Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDB339992E-6059-11EF-8A0F-A8A1599412C6
HistoryAug 21, 2024 - 12:00 a.m.

chromium -- multiple security fixes

2024-08-2100:00:00
vuxml.freebsd.org
4
chrome releases
security fixes
use after free
inappropriate implementation
out of bounds memory access
heap buffer overflow
type confusion
insufficient data validation
high
medium
low
cve-2024-7964
cve-2024-7965
cve-2024-7966
cve-2024-7967
cve-2024-7968
cve-2024-7969
cve-2024-7971
cve-2024-7972
cve-2024-7973
cve-2024-7974
cve-2024-7975
cve-2024-7976
cve-2024-7977
cve-2024-7978
cve-2024-7979
cve-2024-7980
cve-2024-7981
cve-2024-8033
cve-2024-8034
cve-2024-8035
passwords
v8
skia
fonts
autofill
pdfium
v8 api
permissions
fedcm
installer
data transfer
views
webapp installs
custom tabs
extensions
unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.258

Percentile

96.8%

JSON

Chrome Releases reports:

This update includes 38 security fixes:

[358296941] High CVE-2024-7964: Use after free in Passwords. Reported by Anonymous on 2024-08-08
[356196918] High CVE-2024-7965: Inappropriate implementation in V8. Reported by TheDog on 2024-07-30
[355465305] High CVE-2024-7966: Out of bounds memory access in Skia. Reported by Renan Rios (@HyHy100) on 2024-07-25
[355731798] High CVE-2024-7967: Heap buffer overflow in Fonts. Reported by Tashita Software Security on 2024-07-27
[349253666] High CVE-2024-7968: Use after free in Autofill. Reported by Han Zheng (HexHive) on 2024-06-25
[351865302] High CVE-2024-7969: Type Confusion in V8. Reported by CFF of Topsec Alpha Team on 2024-07-09
[360700873] High CVE-2024-7971: Type confusion in V8. Reported by Microsoft Threat Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC) on 2024-08-19
[345960102] Medium CVE-2024-7972: Inappropriate implementation in V8. Reported by Simon Gerst (intrigus-lgtm) on 2024-06-10
[345518608] Medium CVE-2024-7973: Heap buffer overflow in PDFium. Reported by soiax on 2024-06-06
[339141099] Medium CVE-2024-7974: Insufficient data validation in V8 API. Reported by bowu(@gocrashed) on 2024-05-07
[347588491] Medium CVE-2024-7975: Inappropriate implementation in Permissions. Reported by Thomas Orlita on 2024-06-16
[339654392] Medium CVE-2024-7976: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-10
[324770940] Medium CVE-2024-7977: Insufficient data validation in Installer. Reported by Kim Dong-uk (@justlikebono) on 2024-02-11
[40060358] Medium CVE-2024-7978: Insufficient policy enforcement in Data Transfer. Reported by NDevTK on 2022-07-21
[356064205] Medium CVE-2024-7979: Insufficient data validation in Installer. Reported by VulnNoob on 2024-07-29
[356328460] Medium CVE-2024-7980: Insufficient data validation in Installer. Reported by VulnNoob on 2024-07-30
[40067456] Low CVE-2024-7981: Inappropriate implementation in Views. Reported by Thomas Orlita on 2023-07-14
[350256139] Low CVE-2024-8033: Inappropriate implementation in WebApp Installs. Reported by Lijo A.T on 2024-06-30
[353858776] Low CVE-2024-8034: Inappropriate implementation in Custom Tabs. Reported by Bharat (mrnoob) on 2024-07-18
[40059470] Low CVE-2024-8035: Inappropriate implementation in Extensions. Reported by Microsoft on 2022-04-26

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 128.0.6613.84UNKNOWN
FreeBSDanynoarchungoogled-chromium< 128.0.6613.84UNKNOWN

Related

nessus 7
openvas 5
osv 22
chrome 2
kaspersky 4
redos 1
cve 19
cvelist 17
nvd 19
wolfi 18
mscve 16
vulnrichment 18
attackerkb 2
malwarebytes 1
talosblog 1
ubuntucve 12
debiancve 19
alpinelinux 10
cisa_kev 2
schneier 1
redhatcve 2
githubexploit 1
nessus
nessus
Google Chrome < 128.0.6613.84 Multiple Vulnerabilities
2024-08-21 00:00:00
Google Chrome < 128.0.6613.84 Multiple Vulnerabilities
2024-08-21 00:00:00
Debian dsa-5757 : chromium - security update
2024-08-23 00:00:00
openvas
openvas
openSUSE: Security Advisory for chromium (openSUSE-SU-2024:0258-1)
2024-08-24 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop_21-2024-08) - Mac OS X
2024-08-22 00:00:00
Debian: Security Advisory (DSA-5757-1)
2024-08-26 00:00:00
osv
osv
Security update for chromium
2024-08-23 09:15:52
Security update for chromium
2024-08-23 09:15:52
chromium - security update
2024-08-23 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2024-08-21 00:00:00
Stable Channel Update for ChromeOS / ChromeOS Flex
2024-09-09 00:00:00
kaspersky
kaspersky
KLA71709 Multiple vulnerability in Google Chrome
2024-07-22 00:00:00
KLA71827 Multiple vulnerabilities in Microsoft Browser
2024-08-22 00:00:00
KLA72043 DoS vulnerability in Opera
2024-09-02 00:00:00
redos
redos
ROS-20240917-01
2024-09-17 00:00:00
cve
cve
CVE-2024-7965
2024-08-21 21:15:08
CVE-2024-8033
2024-08-21 21:15:09
CVE-2024-7972
2024-08-21 21:15:09
cvelist
cvelist
CVE-2024-7964
2024-08-21 20:20:23
CVE-2024-8033
2024-08-21 20:20:26
CVE-2024-7972
2024-08-21 20:20:24
nvd
nvd
CVE-2024-7964
2024-08-21 21:15:08
CVE-2024-8033
2024-08-21 21:15:09
CVE-2024-7971
2024-08-21 21:15:09
wolfi
wolfi
CVE-2024-7964 vulnerabilities
2024-09-19 09:11:50
CVE-2024-7965 vulnerabilities
2024-09-19 09:11:50
CVE-2024-8033 vulnerabilities
2024-09-19 09:11:50
mscve
mscve
Chromium: CVE-2024-7964 Use after free in Passwords
2024-08-22 07:00:00
Chromium: CVE-2024-7965 Inappropriate implementation in V8
2024-08-22 07:00:00
Chromium: CVE-2024-8033 Inappropriate implementation in WebApp Installs
2024-08-22 07:00:00
vulnrichment
vulnrichment
CVE-2024-7965
2024-08-21 20:20:23
CVE-2024-8033
2024-08-21 20:20:26
CVE-2024-7964
2024-08-21 20:20:23
attackerkb
attackerkb
CVE-2024-7965
2024-08-21 00:00:00
CVE-2024-7971
2024-08-21 00:00:00
malwarebytes
malwarebytes
Google patches actively exploited zero-day in Chrome. Update now!
2024-08-22 14:12:15
talosblog
talosblog
The best and worst ways to get users to improve their account security
2024-09-05 18:00:02
ubuntucve
ubuntucve
CVE-2024-8033
2024-08-21 00:00:00
CVE-2024-7964
2024-08-21 00:00:00
CVE-2024-7980
2024-08-21 00:00:00
debiancve
debiancve
CVE-2024-8033
2024-08-21 21:15:09
CVE-2024-7964
2024-08-21 21:15:08
CVE-2024-7972
2024-08-21 21:15:09
alpinelinux
alpinelinux
CVE-2024-7971
2024-08-21 21:15:09
CVE-2024-7968
2024-08-21 21:15:09
CVE-2024-7972
2024-08-21 21:15:09
cisa_kev
cisa_kev
Google Chromium V8 Inappropriate Implementation Vulnerability
2024-08-28 00:00:00
Google Chromium V8 Type Confusion Vulnerability
2024-08-26 00:00:00
schneier
schneier
New Chrome Zero-Day
2024-09-10 11:04:29
redhatcve
redhatcve
CVE-2024-7965
2024-08-28 17:10:05
CVE-2024-7971
2024-08-27 19:10:28
githubexploit
githubexploit
Exploit for Improperly Implemented Security Check for Standard in Google Chrome
2024-09-16 19:04:57

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.258

Percentile

96.8%

JSON
Related for B339992E-6059-11EF-8A0F-A8A1599412C6
nessus7openvas5osv22chrome2kaspersky4redos1cve19cvelist17nvd19wolfi18mscve16vulnrichment18attackerkb2malwarebytes1talosblog1ubuntucve12debiancve19alpinelinux10cisa_kev2schneier1redhatcve2githubexploit1