CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3846 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3846
17 Apr 2024 — Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada de Avisos en Google Chrome anteriores a 124.0.6367.60 permitió que un atacante remoto convenciera a un usuario de realizar gestos de IU específicos para realizar una suplantación de IU a través de una página HTML manipulada. (Severidad de ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3845 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3845
17 Apr 2024 — Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada en Redes en Google Chrome anterior a 124.0.6367.60 permitió a un atacante remoto eludir la política de contenido mixto a través de una página HTML manipulada. (Severidad de seguridad de Chrome: baja) Security issues were discovered in Chromium, which could result in the execution of a... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-358: Improperly Implemented Security Check for Standard CWE-1068: Inconsistency Between Implementation and Documented Design •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3844 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3844
17 Apr 2024 — Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) La implementación inapropiada en Extensiones en Google Chrome anteriores a 124.0.6367.60 permitió a un atacante remoto realizar una suplantación de interfaz de usuario a través de una extensión de Chrome manipulada. (Severidad de seguridad de Chrome: baja) Security issues were discovered in Chromium, which could ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3843 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3843
17 Apr 2024 — Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) La validación de datos insuficiente en Descargas en Google Chrome anterior a 124.0.6367.60 permitió a un atacante remoto realizar una suplantación de la interfaz de usuario a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) Security issues were discovered in Chromium, which could resul... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3841 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3841
17 Apr 2024 — Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium) La validación de datos insuficiente en Browser Switcher en Google Chrome anterior a 124.0.6367.60 permitió a un atacante remoto inyectar scripts o HTML en una página privilegiada a través de un archivo malicioso. (Severidad de seguridad de Chromium: media) Security issues were discovered ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3840 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3840
17 Apr 2024 — Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) La aplicación insuficiente de políticas en Site Isolation en Google Chrome antes de 124.0.6367.60 permitió a un atacante remoto eludir las restricciones de navegación a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) Security issues were discovered in Chromium, whic... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-285: Improper Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3833 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3833
17 Apr 2024 — Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) La corrupción de objetos en WebAssembly en Google Chrome anterior a 124.0.6367.60 permitía a un atacante remoto explotar potencialmente la corrupción de objetos a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-374: Passing Mutable Objects to an Untrusted Method •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3832 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3832
17 Apr 2024 — Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) La corrupción de objetos en V8 en Google Chrome anterior a 124.0.6367.60 permitía a un atacante remoto explotar potencialmente la corrupción de objetos a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbi... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3914 – Microsoft Edge DOMArrayBuffer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-3914
15 Apr 2024 — Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en V8 en Google Chrome anterior a 124.0.6367.60 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •