Page 18 of 3433 results (0.012 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) El acceso a memoria fuera de los límites en V8 en Google Chrome anterior a 123.0.6312.105 permitía a un atacante remoto realizar lectura/escritura arbitraria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the enum cache in V8. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/330760873 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 3

Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en WebAssembly en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of WebAssembly. By specifying a large number of structures, an attacker can cause the compiler to emit unsafe code. • https://github.com/rycbar77/CVE-2024-2887 https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-Poc https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/330588502 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3R •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Use after free en WebCodecs en Google Chrome anteriores a 123.0.6312.86 permitía a un atacante remoto realizar lectura/escritura arbitraria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/330575496 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Dawn en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/328958020 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Use after free en ANGLE en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/327807820 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT •