Beschreibung
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Parcel Tracking can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Web Authentication can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in Downloads can be exploited to bypass security restrictions.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in DevTools can be exploited to cause denial of service or execute arbitrary code.
- A remote code execution vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to execute arbitrary code.
- Inappropriate implementation vulnerability in Web Authentication can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in PictureInPicture can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Navigations can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Payments can be exploited to cause denial of service.
- Use after free vulnerability in AI can be exploited to cause denial of service or execute arbitrary code.
- Insufficient data validation vulnerability in DevTools can be exploited to bypass security restrictions.
- Inappropriate implementation vulnerability in Permissions can be exploited to cause denial of service.
- Use after free vulnerability in UI can be exploited to cause denial of service or execute arbitrary code.
Ursprüngliche Informationshinweise
- CVE-2024-9955
- CVE-2024-9963
- CVE-2024-43577
- CVE-2024-43580
- CVE-2024-9960
- CVE-2024-9959
- CVE-2024-43578
- CVE-2024-43587
- CVE-2024-9956
- CVE-2024-9958
- CVE-2024-43596
- CVE-2024-9966
- CVE-2024-9964
- CVE-2024-9954
- CVE-2024-9965
- CVE-2024-43566
- CVE-2024-49023
- CVE-2024-43579
- CVE-2024-9962
- CVE-2024-43595
- CVE-2024-9957
Ausnutzung
Public exploits exist for this vulnerability.
Betroffene Produkte
CVE Liste
- CVE-2024-9956 critical
- CVE-2024-9959 critical
- CVE-2024-9954 critical
- CVE-2024-9955 critical
- CVE-2024-9958 warning
- CVE-2024-9962 warning
- CVE-2024-9966 high
- CVE-2024-9965 critical
- CVE-2024-9957 critical
- CVE-2024-9964 warning
- CVE-2024-9961 critical
- CVE-2024-9963 warning
- CVE-2024-9960 critical
- CVE-2024-43577 warning
- CVE-2024-43580 high
- CVE-2024-43578 critical
- CVE-2024-43587 critical
- CVE-2024-43596 critical
- CVE-2024-43566 critical
- CVE-2024-49023 high
- CVE-2024-43579 critical
- CVE-2024-43595 critical
KB Liste
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!