CVE-2024-2176
- EPSS 1.25%
- Veröffentlicht 06.03.2024 19:15:09
- Zuletzt bearbeitet 19.12.2024 20:23:37
Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-2173
- EPSS 13.56%
- Veröffentlicht 06.03.2024 19:15:08
- Zuletzt bearbeitet 21.03.2025 21:15:35
Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2024-25111
- EPSS 65.25%
- Veröffentlicht 06.03.2024 19:15:07
- Zuletzt bearbeitet 03.11.2025 21:16:07
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause D...
CVE-2024-28084
- EPSS 0.94%
- Veröffentlicht 03.03.2024 21:15:49
- Zuletzt bearbeitet 04.11.2025 19:17:04
p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information...
CVE-2024-24246
- EPSS 0.44%
- Veröffentlicht 29.02.2024 20:15:41
- Zuletzt bearbeitet 04.11.2025 22:15:58
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.
CVE-2024-22871
- EPSS 1.53%
- Veröffentlicht 29.02.2024 02:15:09
- Zuletzt bearbeitet 04.11.2025 22:15:58
An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.
CVE-2024-25713
- EPSS 1.84%
- Veröffentlicht 29.02.2024 01:44:16
- Zuletzt bearbeitet 04.11.2025 22:15:58
yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)
CVE-2024-1938
- EPSS 0.83%
- Veröffentlicht 29.02.2024 01:43:57
- Zuletzt bearbeitet 19.12.2024 20:20:38
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-1939
- EPSS 2.58%
- Veröffentlicht 29.02.2024 01:43:57
- Zuletzt bearbeitet 19.12.2024 20:20:25
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-27285
- EPSS 1.06%
- Veröffentlicht 28.02.2024 20:15:41
- Zuletzt bearbeitet 14.02.2025 15:31:24
YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb"...