CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-3840	Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation... Description: Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) EPSS Score: 0.1% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-3839	Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from... Description: Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) EPSS Score: 0.09% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-3838	Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious... Description: Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium) EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-3837	Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially... Description: Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) EPSS Score: 0.1% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-3834	Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted... Description: Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) EPSS Score: 0.1% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-3833	Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a... Description: Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) EPSS Score: 0.12% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-3832	Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted... Description: Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) EPSS Score: 0.07% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-38276	moodle: CSRF risks due to misuse of confirm_sesskey Description: Incorrect CSRF token checks resulted in multiple CSRF risks. EPSS Score: 0.06% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-38274	moodle: stored XSS via calendar's event title when deleting the event Description: Insufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-38273	moodle: BigBlueButton web service leaks meeting joining information to users who should not have access Description: Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access. EPSS Score: 0.05% Source: CVE February 14th, 2025 (5 months ago)