* Critical CVE-2024-4058: Type Confusion in ANGLE
* High CVE-2024-4059: Out of bounds read in V8 API
* High CVE-2024-4060: Use after free in Dawn
update to 124.0.6367.60
High CVE-2024-3832: Object corruption in V8
High CVE-2024-3833: Object corruption in WebAssembly
High CVE-2024-3914: Use after free in V8
High CVE-2024-3834: Use after free in Downloads
Medium CVE-2024-3837: Use after free in QUIC
Medium CVE-2024-3838: Inappropriate implementation in Autofill
Medium CVE-2024-3839: Out of bounds read in Fonts
Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation
Medium CVE-2024-3841: Insufficient data validation in Browser Switcher
Medium CVE-2024-3843: Insufficient data validation in Downloads
Low CVE-2024-3844: Inappropriate implementation in Extensions
Low CVE-2024-3845: Inappropriate implementation in Network
Low CVE-2024-3846: Inappropriate implementation in Prompts
Low CVE-2024-3847: Insufficient policy enforcement in WebUI
update to 123.0.6312.122
High CVE-2024-3157: Out of bounds write in Compositing
High CVE-2024-3516: Heap buffer overflow in ANGLE
High CVE-2024-3515: Use after free in Dawn
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Telerik Report Server. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-1800.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Telerik Reporting. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-1856.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Telerik Reporting. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1801.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft uAMQP for Python. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8.
This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-29991.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Wazuh. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50260.