CVE-2024-4777 |
Description: Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
EPSS Score: 0.09%
February 14th, 2025 (5 months ago)
|
CVE-2024-4770 |
Description: When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-4769 |
Description: When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-4768 |
Description: A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-4767 |
Description: If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-4761 |
Description: Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.3%
February 14th, 2025 (5 months ago)
|
CVE-2024-46910 |
Description: An authenticated user can perform XSS and potentially impersonate another user.
This issue affects Apache Atlas versions 2.3.0 and earlier.
Users are recommended to upgrade to version 2.4.0, which fixes the issue.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-4671 |
Description: Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.23%
February 14th, 2025 (5 months ago)
|
CVE-2024-4559 |
Description: Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-4558 |
Description: Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
EPSS Score: 0.07%
February 14th, 2025 (5 months ago)
|