CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5499
https://notcve.org/view.php?id=CVE-2024-5499
Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) La escritura fuera de los límites en Streams API en Google Chrome anterior a 125.0.6422.141 permitía a un atacante remoto ejecutar código arbitrario dentro de una sandbox a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339877167 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-787: Out-of-bounds Write •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5498
https://notcve.org/view.php?id=CVE-2024-5498
Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en la API de presentación de Google Chrome anterior a 125.0.6422.141 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339588211 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5497
https://notcve.org/view.php?id=CVE-2024-5497
Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El acceso a la memoria fuera de los límites en las entradas de teclado en Google Chrome anteriores a 125.0.6422.141 permitió a un atacante remoto que convenció a un usuario para realizar gestos de interfaz de usuario específicos para explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/339061099 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5496
https://notcve.org/view.php?id=CVE-2024-5496
Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Use after free en Media Session en Google Chrome anterior a 125.0.6422.141 permitía a un atacante remoto ejecutar código arbitrario dentro de una sandbox a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/338929744 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5495
https://notcve.org/view.php?id=CVE-2024-5495
Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Dawn en Google Chrome anterior a 125.0.6422.141 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html https://issues.chromium.org/issues/338103465 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2 • CWE-416: Use After Free •