CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-36022 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36022
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Edge (Chromium-based) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36022 https://security.gentoo.org/glsa/202402-05 •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-36034 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36034
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Microsoft Edge (Chromium-based) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36034 https://security.gentoo.org/glsa/202402-05 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44323 – PDF Jbig2 memory-corruption Vulnerability - MSFT T5
https://notcve.org/view.php?id=CVE-2023-44323
Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat para Edge versión 118.0.2088.46 (y anteriores) se ve afectado por una vulnerabilidad use-after-free. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una denegación de servicio de la aplicación en el contexto del usuario actual. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44323 • CWE-416: Use After Free •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36559 – Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-36559
Microsoft Edge (Chromium-based) Spoofing Vulnerability Vulnerabilidad de Suplantación de Identidad en Microsoft Edge (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36559 https://security.gentoo.org/glsa/202402-05 •
CVSS: 8.8EPSS: 30%CPEs: 25EXPL: 0CVE-2023-5217 – Google Chromium libvpx Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento del búfer en la codificación vp8 en libvpx en Google Chrome anterior a 117.0.5938.132 y libvpx 1.13.1 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library. Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. • http://seclists.org/fulldisclosure/2023/Oct/12 http://seclists.org/fulldisclosure/2023/Oct/16 http://www.openwall.com/lists/oss-security/2023/09/28/5 http://www.openwall.com/lists/oss-security/2023/09/28/6 http://www.openwall.com/lists/oss-security/2023/09/29/1 http://www.openwall.com/lists/oss-security/2023/09/29/11 http://www.openwall.com/lists/oss-security/2023/09/29/12 http://www.openwall.com/lists/oss-security/2023/09/29/14 http://ww • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •