CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3157 – Debian Security Advisory 5656-1
https://notcve.org/view.php?id=CVE-2024-3157
10 Apr 2024 — Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High) El acceso a la memoria fuera de los límites en Compositing en Google Chrome anterior a 123.0.6312.122 permitía a un atacante remoto que había comprometido el proceso de la GPU realizar potencialmente un escape de la zona de pruebas mediante gestos específicos de la... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3156 – Debian Security Advisory 5654-1
https://notcve.org/view.php?id=CVE-2024-3156
04 Apr 2024 — Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) La implementación inapropiada en V8 en Google Chrome anterior a 123.0.6312.105 permitió a un atacante remoto realizar potencialmente un acceso a la memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromi... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3158 – Debian Security Advisory 5654-1
https://notcve.org/view.php?id=CVE-2024-3158
04 Apr 2024 — Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Bookmarks de Google Chrome anterior a 123.0.6312.105 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arb... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3159 – Google Chrome V8 Enum Cache Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-3159
04 Apr 2024 — Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) El acceso a memoria fuera de los límites en V8 en Google Chrome anterior a 123.0.6312.105 permitía a un atacante remoto realizar lectura/escritura arbitraria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) This vulnerability allows remote attackers to execute arbitrary code on affected... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 7%CPEs: 1EXPL: 3CVE-2024-2887 – Google Chrome WASM Improper Input Validation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-2887
26 Mar 2024 — Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en WebAssembly en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chrome. User in... • https://github.com/rycbar77/CVE-2024-2887 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2886 – Google Chrome VideoFrame Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-2886
26 Mar 2024 — Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Use after free en WebCodecs en Google Chrome anteriores a 123.0.6312.86 permitía a un atacante remoto realizar lectura/escritura arbitraria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google ... • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2885 – Debian Security Advisory 5648-1
https://notcve.org/view.php?id=CVE-2024-2885
26 Mar 2024 — Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Dawn en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code,... • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2883 – Debian Security Advisory 5648-1
https://notcve.org/view.php?id=CVE-2024-2883
26 Mar 2024 — Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Use after free en ANGLE en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) Security issues were discovered in Chromium, which could result in the execution of arbi... • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-2631 – Debian Security Advisory 5648-1
https://notcve.org/view.php?id=CVE-2024-2631
20 Mar 2024 — Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada en iOS en Google Chrome anterior a 123.0.6312.58 permitió a un atacante remoto realizar una suplantación de interfaz de usuario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: baja) Security issues were discovered in Chromium, which could result in the execution of arbit... • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2024-2630 – Debian Security Advisory 5648-1
https://notcve.org/view.php?id=CVE-2024-2630
20 Mar 2024 — Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) La implementación inadecuada en iOS en Google Chrome anterior a 123.0.6312.58 permitió a un atacante remoto filtrar datos de orígenes cruzados a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) Security issues were discovered in Chromium, which could result in the execution of arbitrary c... • https://github.com/Roud-Roud-Agency/CVE-2024-26304-RCE-exploits • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •