CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36029 – Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-36029
03 Nov 2023 — Microsoft Edge (Chromium-based) Spoofing Vulnerability Vulnerabilidad de suplantación de identidad en Microsoft Edge (Chromium-based) Multiple vulnerabilities have been discovered in Microsoft Edge, the worst of which could lead to remote code execution. Versions greater than or equal to 120.0.2210.61 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36029 •
CVSS: 10.0EPSS: 75%CPEs: 25EXPL: 2CVE-2023-5217 – Google Chromium libvpx Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-5217
28 Sep 2023 — Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento del búfer en la codificación vp8 en libvpx en Google Chrome anterior a 117.0.5938.132 y libvpx 1.13.1 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) A... • https://github.com/UT-Security/cve-2023-5217-poc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 46%CPEs: 16EXPL: 16CVE-2023-4863 – Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4863
12 Sep 2023 — Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) El desbordamiento del búfer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) A heap-bas... • https://github.com/alsaeroth/CVE-2023-4863-POC • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 7%CPEs: 1EXPL: 0CVE-2023-36883 – Microsoft Edge for iOS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-36883
14 Jul 2023 — Microsoft Edge for iOS Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36883 •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28301 – Microsoft Edge (Chromium-based) Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2023-28301
11 Apr 2023 — Microsoft Edge (Chromium-based) Tampering Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28301 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28284 – Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-28284
11 Apr 2023 — Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28284 •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-44708 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-44708
13 Dec 2022 — Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Edge (basado en Chromium). Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44708 •
CVSS: 10.0EPSS: 22%CPEs: 3EXPL: 1CVE-2022-4135 – Google Chromium GPU Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-4135
25 Nov 2022 — Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) El desbordamiento del búfer de montón en GPU en Google Chrome anterior a 107.0.5304.121 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar potencialmente un escape de la zona de pruebas a través de una página HTML manipulada. (Severidad de... • https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_24.html • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 5%CPEs: 2EXPL: 0CVE-2022-23258 – Microsoft Edge for Android Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2022-23258
25 Jan 2022 — Microsoft Edge for Android Spoofing Vulnerability Una Vulnerabilidad de Suplantación de identidad en Microsoft Edge para Android • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23258 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23443 – Cross-site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-23443
21 Sep 2021 — This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array (instead of a string or a SafeValue), even if {{ }} are used. Esto afecta al paquete edge.js versiones anteriores a 5.3.2. Puede ser usada una vulnerabilidad de confusión de tipo para omitir el saneamiento de entradas cuando la entrada que se va a representar es una matriz (en lugar de una cadena o un SafeValue), incluso si se usan {{ }} • https://github.com/edge-js/edge/commit/fa2c7fde86327aeae232752e89a6e37e2e469e21 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •