CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9956
https://notcve.org/view.php?id=CVE-2024-9956
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/370482421 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9955
https://notcve.org/view.php?id=CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) • https://github.com/amfg145/CVE-2024-9955-POC https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/370133761 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-9954
https://notcve.org/view.php?id=CVE-2024-9954
Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://github.com/famixcm/CVE-2024-9954 https://github.com/zetraxz/CVE-2024-9954 https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/367755363 • CWE-416: Use After Free •