CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3172
https://notcve.org/view.php?id=CVE-2024-3172
16 Jul 2024 — Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6779 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6779
16 Jul 2024 — Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6776 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6776
16 Jul 2024 — Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6775 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6775
16 Jul 2024 — Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6774 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6774
16 Jul 2024 — Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6773 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6773
16 Jul 2024 — Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6772 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6772
16 Jul 2024 — Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6220 – 简数采集器 (Keydatas) <= 2.5.2 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-6220
16 Jul 2024 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. ... This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/keydatas/trunk/keydatas.php • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-39700 – Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action
https://notcve.org/view.php?id=CVE-2024-39700
16 Jul 2024 — Repositories created using this template with `test` option include `update-integration-tests.yml` workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version. ... Los repositorios creados usando esta plantilla con la opción `test` incluyen el flujo de trabajo `update-integration-tests.yml` que tiene una vulnerabilidad RCE. Se insta a los autores de extensiones que alojan su c... • https://github.com/LOURC0D3/CVE-2024-39700-PoC • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.0EPSS: 0%CPEs: 24EXPL: 0CVE-2024-6655 – Gtk3: gtk2: library injection from cwd
https://notcve.org/view.php?id=CVE-2024-6655
16 Jul 2024 — If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges. • https://access.redhat.com/errata/RHSA-2024:6963 • CWE-94: Improper Control of Generation of Code ('Code Injection') •