Google's osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory. An unprivileged malicious process could abuse this flaw to win a race condition and take over the files managed by the high privileged agent process and thus execute arbitrary commands as the root user (full capabilities). Exploitation was possible only during an osconfig recipe being deployed.
1cc92e5ebabd438a79296409a717f268826979019ed2cd8fa31fe695998e710e
Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
d6bbe46a29dc3c302794ef44df8800306ce895bfd0c34048b4b956e4c73c2316
Secunia Security Advisory - Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
fbac53267a255962f54dbbf30ca4c9da5da3b6f327ee9f1207884cfd0b4893fb
commondatastorage.googleapis.com suffers from a cross site scripting vulnerability.
b0468c0de584c36500a92a6bfebb5cbd4017f2cdbdb1ab0e274d0531bdf70696
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
8adae9f5fd18c590cb0789a875db24555e185bcf15abe3005135bf346b3241e4
Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues. Various other security issues have also been addressed.
fc759a56d0fd0415fcdc1530461fc3a3b4be19990db69c21c30eed023857e0e8
Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. This causes the address of the previously site entered to be displayed in the address bar instead of the currently loaded page. This could lead to potential phishing attacks on users. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues: two use-after-free problems, one out of bounds read bug, and a bad cast. Various other issues were also addressed.
1ce982533aa61dcb970d364a88b5efa396148d382b7871b4cc8d8b1681a6aafb
Google Chrome developers, while trying to be adaptive and current, added some windows 8 helper functions to aid the development of Metro style behavior, but does not include the library file itself, thus resulting in an unqualified dynamic-link library call to 'metro_driver.dll'. A user with local disk access can carefully construct a DLL that suits the pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.
dbb9d62577ac5b978fa6419192db9f6b4808436e28a90885a8548c968b26a7d8
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
09bdb94e286de920a539839481f14013d284cbb6b4233c9675b0e1c75584d2d8
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
e20b6771fef183bbd48cd6cbf7563d4311f8f62f605b8a5dca98f09206eb8f05
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
309e1b762126b3e3495c713f2901b238042aec8b8d9c21da9bca2311c4988003
Secunia Security Advisory - A weakness and a vulnerability have been discovered in the Google Maps Via Store Locator Plus plugin for WordPress, which can be exploited by malicious people to disclose system information and conduct SQL injection attacks.
8c68474892194fb7925c80512cabd2ea19841d51613387806f1621a6a4b191d8
WordPress Google Maps via Store Locator plugin versions 2.7.1 through 3.0.1 suffer from information disclosure, email spoofing, and remote blind SQL injection vulnerabilities.
31c1d5f297d45ac15c06cb7eb1dbdb7a479046ff9ac8bbbf91a56cb7357ef596
Debian Linux Security Advisory 2482-1 - Vreixo Formoso discovered that libgdata, a library used to access various Google services, wasn't validating certificates against trusted system root CAs when using an https connection.
1d47094e9ab3199d3353d60e80d2221e27b8800fc67c6fd798aef369c4486afe
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to compromise a user's system.
2d6a808c3d9d5cd84a8a28db0274894cf44f7279351616685fd52fea7c935283
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, and compromise a user's system.
4eeb301ede4d743d252dac48528e92f9cbc3ae1330bb34096f9f73e0b863611a
WHMCS scanning tool that uses Google to find systems that are possible vulnerable to shell upload.
63248affded4a3ef8e56df6874025a0fb7efa8ba52238183980d54d48b884d8b
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists in floats handling.
813af52e2060ed88a4a14eddff858bcee3d4f01f0e296d0618398525a750f269
Debian Linux Security Advisory 2454-1 - Multiple vulnerabilities have been found in OpenSSL. Ivan Nestlerode discovered a weakness in the CMS and PKCS #7 implementations that could allow an attacker to decrypt data via a Million Message Attack (MMA). It was discovered that a NULL pointer could be dereferenced when parsing certain S/MIME messages, leading to denial of service. Tavis Ormandy, Google Security Team, discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap overflow.
825c0a8ae8ea8fbf2a20faf45cd58f27b84d9a4a1fa4c787cb05063d8a84342e
Secunia Security Advisory - A vulnerability has been reported in the Dokodemo Rikunabi 2013 extension for Google Chrome, which can be exploited by malicious people to conduct cross-site scripting attacks.
87d7cdc6abe479169f901593fb36f94a74cd32fd487eebf2b01b4b5f688e29d1
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome where some have unknown impacts while others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
6359bcb3eeecce22cf5c0731e23e9e17ef4e2546507c0ed695077faf71ac90ee
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting and spoofing attacks and compromise a user's system.
def3126170f411690bfeb36df9022b37c70c87287d1937d9500f757ccaf4c9f2
Secunia Security Advisory - Andrea Micalizzi has discovered a security issue in Google Talk, which can be exploited by malicious people to disclose sensitive information.
607208a442ac7415f084081b1bfa891e595d50f05030008b90e39f21d3c483ea
Checkpagerankgoogle.com suffers from a cross site scripting vulnerability.
ee0303b63281ce4c2c26227f5bc2666eac841f26c64ccf604363ce40901baa6f
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
e49346746af3a01b4b87a5b3fc9c7c5bc6f892b3a70b03cde7c47e7ee0aa4a3d
Google Talk suffers from a gtalk:// deprecated URI handler /gaiaserver parameter injection vulnerability.
dd0200b63213a631a98d8b18a1d3d1e692a8ed783e1bb7c44a88df16a470ae7f