CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4950
https://notcve.org/view.php?id=CVE-2024-4950
15 May 2024 — Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) La implementación inapropiada en Descargas en Google Chrome anterior a 125.0.6422.60 permitió que un atacante remoto convenciera a un usuario de realizar gestos específicos de la interfaz de usuario para realizar una suplantación de la interfaz de usuario a través de... • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4949
https://notcve.org/view.php?id=CVE-2024-4949
15 May 2024 — Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Use after free en V8 en Google Chrome anterior a 125.0.6422.60 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4948
https://notcve.org/view.php?id=CVE-2024-4948
15 May 2024 — Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Dawn en Google Chrome anterior a 125.0.6422.60 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 1CVE-2024-4947 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2024-4947
15 May 2024 — Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 125.0.6422.60 permitía a un atacante remoto ejecutar código arbitrario dentro de la sandbox a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute ... • https://github.com/uixss/PoC-CVE-2024-4947 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 38%CPEs: 1EXPL: 1CVE-2024-4761 – Google Chromium V8 Out-of-Bounds Memory Write Vulnerability
https://notcve.org/view.php?id=CVE-2024-4761
14 May 2024 — Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) La escritura fuera de los límites en V8 en Google Chrome anterior a 124.0.6367.207 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) A security issue was discovered in Chromium, which could result in th... • https://github.com/michredteam/CVE-2024-4761 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2024-4671 – Google Chromium Visuals Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-4671
09 May 2024 — Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Use after free en Visuals en Google Chrome anterior a 124.0.6367.201 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar potencialmente un escape de la zona de pruebas a través de una página HTML manipulada. (Severidad de seguridad de Chrome:... • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4559 – Debian Security Advisory 5683-1
https://notcve.org/view.php?id=CVE-2024-4559
07 May 2024 — Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento de búfer de almacenamiento dinámico en WebAudio en Google Chrome anterior a 124.0.6367.155 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovere... • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2024-4558 – chromium-browser: Use after free in ANGLE
https://notcve.org/view.php?id=CVE-2024-4558
07 May 2024 — Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en ANGLE en Google Chrome anterior a 124.0.6367.155 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) The WebKitGTK web engine suffers from multiple vulnerabilities. An anonymous researcher discove... • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2024-4368 – Debian Security Advisory 5676-1
https://notcve.org/view.php?id=CVE-2024-4368
01 May 2024 — Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Dawn en Google Chrome anterior a 124.0.6367.118 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary ... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2024-4331 – Debian Security Advisory 5676-1
https://notcve.org/view.php?id=CVE-2024-4331
01 May 2024 — Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Picture In Picture en Google Chrome anterior a 124.0.6367.118 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in... • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •