CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7974 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7974
21 Aug 2024 — Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7973 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7973
21 Aug 2024 — Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7972 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7972
21 Aug 2024 — Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2024-7971 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2024-7971
21 Aug 2024 — Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. ... Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7969 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7969
21 Aug 2024 — Type Confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code <... • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7968 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7968
21 Aug 2024 — Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7967 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7967
21 Aug 2024 — Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7966 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7966
21 Aug 2024 — Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 16%CPEs: 1EXPL: 3CVE-2024-7965 – Google Chromium V8 Inappropriate Implementation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7965
21 Aug 2024 — Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. ... Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a cra... • https://github.com/bi-zone/CVE-2024-7965 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7964 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7964
21 Aug 2024 — Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free •