Out of bounds write in V8 in Google Chrome before 124.0.6367.207 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
Google fixes eighth actively exploited Chrome zero-day this year By Bill Toulas May 24, 2024 05:30 AM 0 Google has released a new emergency security update to address the eighth zero-day vulnerability in Chrome browser confirmed to be actively exploited in the wild. The security issue was discovered internally by Google's Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity 'type confusion' in V8, Chrome's JavaScript engine responsible for executing JS code. "Google is a...
CISA warns of hackers exploiting Chrome, EoL D-Link bugs By Bill Toulas May 19, 2024 10:17 AM 0 The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. Adding the issues to the KEV catalog serves as a warning to federal agencies and companies that threat actors are leveraging them in attacks and security updates or miti...
Google patches third exploited Chrome zero-day in a week By Sergiu Gatlan May 15, 2024 06:36 PM 0 Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the search giant said in a security advisory published on Wednesday. The company fixed the zero-day flaw with the release of 125.0.6422.60/.61 for Mac/Windows and 125.0.6422.60 (Linux). Th...
Google fixes third actively exploited Chrome zero-day in a week By Sergiu Gatlan May 15, 2024 06:36 PM 2 Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the search giant said in a security advisory published on Wednesday. The high-severity zero-day vulnerability (CVE-2024-4947) is caused by a type confusion weakness in the Chrome V8...
Google Chrome emergency update fixes 6th zero-day exploited in 2024 By Bill Toulas May 14, 2024 04:10 AM 0 Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. This fix comes only three days after Google addressed another zero-day vulnerability in Chrome, CVE-2024-4671, caused by a use-after-free weakness in the Visuals component. The latest bug is tracked as CVE-2024-4761. It is an out-of-bounds w...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Plus: Google Chrome, Apple bugs also exploited in the wild
Happy May Patch Tuesday. We've got a lot of vendors joining this month's patchapalooza, which includes a handful of bugs that have been exploited — either in the wild or at Pwn2Own — and now fixed by Microsoft, Apple, Google and VMware. Starting with Microsoft: Redmond disclosed and fixed 60 Windows CVEs today including two listed as publicly known and exploited prior to the patch being issued. The first one is an elevation of privilege bug in Windows DWM core library, tracked as CVE-2024-30...