Type Confusion in WebAssembly in Google Chrome before 123.0.6312.86 allowed a remote malicious user to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Google fixes eighth actively exploited Chrome zero-day this year By Bill Toulas May 24, 2024 05:30 AM 0 Google has released a new emergency security update to address the eighth zero-day vulnerability in Chrome browser confirmed to be actively exploited in the wild. The security issue was discovered internally by Google's Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity 'type confusion' in V8, Chrome's JavaScript engine responsible for executing JS code. "Google is a...
Google patches third exploited Chrome zero-day in a week By Sergiu Gatlan May 15, 2024 06:36 PM 0 Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the search giant said in a security advisory published on Wednesday. The company fixed the zero-day flaw with the release of 125.0.6422.60/.61 for Mac/Windows and 125.0.6422.60 (Linux). Th...
Google fixes third actively exploited Chrome zero-day in a week By Sergiu Gatlan May 15, 2024 06:36 PM 2 Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the search giant said in a security advisory published on Wednesday. The high-severity zero-day vulnerability (CVE-2024-4947) is caused by a type confusion weakness in the Chrome V8...
Google Chrome emergency update fixes 6th zero-day exploited in 2024 By Bill Toulas May 14, 2024 04:10 AM 0 Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. This fix comes only three days after Google addressed another zero-day vulnerability in Chrome, CVE-2024-4671, caused by a use-after-free weakness in the Visuals component. The latest bug is tracked as CVE-2024-4761. It is an out-of-bounds w...
Google fixes fifth Chrome zero-day exploited in attacks this year By Bill Toulas May 10, 2024 04:08 AM 0 Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year. The high-severity issue tracked as CVE-2024-4671 is a “user after free” vulnerability in the Visuals component that handles the rendering and display of content on the browser. CVE-2024-4671 was discovered and reported to Google by an a...
Google fixes one more Chrome zero-day exploited at Pwn2Own By Sergiu Gatlan April 3, 2024 12:39 PM 0 Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. Tracked as CVE-2024-3159, this high-severity security flaw is caused by an out-of-bounds read weakness in the Chrome V8 JavaScript engine. Remote attackers can exploit the vulnerability using crafted HTML pages to gain access to data bey...
Google fixes Chrome zero-days exploited at Pwn2Own 2024 By Sergiu Gatlan March 27, 2024 02:44 PM 0 Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver 2024 hacking competition. The first (tracked as CVE-2024-2887) is a high-severity type confusion weakness in the WebAssembly (Wasm) open standard. Manfred Paul demoed this vulnerability on the first day of Pwn2Own as part of a double-tap remote code execut...
Vulmon