Page 34 of 3370 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) When deserializing an SkPath, there is some basic validation performed to ensure that the contents are consistent. This validation does not use safe integer types, or perform additional validation, so it's possible for a large path to overflow the point count, resulting in an unsafe SkPath object. • http://packetstormsecurity.com/files/174949/Chrome-SKIA-Integer-Overflow.html https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1464215 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1458046 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La Confusión de Tipos en V8 en Google Chrome anterior a 116.0.5845.96 permitía a un atacante remoto explotar potencialmente la corrupción de la memoria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Chrome suffers from a read-only property overwrite in TurboFan. • http://packetstormsecurity.com/files/174669/Chrome-Read-Only-Property-Overwrite.html https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1452076 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa&# • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1465833 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1454817 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •