Security News > 2024 > May > Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability
2024-05-16 03:01
Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris
News URL
https://thehackernews.com/2024/05/google-patches-yet-another-actively.html
Related news
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Zero-Day Vulnerability in Ivanti VPN (source)
- Google OAuth Vulnerability Exposes Millions via Failed Startup Domains (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Google to kill Chrome Sync on older Chrome browser versions (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-15 | CVE-2024-4947 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 9.6 |