CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9859
https://notcve.org/view.php?id=CVE-2024-9859
Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) • https://issues.chromium.org/issues/346197738 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9603
https://notcve.org/view.php?id=CVE-2024-9603
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html https://issues.chromium.org/issues/367818758 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9602
https://notcve.org/view.php?id=CVE-2024-9602
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html https://issues.chromium.org/issues/368241697 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44097
https://notcve.org/view.php?id=CVE-2024-44097
According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to intercept the connection and read the data. The attacker could the either send the client a malicious response, or forward the (possibly modified) data to the real server." • https://support.google.com/product-documentation/answer/14950962?sjid=9489879942601373169-NA • CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9123
https://notcve.org/view.php?id=CVE-2024-9123
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/365884464 • CWE-190: Integer Overflow or Wraparound CWE-472: External Control of Assumed-Immutable Web Parameter •