CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23716
https://notcve.org/view.php?id=CVE-2024-23716
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2024-09-01 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34747 – PowerVR DEVMEMXINT_RESERVATION::ppsPMR Use-After-Free
https://notcve.org/view.php?id=CVE-2024-34747
In DevmemXIntMapPages of devicemem_server.c, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. The array ppsPMR in DEVMEMXINT_RESERVATION holds references to PMR structures (using PMRRefPMR2()), intending to prevent the PMRs' physical memory from being released. However, PMRs with PVRSRV_MEMALLOCFLAG_NO_OSPAGES_ON_ALLOC (which for OSMem PMRs internally translates to FLAG_ONDEMAND) can release their backing physical pages while references to the PMR still exist; PMRLockSysPhysAddresses() must be used to prevent a PMR's backing pages from disappearing, like in DevmemIntMapPMR2(). • https://source.android.com/security/bulletin/2024-11-01 •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8373 – AngularJS improper sanitization in '<source>' element
https://notcve.org/view.php?id=CVE-2024-8373
Improper sanitization of the value of the '[srcset]' attribute in '<source>' HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status . Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status . • https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b https://www.herodevs.com/vulnerability-directory/cve-2024-8373 • CWE-791: Incomplete Filtering of Special Elements •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7970
https://notcve.org/view.php?id=CVE-2024-7970
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/358485426 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8362
https://notcve.org/view.php?id=CVE-2024-8362
Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/357391257 • CWE-416: Use After Free •