Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-24 CVE-2024-6290 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-24 CVE-2024-6291 Use After Free vulnerability in multiple products
Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-24 CVE-2024-6292 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-24 CVE-2024-6293 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-18 CVE-2024-38276 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Incorrect CSRF token checks resulted in multiple CSRF risks.
network
low complexity
fedoraproject moodle CWE-352
8.8
8.8
2024-06-11 CVE-2024-5830 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2024-06-11 CVE-2024-5831 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-11 CVE-2024-5832 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-06-11 CVE-2024-5833 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8
8.8
2024-06-11 CVE-2024-5834 Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google fedoraproject
8.8
8.8