Sergey Shekyan

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 75.0.3770.80 **Description** The issue is related to insufficient policy enforcement in the XMLHttpRequest component of Google Chrome, allowing a remote attacker to leak cross-origin data. This can be achieved through a specially crafted HTML page, potentially leading to unauthorized access to confidential information. **Recommendations** For versions prior to 75.0.3770.80, update to version 75.0.3770.80 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information when using Google Chrome until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Foscam IP camera versions 11.37.2.49 and other versions **Description** The issue allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DNS server. This is possible because the Foscam IP camera generates credentials based on predictable camera subdomain names when using the Foscam DynDNS option. **Recommendations** For version 11.37.2.49 and other affected versions, consider disabling the Foscam DynDNS option until a patch is available to prevent remote attackers from spoofing or hijacking cameras. Restrict access to the camera's DNS server records to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.