Page 3 of 19 results (0.004 seconds)

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/339141099 •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/345518608 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/345960102 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/360700873 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/349253666 • CWE-416: Use After Free •