CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-56372 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tun_napi_alloc_frags() syzbot reported the following crash [1] Issue came with the blamed commit. Instead of going… | |||
| CVE-2024-55642 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: Prevent potential deadlocks in zone write plug error recovery Zone write plugging for handling writes to zones of a zoned … | |||
| CVE-2024-56533 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-lon… | |||
| CVE-2024-56541 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() During ath12k module removal, in ath12k_core_deinit(), ath12k_mac_dest… | |||
| CVE-2024-56575 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend async… | |||
| CVE-2024-56582 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happen… | |||
| CVE-2024-56589 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Add cond_resched() for no forced preemption model For no forced preemption model kernel, in the scenario where th… | |||
| CVE-2024-56607 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() When I try to manually set bitrates: iw wlan0 set bitrates le… | |||
| CVE-2024-56636 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: geneve: do not assume mac header is set in geneve_xmit_skb() We should not assume mac header is set in output path. Use skb_eth_… | |||
| CVE-2024-56673 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Do not call pmd dtor on vmemmap page table teardown The vmemmap's, which is used for RV64 with SPARSEMEM_VMEMMAP, page… | |||
| CVE-2024-26832 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cac… | |||
| CVE-2024-26836 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be … | |||
| CVE-2024-26844 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in th… | |||
| CVE-2024-26841 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpu_sibling_map when disabling nonboot CPUs Update cpu_sibling_map when disabling nonboot CPUs by defining & ca… | |||
| CVE-2024-26845 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmr_list handling An abort that is responded to by iSCSI itself is added to tmr_list but does not … | |||
| CVE-2024-26849 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] … | |||
| CVE-2024-26847 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: use correct function name for resetting TCE tables The PAPR spec spells the function name as "ibm,reset-pe-dma-w… | |||
| CVE-2024-26865 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN… | |||
| CVE-2024-26869 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gc_data_s… | |||
| CVE-2024-26909 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent … | |||
| CVE-2024-26887 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix memory leak This checks if CONFIG_DEV_COREDUMP is enabled before attempting to clone the skb and also make … | |||
| CVE-2024-48938 | unknown | — | — | — | Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and… | |||
| CVE-2024-26926 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("binder: avoid potential data leakage when copying txn… | |||
| CVE-2024-26910 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destr… | |||
| CVE-2024-26916 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: flush any delayed gfxoff on suspend entry" commit ab4750332dbe ("drm/amdgpu/sdma5.2: add begin/end_use ring call… | |||
| CVE-2024-26941 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau Fix a regression when using nouveau and unplugging a StarTech… | |||
| CVE-2024-26942 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031_probe On reworking and splitting the at803x driver, in splitting function of… | |||
| CVE-2024-26945 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix nr_cpus < nr_iaa case If nr_cpus < nr_iaa, the calculated cpus_per_iaa will be 0, which causes a divide-by-0 in… | |||
| CVE-2024-26956 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix failure to detect DAT corruption in btree and direct mappings Patch series "nilfs2: fix kernel bug at submit_bh_wbc()… | |||
| CVE-2024-26967 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated wit… | |||
| CVE-2024-27002 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probin… | |||
| CVE-2024-26980 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf If ->ProtocolId is SMB2_TRANSFORM_PROTO_NUM, smb2 request size validation … | |||
| CVE-2024-26985 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init Add a unreference bo in the error path, to prevent leaking a bo ref. Return … | |||
| CVE-2024-26994 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters… | |||
| CVE-2024-26997 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow. | |||
| CVE-2024-27005 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_l… | |||
| CVE-2024-27007 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE Commit d7a08838ab74 ("mm: userfaultfd: fix unexpected c… | |||
| CVE-2024-27026 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_up… | |||
| CVE-2024-27040 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()' In the first if statement, we're checking if 'replay'… | |||
| CVE-2024-27041 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini() Since 'adev->dm.dc' in amdgpu_dm_fini() might turn out to be… | |||
| CVE-2024-27045 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' Tell snprintf() to store at most 10 bytes in the out… | |||
| CVE-2024-27050 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTS_SET() macro in bpf_xdp_query() When the feature_flags and xdp_zc_max_segs fields were added to the libbpf bpf_xd… | |||
| CVE-2024-27060 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix NULL pointer dereference in tb_port_update_credits() Olliver reported that his system crashes when plugging in T… | |||
| CVE-2024-27069 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARN_ON in ovl_verify_area() syzbot hit an assertion in copy up data loop which looks like it is the result of a lower… | |||
| CVE-2024-27067 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called… | |||
| CVE-2024-27071 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fix potential NULL pointer dereference The "im" pins are optional. Add missing check in the hx8357_probe(). | |||
| CVE-2024-27080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for t… | |||
| CVE-2024-27075 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a KASAN issue in stv0367, now a sim… | |||
| CVE-2024-27406 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nom… | |||
| CVE-2024-27400 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always m… | |||
| CVE-2024-27432 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mt… | |||
| CVE-2024-34777 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: fix node id validation While validating node ids in map_benchmark_ioctl(), node_possible() may be provide… | |||
| CVE-2024-34030 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI: of_property: Return error for int_map allocation failure Return -ENOMEM from of_pci_prop_intr_map() if kcalloc() fails to pr… | |||
| CVE-2024-35784 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock with fiemap and extent locking While working on the patchset to remove extent locking I got a lockdep splat w… | |||
| CVE-2024-35785 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix kernel panic caused by incorrect error handling The error path while failing to register devices on the TEE bus h… | |||
| CVE-2024-35793 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: debugfs: fix wait/cancellation handling during remove Ben Greear further reports deadlocks during concurrent debugfs remove while… | |||
| CVE-2024-41130 | unknown | — | — | — | llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp contains a null pointer dereference in gguf_init_from_file. This vulnerability is fixed in b3427. | |||
| CVE-2024-35834 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xsk_buff_free() call when __xsk_rcv_zc() failed to produce descriptor t… | |||
| CVE-2024-21825 | unknown | — | — | — | A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to co… | |||
| CVE-2024-21836 | unknown | — | — | — | A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacke… | |||
| CVE-2024-32878 | unknown | — | — | — | Llama.cpp is LLM inference in C/C++. There is a use of uninitialized heap variable vulnerability in gguf_init_from_file, the code will free this uninitialized variable later. In a simple POC, it will… | |||
| CVE-2024-35846 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix shrinker NULL crash with cgroup_disable=memory Christian reports a NULL deref in zswap that he bisected down to th… | |||
| CVE-2024-35851 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev suspend Qualcomm ROME controllers can be registered from the Bluetooth line discipli… | |||
| CVE-2024-35860 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpf_link dealloc to after RCU grace period BPF link for some program types is passed as a "context" which … | |||
| CVE-2024-35868 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avo… | |||
| CVE-2024-35882 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP Jan Schunk reports that his small NFS servers suffer from memory exh… | |||
| CVE-2024-35883 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe In function pci1xxxx_spi_probe, there is a potent… | |||
| CVE-2024-35903 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for… | |||
| CVE-2024-35914 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no c… | |||
| CVE-2024-35920 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL point… | |||
| CVE-2024-35921 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regar… | |||
| CVE-2024-35929 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock() For the kernels built with CONFIG_RCU_NOCB_CPU_DEFAULT_ALL=y and CONFI… | |||
| CVE-2024-35943 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init devm_kasprintf() returns a pointer to dynamically allocated me… | |||
| CVE-2024-29645 | unknown | — | — | — | Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function. | |||
| CVE-2024-0222 | unknown | — | — | — | Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Ch… | |||
| CVE-2024-0223 | unknown | — | — | — | Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-0333 | unknown | — | — | — | Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chr… | |||
| CVE-2024-0805 | unknown | — | — | — | Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) | |||
| CVE-2024-0807 | unknown | — | — | — | Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-0518 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-1059 | unknown | — | — | — | Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-0804 | unknown | — | — | — | Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Me… | |||
| CVE-2024-0808 | unknown | — | — | — | Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) | |||
| CVE-2024-0809 | unknown | — | — | — | Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2024-10230 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-0810 | unknown | — | — | — | Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted C… | |||
| CVE-2024-0811 | unknown | — | — | — | Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafte… | |||
| CVE-2024-0812 | unknown | — | — | — | Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security se… | |||
| CVE-2024-0814 | unknown | — | — | — | Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2024-11110 | unknown | — | — | — | Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) | |||
| CVE-2024-11113 | unknown | — | — | — | Use after free in Accessibility in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML pa… | |||
| CVE-2024-10229 | unknown | — | — | — | Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) | |||
| CVE-2024-10231 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-10487 | unknown | — | — | — | Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) | |||
| CVE-2024-10826 | unknown | — | — | — | Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security s… | |||
| CVE-2024-10488 | unknown | — | — | — | Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-1060 | unknown | — | — | — | Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-2630 | unknown | — | — | — | Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2024-10827 | unknown | — | — | — | Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-1077 | unknown | — | — | — | Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) |