CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5831
https://notcve.org/view.php?id=CVE-2024-5831
Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Dawn en Google Chrome anterior a 126.0.6478.54 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/339171223 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5830
https://notcve.org/view.php?id=CVE-2024-5830
Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 126.0.6478.54 permitía a un atacante remoto realizar una escritura en la memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/342456991 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-5274 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2024-5274
Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 125.0.6422.112 permitía a un atacante remoto ejecutar código arbitrario dentro de una sandbox a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://github.com/mistymntncop/CVE-2024-5274 https://github.com/Alchemist3dot14/CVE-2024-5274-Detection https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html https://issues.chromium.org/issues/341663589 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVC3FNI7HZLVSRIFBVUSBHI233DZYBKP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6IBUYVPD4MIFQNNYBGAPI5MOECWXXOB • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4950
https://notcve.org/view.php?id=CVE-2024-4950
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada en Descargas en Google Chrome anterior a 125.0.6422.60 permitió que un atacante remoto convenciera a un usuario de realizar gestos específicos de la interfaz de usuario para realizar una suplantación de la interfaz de usuario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: baja) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/40065403 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4949
https://notcve.org/view.php?id=CVE-2024-4949
Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Use after free en V8 en Google Chrome anterior a 125.0.6422.60 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/326607001 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD • CWE-416: Use After Free •