CVE-2024-3176

CVE-2024-3176

Título es
CVE-2024-3176

Mar, 16/07/2024 – 23:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-3176

Descripción en
Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

17/07/2024
17/07/2024
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

  • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html

  • https://issues.chromium.org/issues/40061476

    • Enviar en el boletín
    Off

    CVE-2024-3175

    CVE-2024-3175

    Título es
    CVE-2024-3175

    Mar, 16/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-3175

    Descripción en
    Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalation via a crafted Chrome Extension. (Chromium security severity: Low)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/40069571

    • Enviar en el boletín
    Off

    CVE-2024-3174

    CVE-2024-3174

    Título es
    CVE-2024-3174

    Mar, 16/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-3174

    Descripción en
    Inappropriate implementation in V8 in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html

  • https://issues.chromium.org/issues/40073339

    • Enviar en el boletín
    Off

    CVE-2024-3173

    CVE-2024-3173

    Título es
    CVE-2024-3173

    Mar, 16/07/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-3173

    Descripción en
    Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/40075849

    • Enviar en el boletín
    Off

    CVE-2024-6336

    CVE-2024-6336

    Título es
    CVE-2024-6336

    Mar, 16/07/2024 – 22:15

    Tipo
    CWE-200

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-6336

    Descripción en
    A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a dependent repository from private to public. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15

  • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12

  • https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6

  • https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1

  • https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17

    • Enviar en el boletín
    Off

    CVE-2024-6774

    CVE-2024-6774

    Título es
    CVE-2024-6774

    Mar, 16/07/2024 – 22:15

    Tipo
    CWE-416

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-6774

    Descripción en
    Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/346898524

    • Enviar en el boletín
    Off

    CVE-2024-6773

    CVE-2024-6773

    Título es
    CVE-2024-6773

    Mar, 16/07/2024 – 22:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-6773

    Descripción en
    Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/347724915

    • Enviar en el boletín
    Off

    CVE-2024-6772

    CVE-2024-6772

    Título es
    CVE-2024-6772

    Mar, 16/07/2024 – 22:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-6772

    Descripción en
    Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/346597059

    • Enviar en el boletín
    Off

    CVE-2024-6395

    CVE-2024-6395

    Título es
    CVE-2024-6395

    Mar, 16/07/2024 – 22:15

    Tipo
    CWE-200

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-6395

    Descripción en
    An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12

  • https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6

  • https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1

  • https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17

  • https://help.github.com/enterprise-server@3.10/admin/release-notes#3.10.15

    • Enviar en el boletín
    Off

    CVE-2024-6779

    CVE-2024-6779

    Título es
    CVE-2024-6779

    Mar, 16/07/2024 – 22:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-6779

    Descripción en
    Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

    17/07/2024
    17/07/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/351327767

    • Enviar en el boletín
    Off