ROS-20240917-01

A vulnerability in the user tabs of Google Chrome and Microsoft Edge browsers is related to an incorrect
security checks for standard elements. Exploitation of the vulnerability could allow an attacker,
acting remotely, to spoof the user interface with a specially crafted HTML page.
generated HTML page

A vulnerability in the Skia graphics library of the Google Chrome browser is related to a buffer overflow based on the
heap. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary
code

V8 JavaScript script handler vulnerability in Google Chrome browser is related to writing outside of memory boundaries.
memory boundaries. Exploitation of the vulnerability could allow an attacker, exploit heap corruption with a
using a specially crafted HTML page

V8 JavaScript script handler V8 vulnerability in Google Chrome and Microsoft Edge browsers is related to
operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker.
acting remotely, to execute arbitrary code using a specially crafted HTML page

A vulnerability in the Skia component of the Google Chrome browser is related to writing outside memory boundaries.
Exploitation of the vulnerability could allow an attacker acting remotely to exploit heap corruption
using a specially crafted HTML page

Google Chrome browser vulnerability is related to heap buffer overflow in PDFium. Exploitation of the vulnerability
could allow an attacker acting remotely to perform a read outside of the allocated memory with a
Using a specially crafted PDF file

A vulnerability in the Google Chrome browser is related to an improperly implemented security check for a
standard. Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed
the user interface using a specially crafted HTML page

A vulnerability in the Google Chrome browser is related to the execution of certain gestures. Exploitation of the vulnerability
could allow a remote attacker to leak data from multiple sources via a specially crafted HTML page.
specially crafted HTML page

V8 JavaScript script handler vulnerability in Google Chrome browser is related to incorrect validation of input data.
of input data. Exploitation of the vulnerability could allow an attacker acting remotely to exploit the
Heap corruption using a specially crafted Chrome extension

A vulnerability in the V8 JavaScript script handler of the Google Chrome browser is related to writing outside the
memory boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to exploit the
Heap corruption using a specially crafted HTML page

A vulnerability in the Fonts component of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory.
buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code using a specially crafted HTML page

A vulnerability in the Skia component of Google Chrome browser is related to incorrect restriction of visualized user interface layers.
layers of the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface.
remotely to perform user interface spoofing

A vulnerability in the Skia graphics library of the Google Chrome and Microsoft Edge browsers is related to an operation exceeding the buffer boundaries in memory.
operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code.
remotely execute arbitrary code using a specially crafted HTML page

A vulnerability in the Passwords component of Google Chrome and Microsoft Edge browsers is related to the following
the ability to use memory after it has been freed. Exploitation of the vulnerability could allow
an attacker acting remotely to execute arbitrary code using a specially crafted HTML page.
HTML page

A vulnerability in the Autofill Payments feature of Google Chrome and Microsoft Edge browsers is related to the ability to use memory after release.
the ability to use memory after it has been freed. Exploitation of the vulnerability could allow
an attacker acting remotely to execute arbitrary code using a specially crafted
HTML page

V8 JavaScript script handler vulnerability in Google Chrome browser is related to data type mixing errors.
data types. Exploitation of the vulnerability could allow an attacker acting remotely to execute
arbitrary code using a specially crafted HTML page

V8 JavaScript script handler vulnerability in Google Chrome and Microsoft Edge browsers is related to data type confusion errors.
data type mixing errors. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code.
remotely execute arbitrary code using a specially crafted HTML page

Vulnerability in FedCM component of Google Chrome and Microsoft Edge browsers is related to incorrect security checks for standard elements.
security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to spoof a user’s account.
remotely to spoof the user interface using a specially crafted HTML page.
HTML page

A vulnerability in the WebAudio component of the Google Chrome browser is related to memory usage upon
release. Exploitation of the vulnerability could allow an attacker, acting remotely, to exploit the
heap corruption using a specially crafted HTML page

Installer vulnerability in Google Chrome and Microsoft Edge browsers is related to insufficient input data validation.
input validation. Exploitation of the vulnerability could allow an attacker to escalate their privileges
by sending a specially crafted file

A vulnerability in the Views component of Google Chrome and Microsoft Edge browsers is related to incorrect input validation for standard elements.
security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to spoof a user’s account.
remotely to spoof the user interface using a specially crafted HTML page.
HTML page

V8 JavaScript script handler vulnerability in Google Chrome browser is related to accessing resources using an incompatible type.
using an incompatible type. Exploitation of the vulnerability could allow an attacker, exploit the
heap corruption using a specially crafted HTML page

A vulnerability in the WebApp Installs component of the Google Chrome and Microsoft Edge browsers is related to an
incorrect security checks for standard elements. Exploitation of the vulnerability could allow
an attacker acting remotely to spoof the user interface with a specially crafted HTML page.
specially crafted HTML page