there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-02-07
Updated
2024-03-12
In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150.
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-02-05
Updated
2024-02-09
In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369.
Max CVSS
7.5
EPSS Score
0.09%
Published
2024-02-05
Updated
2024-02-09
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-07
Updated
2024-02-14
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-07
Updated
2024-02-14
Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.08%
Published
2024-01-30
Updated
2024-02-05
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.08%
Published
2024-01-30
Updated
2024-02-05
Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.08%
Published
2024-01-30
Updated
2024-02-05
Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
Max CVSS
8.8
EPSS Score
0.06%
Published
2024-01-24
Updated
2024-01-29
Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.08%
Published
2024-01-24
Updated
2024-01-29
Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
Max CVSS
8.8
EPSS Score
0.08%
Published
2024-01-24
Updated
2024-01-29

CVE-2024-0519

Known exploited
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.18%
Published
2024-01-16
Updated
2024-01-22
CISA KEV Added
2024-01-17
Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.08%
Published
2024-01-16
Updated
2024-01-22
Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.11%
Published
2024-01-04
Updated
2024-01-31
Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.11%
Published
2024-01-04
Updated
2024-01-31
Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.16%
Published
2024-01-04
Updated
2024-01-31
Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
8.8
EPSS Score
0.13%
Published
2024-01-04
Updated
2024-01-31
In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-03-12
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-12-08
Updated
2024-03-12
In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-03-12
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-12-04
Updated
2024-02-02
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-12-04
Updated
2024-02-02
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-12-04
Updated
2024-02-02
In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-08
Updated
2023-10-11
In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-11
Updated
2023-10-18
2177 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!