This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-37004.
chromium-126.0.6478.55-1.fc39
update to 126.0.6478.55
High CVE-2024-5830: Type Confusion in V8
High CVE-2024-5831: Use after free in Dawn
High CVE-2024-5832: Use after free in Dawn
High CVE-2024-5833: Type Confusion in V8
High CVE-2024-5834: Inappropriate implementation in Dawn
High CVE-2024-5835: Heap buffer overflow in Tab Groups
High CVE-2024-5836: Inappropriate Implementation in DevTools
High CVE-2024-5837: Type Confusion in V8
High CVE-2024-5838: Type Confusion in V8
Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
Medium CVE-2024-5840: Policy Bypass in CORS
Medium CVE-2024-5841: Use after free in V8
Medium CVE-2024-5842: Use after free in Browser UI
Medium CVE-2024-5843: Inappropriate implementation in Downloads
Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
Medium CVE-2024-5845: Use after free in Audio
Medium CVE-2024-5846: Use after free in PDFium
Medium CVE-2024-5847: Use after free in PDFium
chromium-126.0.6478.55-1.fc40
update to 126.0.6478.55
High CVE-2024-5830: Type Confusion in V8
High CVE-2024-5831: Use after free in Dawn
High CVE-2024-5832: Use after free in Dawn
High CVE-2024-5833: Type Confusion in V8
High CVE-2024-5834: Inappropriate implementation in Dawn
High CVE-2024-5835: Heap buffer overflow in Tab Groups
High CVE-2024-5836: Inappropriate Implementation in DevTools
High CVE-2024-5837: Type Confusion in V8
High CVE-2024-5838: Type Confusion in V8
Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
Medium CVE-2024-5840: Policy Bypass in CORS
Medium CVE-2024-5841: Use after free in V8
Medium CVE-2024-5842: Use after free in Browser UI
Medium CVE-2024-5843: Inappropriate implementation in Downloads
Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
Medium CVE-2024-5845: Use after free in Audio
Medium CVE-2024-5846: Use after free in PDFium
Medium CVE-2024-5847: Use after free in PDFium
chromium-126.0.6478.55-1.el9
update to 126.0.6478.55
* High CVE-2024-5830: Type Confusion in V8
* High CVE-2024-5831: Use after free in Dawn
* High CVE-2024-5832: Use after free in Dawn
* High CVE-2024-5833: Type Confusion in V8
* High CVE-2024-5834: Inappropriate implementation in Dawn
* High CVE-2024-5835: Heap buffer overflow in Tab Groups
* High CVE-2024-5836: Inappropriate Implementation in DevTools
* High CVE-2024-5837: Type Confusion in V8
* High CVE-2024-5838: Type Confusion in V8
* Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
* Medium CVE-2024-5840: Policy Bypass in CORS
* Medium CVE-2024-5841: Use after free in V8
* Medium CVE-2024-5842: Use after free in Browser UI
* Medium CVE-2024-5843: Inappropriate implementation in Downloads
* Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
* Medium CVE-2024-5845: Use after free in Audio
* Medium CVE-2024-5846: Use after free in PDFium
* Medium CVE-2024-5847: Use after free in PDFium
chromium-126.0.6478.55-1.el7
update to 126.0.6478.55
* High CVE-2024-5830: Type Confusion in V8
* High CVE-2024-5831: Use after free in Dawn
* High CVE-2024-5832: Use after free in Dawn
* High CVE-2024-5833: Type Confusion in V8
* High CVE-2024-5834: Inappropriate implementation in Dawn
* High CVE-2024-5835: Heap buffer overflow in Tab Groups
* High CVE-2024-5836: Inappropriate Implementation in DevTools
* High CVE-2024-5837: Type Confusion in V8
* High CVE-2024-5838: Type Confusion in V8
* Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
* Medium CVE-2024-5840: Policy Bypass in CORS
* Medium CVE-2024-5841: Use after free in V8
* Medium CVE-2024-5842: Use after free in Browser UI
* Medium CVE-2024-5843: Inappropriate implementation in Downloads
* Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
* Medium CVE-2024-5845: Use after free in Audio
* Medium CVE-2024-5846: Use after free in PDFium
* Medium CVE-2024-5847: Use after free in PDFium
chromium-126.0.6478.55-1.el8
update to 126.0.6478.55
* High CVE-2024-5830: Type Confusion in V8
* High CVE-2024-5831: Use after free in Dawn
* High CVE-2024-5832: Use after free in Dawn
* High CVE-2024-5833: Type Confusion in V8
* High CVE-2024-5834: Inappropriate implementation in Dawn
* High CVE-2024-5835: Heap buffer overflow in Tab Groups
* High CVE-2024-5836: Inappropriate Implementation in DevTools
* High CVE-2024-5837: Type Confusion in V8
* High CVE-2024-5838: Type Confusion in V8
* Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
* Medium CVE-2024-5840: Policy Bypass in CORS
* Medium CVE-2024-5841: Use after free in V8
* Medium CVE-2024-5842: Use after free in Browser UI
* Medium CVE-2024-5843: Inappropriate implementation in Downloads
* Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
* Medium CVE-2024-5845: Use after free in Audio
* Medium CVE-2024-5846: Use after free in PDFium
* Medium CVE-2024-5847: Use after free in PDFium
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2023-52335.
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-30082.
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-30082.
