Lucene search
+L

117 matches found

NVD
NVD
added 2024/03/06 7:15 p.m.22 views

CVE-2024-2176

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS4.7AI score0.01251EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 7:15 p.m.31 views

CVE-2024-2176

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.01251EPSS
Exploits1References3
Prion
Prion
added 2024/03/06 7:15 p.m.39 views

Design/Logic Flaw

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

9.5AI score0.01251EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/06 6:34 p.m.18 views

CVE-2024-2176

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.5AI score0.01251EPSS
Exploits1References3
CVE
CVE
added 2024/03/06 6:34 p.m.2028 views

CVE-2024-2176

CVE-2024-2176 corresponds to a use-after-free in Chrome/Chromium’s FedCM, fixed in Chromium 122.0.6261.111+ (Chrome prior to 122.0.6261.111 affected). The issue could enable remote code execution via heap corruption from a crafted HTML page; impact is high (C/H/I/A = High). Affected component: Fe...

8.8CVSS6.2AI score0.01251EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2024/03/06 6:34 p.m.54 views

CVE-2024-2176

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.6AI score0.01251EPSS
Exploits1
FreeBSD
FreeBSD
added 2024/03/05 12:0 a.m.35 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 325893559 High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19 325866363 High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be...

8.8CVSS7.7AI score0.13556EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.61 views

Google Chrome < 122.0.6261.111 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 122.0.6261.111. It is, therefore, affected by multiple vulnerabilities as referenced in the 202403stable-channel-update-for-desktop advisory. - Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a...

8.8CVSS8.3AI score0.13556EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.27 views

openSUSE Security Advisory (openSUSE-SU-2024:0020-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.4351EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2024/01/04 12:0 a.m.37 views

FreeBSD : electron27 -- multiple vulnerabilities (d1b20e09-dbdf-432b-83c7-89f0af76324a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d1b20e09-dbdf-432b-83c7-89f0af76324a advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to...

8.8CVSS8.2AI score0.4351EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2024/01/01 12:0 a.m.51 views

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0001-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0001-1 advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

8.8CVSS9AI score0.4351EPSS
Exploits3References15
Tenable Nessus
Tenable Nessus
added 2024/01/01 12:0 a.m.43 views

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0002-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0002-1 advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

8.8CVSS9AI score0.4351EPSS
Exploits3References15
Veracode
Veracode
added 2023/12/15 5:1 a.m.22 views

Use After Free

chromium is vulnerable to Use after free. The vulnerability is due to improper memory management in FedCM in Google Chrome. This allows a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS6.8AI score0.00639EPSS
Exploits0References5Affected Software2
SUSE CVE
SUSE CVE
added 2023/12/15 2:7 a.m.4 views

SUSE CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.2AI score0.00639EPSS
Exploits0References6
NVD
NVD
added 2023/12/14 10:15 p.m.19 views

CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00639EPSS
Exploits0References4
Prion
Prion
added 2023/12/14 10:15 p.m.17 views

Design/Logic Flaw

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.8CVSS7.1AI score0.00639EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/12/14 9:48 p.m.141 views

CVE-2023-6706

CVE-2023-6706 is a use-after-free in FedCM for Google Chrome/Chromium prior to 120.0.6099.109, enabling a remote attacker who tricked a user into UI interaction to potentially trigger heap corruption via a crafted HTML page. Public references in the connected documents confirm this vulnerability ...

8.8CVSS8.7AI score0.00639EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2023/12/14 9:48 p.m.33 views

CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.3AI score0.00639EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/12/14 9:48 p.m.36 views

CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9AI score0.00639EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2023/12/14 8:0 a.m.32 views

Chromium: CVE-2023-6706 Use after free in FedCM

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.00639EPSS
Exploits0
Rows per page
Query Builder