CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47131
https://notcve.org/view.php?id=CVE-2023-47131
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file. La extensión N-able PassPortal anterior a 3.29.2 para Chrome inserta información confidencial en un archivo de registro. • https://me.n-able.com/s/security-advisory/aArHs000000M8CCKA0/cve202347131-passportal-browser-extension-logs-sensitive-data • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22012
https://notcve.org/view.php?id=CVE-2024-22012
there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. En TBD de TBD, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://source.android.com/security/bulletin/pixel/2024-02-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-1283
https://notcve.org/view.php?id=CVE-2024-1283
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento de búfer de almacenamiento dinámico en Skia en Google Chrome anterior a 121.0.6167.160 permitía a un atacante remoto explotar potencialmente la corrupción el almacenamiento dinámico a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/41494860 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-1284
https://notcve.org/view.php?id=CVE-2024-1284
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Mojo en Google Chrome anterior a 121.0.6167.160 permitía a un atacante remoto explotar potencialmente la corrupción del almacenamiento dinámico a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/41494539 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 62EXPL: 0CVE-2024-20002
https://notcve.org/view.php?id=CVE-2024-20002
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715. En TVAPI, existe una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/February-2024 • CWE-787: Out-of-bounds Write •