CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4559 – Debian Security Advisory 5683-1
https://notcve.org/view.php?id=CVE-2024-4559
07 May 2024 — Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento de búfer de almacenamiento dinámico en WebAudio en Google Chrome anterior a 124.0.6367.155 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovere... • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4558 – chromium-browser: Use after free in ANGLE
https://notcve.org/view.php?id=CVE-2024-4558
07 May 2024 — Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en ANGLE en Google Chrome anterior a 124.0.6367.155 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) The WebKitGTK web engine suffers from multiple vulnerabilities. An anonymous researcher discove... • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4368 – Debian Security Advisory 5676-1
https://notcve.org/view.php?id=CVE-2024-4368
01 May 2024 — Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Dawn en Google Chrome anterior a 124.0.6367.118 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4331 – Debian Security Advisory 5676-1
https://notcve.org/view.php?id=CVE-2024-4331
01 May 2024 — Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Picture In Picture en Google Chrome anterior a 124.0.6367.118 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4059 – Debian Security Advisory 5675-1
https://notcve.org/view.php?id=CVE-2024-4059
29 Apr 2024 — Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High) La lectura fuera de los límites en la API V8 en Google Chrome anterior a 124.0.6367.78 permitió a un atacante remoto filtrar datos entre sitios a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary cod... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4060 – Debian Security Advisory 5675-1
https://notcve.org/view.php?id=CVE-2024-4060
29 Apr 2024 — Use after free in Dawn in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Dawn en Google Chrome anterior a 124.0.6367.78 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to a... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 5%CPEs: 2EXPL: 0CVE-2024-4058 – Debian Security Advisory 5675-1
https://notcve.org/view.php?id=CVE-2024-4058
29 Apr 2024 — Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) La confusión de tipos en ANGLE en Google Chrome anterior a 124.0.6367.78 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3847 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3847
17 Apr 2024 — Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) La aplicación insuficiente de políticas en WebUI en Google Chrome antes de 124.0.6367.60 permitió a un atacante remoto eludir la política de seguridad de contenido a través de una página HTML manipulada. (Severidad de seguridad de Chrome: baja) Security issues were discovered in Chromium, which could result in ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-305: Authentication Bypass by Primary Weakness CWE-691: Insufficient Control Flow Management •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3846 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3846
17 Apr 2024 — Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada de Avisos en Google Chrome anteriores a 124.0.6367.60 permitió que un atacante remoto convenciera a un usuario de realizar gestos de IU específicos para realizar una suplantación de IU a través de una página HTML manipulada. (Severidad de ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3845 – Debian Security Advisory 5668-1
https://notcve.org/view.php?id=CVE-2024-3845
17 Apr 2024 — Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada en Redes en Google Chrome anterior a 124.0.6367.60 permitió a un atacante remoto eludir la política de contenido mixto a través de una página HTML manipulada. (Severidad de seguridad de Chrome: baja) Security issues were discovered in Chromium, which could result in the execution of a... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html • CWE-358: Improperly Implemented Security Check for Standard CWE-1068: Inconsistency Between Implementation and Documented Design •