Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2024-05-22 CVE-2024-5157 Use After Free vulnerability in multiple products
Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-05-22 CVE-2024-5158 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.1
8.1
2024-05-22 CVE-2024-5159 Out-of-bounds Read vulnerability in multiple products
Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
8.8
8.8
2024-05-22 CVE-2024-5160 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-05-15 CVE-2024-4947 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
critical
 9.6
9.6
2024-05-15 CVE-2024-4948 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
6.5
6.5
2024-05-15 CVE-2024-4949 Use After Free vulnerability in multiple products
Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
6.5
6.5
2024-05-15 CVE-2024-4950 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject CWE-1021
6.5
6.5
2024-05-14 CVE-2024-4761 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google fedoraproject CWE-787
8.8
8.8
2024-05-14 CVE-2024-4854 Infinite Loop vulnerability in multiple products
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
network
low complexity
fedoraproject wireshark CWE-835
7.5
7.5