CVE-2024-5494
- EPSS 0.67%
- Veröffentlicht 30.05.2024 23:15:48
- Zuletzt bearbeitet 26.12.2024 16:38:51
Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5495
- EPSS 0.67%
- Veröffentlicht 30.05.2024 23:15:48
- Zuletzt bearbeitet 26.12.2024 16:42:57
Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5496
- EPSS 0.82%
- Veröffentlicht 30.05.2024 23:15:48
- Zuletzt bearbeitet 26.12.2024 16:43:17
Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5497
- EPSS 0.74%
- Veröffentlicht 30.05.2024 23:15:48
- Zuletzt bearbeitet 26.12.2024 16:43:33
Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security sev...
CVE-2024-5498
- EPSS 0.64%
- Veröffentlicht 30.05.2024 23:15:48
- Zuletzt bearbeitet 26.12.2024 16:43:44
Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5499
- EPSS 0.89%
- Veröffentlicht 30.05.2024 23:15:48
- Zuletzt bearbeitet 26.12.2024 16:07:06
Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2024-32760
- EPSS 0.85%
- Veröffentlicht 29.05.2024 16:15:10
- Zuletzt bearbeitet 24.01.2025 16:21:55
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.
CVE-2024-34161
- EPSS 0.87%
- Veröffentlicht 29.05.2024 16:15:10
- Zuletzt bearbeitet 24.01.2025 16:20:57
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to...
CVE-2024-35200
- EPSS 0.92%
- Veröffentlicht 29.05.2024 16:15:10
- Zuletzt bearbeitet 24.01.2025 16:15:15
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.
CVE-2024-31079
- EPSS 0.87%
- Veröffentlicht 29.05.2024 16:15:09
- Zuletzt bearbeitet 24.01.2025 16:01:04
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the...