8 results (0.007 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/351327767 •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) • https://github.com/ading2210/CVE-2024-6778-POC https://github.com/r00tjunip3r1/POC-CVE-2024-6778 https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/341136300 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-366: Race Condition within a Thread •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/345640549 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/346692546 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/347373236 • CWE-416: Use After Free •