
CVE-2024-8639 – Debian Security Advisory 5768-1
https://notcve.org/view.php?id=CVE-2024-8639
11 Sep 2024 — Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 5.15.16_p20241115 are affected. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •

CVE-2024-8638 – Debian Security Advisory 5768-1
https://notcve.org/view.php?id=CVE-2024-8638
11 Sep 2024 — Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 5.15.16_p20241115 are affected. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVE-2024-8637 – Debian Security Advisory 5768-1
https://notcve.org/view.php?id=CVE-2024-8637
11 Sep 2024 — Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 5.15.16_p20241115 are affected. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •

CVE-2024-8636 – Debian Security Advisory 5768-1
https://notcve.org/view.php?id=CVE-2024-8636
11 Sep 2024 — Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 5.15.16_p20241115 are affected. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html • CWE-122: Heap-based Buffer Overflow CWE-416: Use After Free •