4 results (0.008 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/365884464 • CWE-190: Integer Overflow or Wraparound CWE-472: External Control of Assumed-Immutable Web Parameter •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/365802567 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/363538434 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/365254285 • CWE-416: Use After Free •