Talos experts have discovered a set of serious vulnerabilities in the GOG gaming client. The…
Among the critical gaps were noted “use-after-free” (CVE-2019-9790), which occurs when the pointer (raw pointer) to the DOM element is extracted via JavaScript, and the element is removed during use. This can lead to a fatal crash.
Two other critical issues affect the IonMonkey JavaScript JIT compiler (CVE-2019-9791 and CVE-2019-9792), they can also lead to a crash that an attacker can use. For example, IonMonkey can “merge” the internal “magic number” JS_OPTIMIZED_OUT, which can lead to memory corruption using JavaScript.
Among the high-risk vulnerabilities, CVE-2019-9793 can be distinguished – incorrect boundary checking with Specter patches disabled.
Also, the Mozilla team fixed the memory security bugs in Firefox 66 and Firefox ESR 60.6 — these problems were found by the Mozilla team itself.
https://www.mozilla.org/firefox/new/
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…