CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The use of after free in WebAuthentication in Google Chrome before version 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.7AI score0.33501EPSS

Exploits0References3

BDU FSTEC•added 2024/10/23 12:0 a.m.•1 views

The vulnerability of the WebAuthentication component in Google Chrome and Microsoft Edge browsers allows attackers to enhance their privileges.

The vulnerability of the WebAuthentication component in Google Chrome and Microsoft Edge relates to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created HTML page...

7.8CVSS7.7AI score0.0002EPSS

Exploits0References9Affected Software5

SUSE CVE•added 2024/10/17 3:10 a.m.•2 views

SUSE CVE-2024-9956

Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.8CVSS6.5AI score0.0002EPSS

Exploits0References6

OSV•added 2024/10/15 9:15 p.m.•16 views

CVE-2024-9956

7.8CVSS6.4AI score

Exploits0References5

OSV•added 2024/10/15 9:15 p.m.•13 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score

Exploits0References2

NVD•added 2024/10/15 9:15 p.m.•13 views

CVE-2024-9956

7.8CVSS0.0002EPSS

Exploits0References5

OSV•added 2024/10/15 9:15 p.m.•1 views

DEBIAN-CVE-2024-9956

7.8CVSS8.3AI score0.0002EPSS

Exploits0References1

NVD•added 2024/10/15 9:15 p.m.•13 views

CVE-2024-9955

8.8CVSS0.33501EPSS

Exploits0References2

AlpineLinux•added 2024/10/15 9:15 p.m.•18 views

CVE-2024-9956

7.8CVSS6.2AI score0.0002EPSS

Exploits0

AlpineLinux•added 2024/10/15 9:15 p.m.•18 views

CVE-2024-9955

8.8CVSS7.1AI score0.33501EPSS

Exploits0

CVE•added 2024/10/15 8:14 p.m.•116 views

CVE-2024-9956

CVE-2024-9956 affects Google Chrome on Android prior to 130.0.6723.58, with an Inappropriate implementation in WebAuthentication allowing a local attacker to escalate privileges via a crafted HTML page. The CVE’s standard metrics show LOCAL attack vector, LOW attack complexity, NONE privileges re...

7.8CVSS6.5AI score0.0002EPSS

Exploits0References5Affected Software1

Cvelist•added 2024/10/15 8:14 p.m.•12 views

CVE-2024-9956

0.0002EPSS

Exploits0References2

Cvelist•added 2024/10/15 8:14 p.m.•12 views

CVE-2024-9955

0.33501EPSS

Exploits0References2

CVE•added 2024/10/15 8:14 p.m.•75 views

CVE-2024-9955

CVE-2024-9955 affects Google Chrome/Chromium’s WebAuthentication in all builds prior to 130.0.6723.58. The vulnerability is a use-after-free that could enable a remote attacker to cause heap corruption via a crafted HTML page. Public advisories indicate that fixed versions exist (e.g., Chromium 1...

8.8CVSS7.3AI score0.33501EPSS

Exploits0References2Affected Software1