CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36029 – Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-36029
Microsoft Edge (Chromium-based) Spoofing Vulnerability Vulnerabilidad de suplantación de identidad en Microsoft Edge (Chromium-based) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36029 https://security.gentoo.org/glsa/202402-05 •
CVSS: 9.6EPSS: 62%CPEs: 16EXPL: 12CVE-2023-4863 – Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) El desbordamiento del búfer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library. Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. • https://github.com/alsaeroth/CVE-2023-4863-POC https://github.com/mistymntncop/CVE-2023-4863 https://github.com/LiveOverflow/webp-CVE-2023-4863 https://github.com/bbaranoff/CVE-2023-4863 https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863 https://github.com/huiwen-yayaya/CVE-2023-4863 https://github.com/CrackerCat/CVE-2023-4863- https://github.com/sarsaeroth/CVE-2023-4863-POC http://www.openwall.com/lists/oss-security/2023/09/21/4 http://www.openwall.com/list • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36883 – Microsoft Edge for iOS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-36883
Microsoft Edge for iOS Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36883 •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28301 – Microsoft Edge (Chromium-based) Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2023-28301
Microsoft Edge (Chromium-based) Tampering Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28301 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28284 – Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-28284
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28284 •