CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11117 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11117
12 Nov 2024 — Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11116 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11116
12 Nov 2024 — Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11115 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11115
12 Nov 2024 — Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11114 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11114
12 Nov 2024 — Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11113 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11113
12 Nov 2024 — Use after free in Accessibility in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11112 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11112
12 Nov 2024 — Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11111 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11111
12 Nov 2024 — Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11110 – Debian Security Advisory 5817-1
https://notcve.org/view.php?id=CVE-2024-11110
12 Nov 2024 — Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •