Vulnerabilities > Fedoraproject > Fedora > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-18 | CVE-2024-38276 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Incorrect CSRF token checks resulted in multiple CSRF risks. | 8.8 |
2024-06-11 | CVE-2024-5830 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5831 | Use After Free vulnerability in multiple products Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5832 | Use After Free vulnerability in multiple products Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5833 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5834 | Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5835 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5836 | Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. | 8.8 |
2024-06-11 | CVE-2024-5837 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2024-06-11 | CVE-2024-5838 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | 8.8 |