CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9957
https://notcve.org/view.php?id=CVE-2024-9957
Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/358151317 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9956
https://notcve.org/view.php?id=CVE-2024-9956
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/370482421 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9955
https://notcve.org/view.php?id=CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) • https://github.com/amfg145/CVE-2024-9955-POC https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/370133761 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-9954
https://notcve.org/view.php?id=CVE-2024-9954
Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://github.com/famixcm/CVE-2024-9954 https://github.com/zetraxz/CVE-2024-9954 https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html https://issues.chromium.org/issues/367755363 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9859
https://notcve.org/view.php?id=CVE-2024-9859
Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) • https://issues.chromium.org/issues/346197738 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •