CVE-2024-7018
https://notcve.org/view.php?id=CVE-2024-7018
Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) • https://issues.chromium.org/issues/333414305 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-8909
https://notcve.org/view.php?id=CVE-2024-8909
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html https://issues.chromium.org/issues/341353783 •
CVE-2024-8908
https://notcve.org/view.php?id=CVE-2024-8908
Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html https://issues.chromium.org/issues/337222641 •
CVE-2024-8907
https://notcve.org/view.php?id=CVE-2024-8907
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html https://issues.chromium.org/issues/360642942 •
CVE-2024-8906
https://notcve.org/view.php?id=CVE-2024-8906
Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html https://issues.chromium.org/issues/352681108 •