts analytics attackers claims +26

25,000 individuals affected in BBC Pension Scheme data breach 1 day, 17 hours ago | www.helpnetsecurity.com

bbc breach current data +20

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 1 day, 19 hours ago | www.helpnetsecurity.com

0 day accounts april attackers +31

apexanalytix Cyber Risk provides instant alerts for supplier data breaches 1 day, 21 hours ago | www.helpnetsecurity.com

account alerts apexanalytix breaches +24

Lack of skills and budget slow zero-trust implementation 2 days, 2 hours ago | www.helpnetsecurity.com

amp breach budget cyber +24

Encrypted Notepad: Open-source text editor 2 days, 3 hours ago | www.helpnetsecurity.com

ads aes app connection +19

New infosec products of the week: May 31, 2024 2 days, 3 hours ago | www.helpnetsecurity.com

adaptive shield capabilities dashlane detectify +21

NIST says NVD will be back on track by September 2024 2 days, 19 hours ago | www.helpnetsecurity.com

agency aim back backlog +24

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com