CVSS: 5.5EPSS: 2%CPEs: 2EXPL: 0CVE-2024-20721 – T5 Acrobat JS vulnerability - Exploitable crash via t5::javascript::get_page_num_words
https://notcve.org/view.php?id=CVE-2024-20721
15 Jan 2024 — Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 120.0.2210.91 y anteriores de Acrobat Reader T5 (MSFT Edge) se ven afectadas por una vulnerabilidad de validación de entrada incorrec... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20721 • CWE-20: Improper Input Validation •
CVSS: 5.2EPSS: 1%CPEs: 1EXPL: 0CVE-2024-21337 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21337
11 Jan 2024 — Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Edge (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21337 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20675 – Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20675
11 Jan 2024 — Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de Microsoft Edge (basada en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20675 • CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36878 – Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36878
15 Dec 2023 — Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Vulnerabilidad de omisión de característica de seguridad de Microsoft Edge (basada en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36878 •
CVSS: 10.0EPSS: 39%CPEs: 3EXPL: 1CVE-2023-6702 – Gentoo Linux Security Advisory 202402-14
https://notcve.org/view.php?id=CVE-2023-6702
14 Dec 2023 — Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La confusión de tipos en V8 en Google Chrome anterior a 120.0.6099.109 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of wh... • https://github.com/kaist-hacking/CVE-2023-6702 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.8EPSS: 2%CPEs: 1EXPL: 0CVE-2023-36880 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36880
07 Dec 2023 — Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Edge (basado en Chromium) Multiple vulnerabilities have been discovered in Microsoft Edge, the worst of which could lead to remote code execution. Versions greater than or equal to 120.0.2210.61 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36880 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38174 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38174
07 Dec 2023 — Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Edge (basado en Chromium) Multiple vulnerabilities have been discovered in Microsoft Edge, the worst of which could lead to remote code execution. Versions greater than or equal to 120.0.2210.61 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38174 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2023-35618 – Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35618
07 Dec 2023 — Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Microsoft Edge (basado en Chromium) Multiple vulnerabilities have been discovered in Microsoft Edge, the worst of which could lead to remote code execution. Versions greater than or equal to 120.0.2210.61 are affected. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35618 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 17%CPEs: 7EXPL: 0CVE-2023-6345 – Google Skia Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-6345
29 Nov 2023 — Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) El desbordamiento de enteros en Skia en Google Chrome anterior a 119.0.6045.199 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar potencialmente un escape de la zona de pruebas a través de un archivo malicioso. (Severidad de seguridad de Chrome... • https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.6EPSS: 1%CPEs: 1EXPL: 0CVE-2023-36008 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36008
16 Nov 2023 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Edge (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36008 • CWE-416: Use After Free •