Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-03-20 CVE-2024-2626 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
6.5
6.5
2024-03-20 CVE-2024-2627 Use After Free vulnerability in multiple products
Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-03-20 CVE-2024-2628 Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL.
network
low complexity
google fedoraproject
4.3
4.3
2024-03-20 CVE-2024-2629 Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3
2024-03-20 CVE-2024-2630 Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject
6.5
6.5
2024-03-20 CVE-2024-2631 Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3
2024-03-19 CVE-2023-50811 Unspecified vulnerability in Seling Visual Access Manager 4.38.6
An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a specific reception by POST HTTP request interception.
network
low complexity
seling
6.5
6.5
2024-03-18 CVE-2024-20754 Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user.
local
high complexity
CWE-426
7.5
7.5
2024-03-18 CVE-2024-20760 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
CWE-79
5.4
5.4
2024-03-18 CVE-2024-20761 Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
CWE-787
7.8
7.8