This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-35303.
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2024-5947.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-5948.
This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2024-5949.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-5950.
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-5951.
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2024-5952.
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-5924.
This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3.
chromium-126.0.6478.55-1.fc39
update to 126.0.6478.55
High CVE-2024-5830: Type Confusion in V8
High CVE-2024-5831: Use after free in Dawn
High CVE-2024-5832: Use after free in Dawn
High CVE-2024-5833: Type Confusion in V8
High CVE-2024-5834: Inappropriate implementation in Dawn
High CVE-2024-5835: Heap buffer overflow in Tab Groups
High CVE-2024-5836: Inappropriate Implementation in DevTools
High CVE-2024-5837: Type Confusion in V8
High CVE-2024-5838: Type Confusion in V8
Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
Medium CVE-2024-5840: Policy Bypass in CORS
Medium CVE-2024-5841: Use after free in V8
Medium CVE-2024-5842: Use after free in Browser UI
Medium CVE-2024-5843: Inappropriate implementation in Downloads
Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
Medium CVE-2024-5845: Use after free in Audio
Medium CVE-2024-5846: Use after free in PDFium
Medium CVE-2024-5847: Use after free in PDFium
