CVE-2024-38277
- EPSS 0.24%
- Veröffentlicht 18.06.2024 20:15:14
- Zuletzt bearbeitet 07.08.2025 17:24:28
A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two.
CVE-2024-38276
- EPSS 0.46%
- Veröffentlicht 18.06.2024 20:15:14
- Zuletzt bearbeitet 26.03.2025 14:15:31
Incorrect CSRF token checks resulted in multiple CSRF risks.
CVE-2024-38274
- EPSS 0.37%
- Veröffentlicht 18.06.2024 20:15:13
- Zuletzt bearbeitet 07.08.2025 17:23:59
Insufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt.
CVE-2024-38273
- EPSS 0.43%
- Veröffentlicht 18.06.2024 20:15:13
- Zuletzt bearbeitet 07.08.2025 16:43:09
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.
CVE-2024-5847
- EPSS 0.46%
- Veröffentlicht 11.06.2024 21:15:55
- Zuletzt bearbeitet 21.11.2024 09:48:28
Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
CVE-2024-5846
- EPSS 0.46%
- Veröffentlicht 11.06.2024 21:15:55
- Zuletzt bearbeitet 21.11.2024 09:48:28
Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
CVE-2024-5845
- EPSS 0.46%
- Veröffentlicht 11.06.2024 21:15:55
- Zuletzt bearbeitet 21.11.2024 09:48:27
Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
CVE-2024-5844
- EPSS 0.53%
- Veröffentlicht 11.06.2024 21:15:55
- Zuletzt bearbeitet 13.03.2025 20:15:24
Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-5843
- EPSS 0.47%
- Veröffentlicht 11.06.2024 21:15:55
- Zuletzt bearbeitet 21.11.2024 09:48:27
Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity: Medium)
CVE-2024-5842
- EPSS 0.48%
- Veröffentlicht 11.06.2024 21:15:55
- Zuletzt bearbeitet 21.11.2024 09:48:27
Use after free in Browser UI in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium...